Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/dLq7FZ58X5FTD6w4j7DcrENfUOY.roa
File:                     dLq7FZ58X5FTD6w4j7DcrENfUOY.roa (raw, json)
Hash identifier:          3kNGRmKv6MfUgvd/bmU2LJiitgoEZiOSwxvZi+OFZoY=
Subject key identifier:   74:BA:BB:15:9E:7C:5F:91:53:0F:AC:38:8F:B0:DC:AC:43:5F:50:E6
Certificate issuer:       /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial:       0186F27435723459CED5CC666602BCDC5AEA
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/dLq7FZ58X5FTD6w4j7DcrENfUOY.roa
Signing time:             Sat 18 Mar 2023 02:02:27 +0000
ROA not before:           Sat 18 Mar 2023 02:02:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199369
IP address blocks:        89.33.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:f2:74:35:72:34:59:ce:d5:cc:66:66:02:bc:dc:5a:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
        Validity
            Not Before: Mar 18 02:02:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=74babb159e7c5f91530fac388fb0dcac435f50e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f9:9d:f1:e4:c6:85:17:16:0f:24:fd:b6:e9:
                    10:b0:1e:3c:6c:c2:03:15:6a:d6:ef:88:7e:72:61:
                    23:4e:59:fe:9f:27:8e:b2:48:3d:fe:10:3e:b2:a1:
                    30:0f:60:c0:79:e8:b5:74:9b:97:c6:3f:01:3a:bd:
                    13:94:80:87:d5:76:4e:e3:e2:3c:0f:11:69:ca:a7:
                    01:e9:35:ee:bb:7d:ec:7f:b2:44:52:76:67:db:72:
                    5f:e6:31:ab:3f:c5:48:f3:fa:cb:21:82:68:f7:2e:
                    69:2d:a7:79:45:77:b9:23:fa:a1:84:5e:51:49:d3:
                    fe:0e:61:d3:9f:94:6d:dd:4a:59:da:15:b5:f3:73:
                    f9:24:c9:b7:64:dd:1b:60:4d:71:6c:04:78:b8:74:
                    55:04:29:e3:d9:f8:ac:d3:7d:04:95:cf:96:25:e2:
                    ad:69:34:6a:93:e8:7b:7a:35:ee:d6:00:29:f3:32:
                    9d:79:35:19:9a:cb:96:24:4b:58:2a:e6:8a:0b:c5:
                    f2:4a:d9:0d:7b:b2:46:b2:26:0f:18:26:33:9f:8c:
                    12:90:bd:57:bc:c6:da:9d:17:05:17:f2:20:3d:8e:
                    23:5a:93:bd:23:15:83:e6:b0:19:ce:73:25:32:a8:
                    19:bc:2f:38:71:74:9c:fa:7c:c7:0f:dc:70:ce:a6:
                    60:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:BA:BB:15:9E:7C:5F:91:53:0F:AC:38:8F:B0:DC:AC:43:5F:50:E6
            X509v3 Authority Key Identifier:
                keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/dLq7FZ58X5FTD6w4j7DcrENfUOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:0a:d3:c6:2a:f6:4e:4c:d1:c0:1f:82:ad:7f:40:72:f9:69:
         e2:b6:4d:79:ff:22:ec:fc:14:2d:c8:07:12:d0:35:59:7a:27:
         ca:e7:c9:2d:31:2e:5a:e3:95:94:ef:94:79:a4:72:bb:01:a3:
         fe:db:29:63:a9:de:d8:70:45:c7:39:14:a3:b2:a0:f7:38:dd:
         d9:f8:e7:ea:98:24:36:f8:e4:c3:51:f3:39:39:42:7c:1d:24:
         27:46:26:c8:75:06:23:1b:4a:81:57:6b:70:5b:d6:a1:2f:8c:
         9f:b4:8a:d1:31:2c:6c:4d:54:37:98:be:14:c7:a8:12:25:2a:
         22:b1:f3:1b:ee:3d:96:c3:2a:e5:1b:1b:82:d2:40:83:56:a9:
         8c:07:68:f2:37:cd:dd:ec:cf:49:c5:80:91:00:c4:29:da:3d:
         b0:c7:28:d8:0d:8c:82:5a:59:15:0a:de:69:90:5e:28:de:2e:
         13:e9:b8:eb:ef:39:9a:44:fe:e6:a5:62:c1:e3:e9:c9:48:06:
         94:02:f3:ff:1d:f1:e9:f7:49:e9:87:47:fd:e4:f3:90:17:cf:
         4e:a5:12:b3:02:ef:c8:2e:96:f3:d1:21:6c:0c:f1:62:cc:5e:
         f8:5f:0d:01:89:c3:93:53:e8:be:da:dd:45:de:e8:4e:31:ae:
         4f:e9:0f:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbydDVyNFnO1cxmZgK83FrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjMwMzE4MDIwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJhYmIxNTllN2M1ZjkxNTMwZmFjMzg4ZmIwZGNhYzQzNWY1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPmd8eTGhRcWDyT9tukQsB48bMID
FWrW74h+cmEjTln+nyeOskg9/hA+sqEwD2DAeei1dJuXxj8BOr0TlICH1XZO4+I8
DxFpyqcB6TXuu33sf7JEUnZn23Jf5jGrP8VI8/rLIYJo9y5pLad5RXe5I/qhhF5R
SdP+DmHTn5Rt3UpZ2hW183P5JMm3ZN0bYE1xbAR4uHRVBCnj2fis030Elc+WJeKt
aTRqk+h7ejXu1gAp8zKdeTUZmsuWJEtYKuaKC8XyStkNe7JGsiYPGCYzn4wSkL1X
vMbanRcFF/IgPY4jWpO9IxWD5rAZznMlMqgZvC84cXSc+nzHD9xwzqZgzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHS6uxWefF+RUw+sOI+w3KxDX1DmMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvZExxN0ZaNThYNUZURDZ3NGo3RGNyRU5mVU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSGnMA0G
CSqGSIb3DQEBCwUAA4IBAQAzCtPGKvZOTNHAH4Ktf0By+Wnitk15/yLs/BQtyAcS
0DVZeifK58ktMS5a45WU75R5pHK7AaP+2yljqd7YcEXHORSjsqD3ON3Z+OfqmCQ2
+OTDUfM5OUJ8HSQnRibIdQYjG0qBV2twW9ahL4yftIrRMSxsTVQ3mL4Ux6gSJSoi
sfMb7j2WwyrlGxuC0kCDVqmMB2jyN83d7M9JxYCRAMQp2j2wxyjYDYyCWlkVCt5p
kF4o3i4T6bjr7zmaRP7mpWLB4+nJSAaUAvP/HfHp90nph0f95POQF89OpRKzAu/I
Lpbz0SFsDPFizF74Xw0BicOTU+i+2t1F3uhOMa5P6Q9x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:01 2024 by rpki-client on console-ams.rpki-client.org