Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/X9z4L3S9yK7WO_bTky3D4RJjPrc.roa
File:                     X9z4L3S9yK7WO_bTky3D4RJjPrc.roa (raw, json)
Hash identifier:          g9hrJr4v7pO/tjqdO/94tU61yt4k7/tYTfvVy6W4fDU=
Subject key identifier:   5F:DC:F8:2F:74:BD:C8:AE:D6:3B:F6:D3:93:2D:C3:E1:12:63:3E:B7
Certificate issuer:       /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial:       019388094918F791EE18A30AB0ED909ADAD5
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/X9z4L3S9yK7WO_bTky3D4RJjPrc.roa
Signing time:             Mon 02 Dec 2024 15:42:10 +0000
ROA not before:           Mon 02 Dec 2024 15:42:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62371
IP address blocks:        79.135.106.0/24 maxlen: 24
                          79.135.107.0/24 maxlen: 24
                          185.70.40.0/22 maxlen: 22
                          185.70.40.0/24 maxlen: 24
                          185.70.41.0/24 maxlen: 24
                          185.70.42.0/24 maxlen: 24
                          185.70.43.0/24 maxlen: 24
                          2a05:2700::/29 maxlen: 29
                          2a05:2700::/32 maxlen: 32
                          2a05:2701::/32 maxlen: 32
                          2a05:2701:f00::/40 maxlen: 40
                          2a05:2701:f00::/44 maxlen: 44
                          2a05:2701:f10::/44 maxlen: 44
                          2a05:2701:f40::/44 maxlen: 44
                          2a05:2701:f50::/44 maxlen: 44
                          2a05:2701:fe00::/48 maxlen: 48
                          2a05:2701:fe01::/48 maxlen: 48
                          2a05:2701:fe02::/48 maxlen: 48
                          2a05:2701:fe03::/48 maxlen: 48
                          2a05:2701:fe04::/48 maxlen: 48
                          2a05:2701:fe05::/48 maxlen: 48
Validation:               Failed, certificate revoked on Mon 02 Dec 2024 18:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:88:09:49:18:f7:91:ee:18:a3:0a:b0:ed:90:9a:da:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
        Validity
            Not Before: Dec  2 15:42:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5fdcf82f74bdc8aed63bf6d3932dc3e112633eb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:79:b9:35:30:e6:ad:5b:06:03:b0:82:16:5e:
                    5f:08:11:95:53:a7:90:cb:22:63:28:b8:1d:36:1e:
                    17:b9:57:be:44:3b:6b:05:ed:0a:6b:50:85:19:fe:
                    34:86:c0:a7:e4:6c:8a:c1:c0:4c:9c:ef:ff:d9:a7:
                    b3:3b:59:d4:ed:86:83:20:dd:e1:52:5c:60:44:6a:
                    7d:04:a0:ff:17:f0:61:28:90:73:56:b9:26:1f:0b:
                    39:9c:a7:bb:90:08:01:74:56:4c:24:aa:ee:34:89:
                    c1:04:94:15:78:7b:ee:fb:3d:26:58:46:08:a9:1f:
                    be:08:20:c8:00:69:02:5a:c3:27:86:ef:ed:5c:e1:
                    7b:2a:54:c5:1c:17:9a:b9:da:20:02:33:e4:d3:d5:
                    fc:39:01:91:50:a8:cd:f3:8a:54:6e:3d:b3:66:1b:
                    a9:b7:29:1e:8e:0a:c7:d0:a6:fb:a7:64:79:d7:97:
