Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/SxX50dkoV_wzqzDy8U3Vis_RYLM.roa
File:                     SxX50dkoV_wzqzDy8U3Vis_RYLM.roa (raw, json)
Hash identifier:          nZgpc6Cn674Rq4F+Tz9zxeNrIKQF1m6oQJ3UeK6PKeQ=
Subject key identifier:   4B:15:F9:D1:D9:28:57:FC:33:AB:30:F2:F1:4D:D5:8A:CF:D1:60:B3
Certificate issuer:       /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial:       018572B4425D6F6AA08D189F81E79D6BA63D
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/SxX50dkoV_wzqzDy8U3Vis_RYLM.roa
Signing time:             Mon 02 Jan 2023 13:38:14 +0000
ROA not before:           Mon 02 Jan 2023 13:38:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13639
IP address blocks:        156.114.20.0/24 maxlen: 24
                          156.114.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:42:5d:6f:6a:a0:8d:18:9f:81:e7:9d:6b:a6:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
        Validity
            Not Before: Jan  2 13:38:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b15f9d1d92857fc33ab30f2f14dd58acfd160b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:cf:07:6a:a5:8a:ab:27:5d:b6:3a:4e:e0:6f:
                    2c:c8:97:a1:fb:6b:a1:4e:da:8d:4a:84:00:d9:2e:
                    d2:80:48:fb:b6:6a:4e:34:1e:94:c0:c5:2b:79:d8:
                    2a:aa:78:94:77:e7:8e:6a:43:17:2d:6a:18:87:12:
                    d6:da:28:f4:ff:34:79:79:32:a2:f3:28:82:4b:6f:
                    96:c4:65:60:90:d5:03:f5:1e:d6:af:c1:0d:04:7f:
                    25:2b:39:64:5e:bf:71:aa:b9:ea:f5:98:f2:72:0b:
                    c3:02:d2:ad:fe:15:52:71:17:73:07:9e:d3:06:92:
                    c0:52:1c:07:47:6b:a0:2b:e3:27:ad:bd:7f:cd:47:
                    4c:fd:c6:f1:72:d5:4b:4c:79:aa:a1:6e:84:cf:be:
                    bc:3b:ae:69:33:38:9f:19:f1:9c:53:5f:24:75:16:
                    38:67:37:16:c7:c9:a6:ea:88:ec:25:02:c0:b1:53:
                    f3:1e:85:17:13:fe:63:63:69:89:f3:95:5a:c1:c7:
                    e6:aa:50:88:bb:c1:f1:d4:23:9c:f6:60:75:04:22:
                    d9:3f:bd:3e:6e:ab:ad:24:a0:30:26:5a:66:91:38:
                    b7:9d:86:60:c4:6a:68:c5:2d:ae:76:53:0e:b5:35:
                    9f:da:70:1b:98:ac:02:60:87:1b:4d:e6:99:20:0c:
                    20:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:15:F9:D1:D9:28:57:FC:33:AB:30:F2:F1:4D:D5:8A:CF:D1:60:B3
            X509v3 Authority Key Identifier:
                keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/SxX50dkoV_wzqzDy8U3Vis_RYLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.114.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:52:a2:3b:f1:f7:83:38:54:5e:40:6e:c7:0d:d8:38:c6:11:
         95:a7:55:a3:d6:58:26:48:9b:58:2c:7a:a9:9c:e6:b1:50:1d:
         fe:a5:c7:6f:c6:41:93:44:0c:88:0a:00:d3:46:e7:b6:c7:49:
         c9:8b:40:df:83:d9:2e:86:71:76:b0:0a:ae:0c:1a:e2:32:69:
         a0:1f:29:fe:0c:67:70:a6:fc:c9:11:54:02:bf:0d:bf:c9:ca:
         34:ea:73:b9:a4:65:37:37:6d:a7:80:f5:06:0d:51:e2:95:88:
         a2:92:bc:be:c5:d9:8f:29:84:b8:4a:21:1c:92:bc:ec:79:10:
         04:1a:0f:d8:74:7a:b1:ee:ec:b9:e4:7e:76:2d:4b:ab:28:e1:
         27:37:93:be:85:3e:30:a6:99:a3:3b:05:37:38:63:1a:d3:fd:
         f9:0f:f5:99:d5:fa:36:d1:1f:35:e6:75:cf:d4:07:ef:47:a8:
         d4:df:69:29:c0:21:a7:db:33:84:92:d6:60:1e:55:26:97:43:
         67:dd:f3:75:91:13:ff:6c:62:52:a4:b5:32:80:3a:57:08:9d:
         c4:1c:2b:47:1a:3b:4e:73:33:80:16:e6:0c:73:04:f0:8a:36:
         80:63:7c:d5:72:92:f3:6a:23:ef:24:b2:c7:8b:1f:9f:6d:ae:
         72:99:cb:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytEJdb2qgjRifgeeda6Y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWNlNDFjYmMyYzMwNjI2ZWYyYTI4ZDE4MzlmMmQ2YzQ3
NTdmM2YwHhcNMjMwMTAyMTMzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE1ZjlkMWQ5Mjg1N2ZjMzNhYjMwZjJmMTRkZDU4YWNmZDE2MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM8HaqWKqyddtjpO4G8syJeh+2uh
TtqNSoQA2S7SgEj7tmpONB6UwMUredgqqniUd+eOakMXLWoYhxLW2ij0/zR5eTKi
8yiCS2+WxGVgkNUD9R7Wr8ENBH8lKzlkXr9xqrnq9ZjycgvDAtKt/hVScRdzB57T
BpLAUhwHR2ugK+Mnrb1/zUdM/cbxctVLTHmqoW6Ez768O65pMzifGfGcU18kdRY4
ZzcWx8mm6ojsJQLAsVPzHoUXE/5jY2mJ85VawcfmqlCIu8Hx1COc9mB1BCLZP70+
bqutJKAwJlpmkTi3nYZgxGpoxS2udlMOtTWf2nAbmKwCYIcbTeaZIAwgmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsV+dHZKFf8M6sw8vFN1YrP0WCzMB8GA1UdIwQY
MBaAFMrs5By8LDBibvKijRg58tbEdX8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWIt
ZDg1MWU0MGQ1N2JmLzEvU3hYNTBka29WX3d6cXpEeThVM1Zpc19SWUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWItZDg1MWU0MGQ1N2Jm
LzEveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnHIUMA0G
CSqGSIb3DQEBCwUAA4IBAQA9UqI78feDOFReQG7HDdg4xhGVp1Wj1lgmSJtYLHqp
nOaxUB3+pcdvxkGTRAyICgDTRue2x0nJi0Dfg9kuhnF2sAquDBriMmmgHyn+DGdw
pvzJEVQCvw2/yco06nO5pGU3N22ngPUGDVHilYiikry+xdmPKYS4SiEckrzseRAE
Gg/YdHqx7uy55H52LUurKOEnN5O+hT4wppmjOwU3OGMa0/35D/WZ1fo20R815nXP
1AfvR6jU32kpwCGn2zOEktZgHlUml0Nn3fN1kRP/bGJSpLUygDpXCJ3EHCtHGjtO
czOAFuYMcwTwijaAY3zVcpLzaiPvJLLHix+fba5ymcsw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:13 2024 by rpki-client on console-ams.rpki-client.org