                    de:8b:0a:0b:98:a0:47:0d:a3:e9:35:66:f7:3c:ea:
                    9e:4a:a7:68:37:d2:a6:c5:08:ef:b4:e5:ad:7e:09:
                    3f:e7:4e:50:1f:ff:d0:c6:c2:2a:5e:a9:b1:fe:0c:
                    e6:b8:38:20:d5:a5:3c:be:08:7c:eb:1a:7f:40:87:
                    83:c0:50:3e:66:bf:5d:83:d5:c7:58:d9:29:cf:eb:
                    e6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:DC:F8:2F:74:BD:C8:AE:D6:3B:F6:D3:93:2D:C3:E1:12:63:3E:B7
            X509v3 Authority Key Identifier:
                keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/X9z4L3S9yK7WO_bTky3D4RJjPrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.135.106.0/23
                  185.70.40.0/22
                IPv6:
                  2a05:2700::/29

    Signature Algorithm: sha256WithRSAEncryption
         6a:8e:97:4b:01:d3:59:9f:e1:c3:19:c0:71:c1:7f:01:9c:a3:
         ae:df:4e:39:75:40:b8:41:f3:8e:13:0e:e4:45:dc:5d:e6:c3:
         21:be:0f:d9:d0:be:eb:92:1a:90:30:78:85:6e:18:aa:e4:e3:
         18:43:31:06:61:42:6e:bc:1b:cf:70:21:92:25:53:37:47:5f:
         fa:0f:ce:68:1f:dd:c6:c5:1f:52:94:e8:3d:4b:3d:10:7d:95:
         83:ae:e1:9d:f4:5a:ba:69:df:cc:55:63:58:e5:77:45:18:dc:
         04:35:dc:6b:41:c2:1a:2d:97:9e:1f:fc:0e:f8:44:e6:e1:bd:
         7a:5d:b8:14:72:87:d3:28:2b:ae:af:6e:0e:4a:35:bf:cd:42:
         f1:3a:ec:41:83:d7:88:47:e3:3b:67:84:2d:74:9b:74:37:2c:
         50:34:dc:76:2b:c4:25:34:c7:32:b5:55:30:e7:f9:d9:69:59:
         80:f5:3a:73:79:38:d6:a1:a7:e5:c8:a5:aa:4f:6b:73:1b:58:
         f3:cf:f8:b9:2d:fe:2d:0e:a7:9d:6f:0e:d8:ca:8c:a9:42:1e:
         d2:ef:6f:53:8c:e1:99:9f:f4:3e:a0:27:86:f7:a9:af:fa:02:
         6d:b3:0b:74:3c:e7:e0:4c:78:f1:64:21:8b:cb:9d:9e:98:01:
         8c:b7:07:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOICUkY95HuGKMKsO2QmtrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjQxMjAyMTU0MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRjZjgyZjc0YmRjOGFlZDYzYmY2ZDM5MzJkYzNlMTEyNjMzZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnm5NTDmrVsGA7CCFl5fCBGVU6eQ
yyJjKLgdNh4XuVe+RDtrBe0Ka1CFGf40hsCn5GyKwcBMnO//2aezO1nU7YaDIN3h
UlxgRGp9BKD/F/BhKJBzVrkmHws5nKe7kAgBdFZMJKruNInBBJQVeHvu+z0mWEYI
qR++CCDIAGkCWsMnhu/tXOF7KlTFHBeaudogAjPk09X8OQGRUKjN84pUbj2zZhup
tykejgrH0Kb7p2R515feiwoLmKBHDaPpNWb3POqeSqdoN9KmxQjvtOWtfgk/505Q
H//QxsIqXqmx/gzmuDgg1aU8vgh86xp/QIeDwFA+Zr9dg9XHWNkpz+vm/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF/c+C90vciu1jv205Mtw+ESYz63MB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvWDl6NEwzUzl5SzdXT19iVGt5M0Q0UkpqUHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBT4dqAwQC
uUYoMA0EAgACMAcDBQMqBScAMA0GCSqGSIb3DQEBCwUAA4IBAQBqjpdLAdNZn+HD
GcBxwX8BnKOu3045dUC4QfOOEw7kRdxd5sMhvg/Z0L7rkhqQMHiFbhiq5OMYQzEG
YUJuvBvPcCGSJVM3R1/6D85oH93GxR9SlOg9Sz0QfZWDruGd9Fq6ad/MVWNY5XdF
GNwENdxrQcIaLZeeH/wO+ETm4b16XbgUcofTKCuur24OSjW/zULxOuxBg9eIR+M7
Z4QtdJt0NyxQNNx2K8QlNMcytVUw5/nZaVmA9TpzeTjWoaflyKWqT2tzG1jzz/i5
Lf4tDqedbw7YyoypQh7S729TjOGZn/Q+oCeG96mv+gJtswt0POfgTHjxZCGLy52e
mAGMtwej
-----END CERTIFICATE-----