Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/SzhcbMkkUPMkVZ7LDtVErX5-Z1g.roa
File:                     SzhcbMkkUPMkVZ7LDtVErX5-Z1g.roa (raw, json)
Hash identifier:          A4x8o0TTnDRA9vkVx30SanV7eIRw9V/o3p/R557OERw=
Subject key identifier:   4B:38:5C:6C:C9:24:50:F3:24:55:9E:CB:0E:D5:44:AD:7E:7E:67:58
Certificate issuer:       /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial:       018570397A5CF6BC861FDD2BD9A5A967BA7A
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/SzhcbMkkUPMkVZ7LDtVErX5-Z1g.roa
Signing time:             Mon 02 Jan 2023 02:04:53 +0000
ROA not before:           Mon 02 Jan 2023 02:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        87.236.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:7a:5c:f6:bc:86:1f:dd:2b:d9:a5:a9:67:ba:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
        Validity
            Not Before: Jan  2 02:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b385c6cc92450f324559ecb0ed544ad7e7e6758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:60:ae:dc:c7:9c:15:c5:a0:ad:e8:28:e2:ec:
                    2f:b7:ee:52:7e:f9:6b:ad:3b:bd:59:87:57:1e:3a:
                    ca:a9:8c:6c:72:ea:03:ba:4c:35:aa:3d:b5:00:73:
                    9f:5e:24:74:a1:04:3f:6c:ce:7d:51:27:79:ff:8b:
                    24:c7:fa:48:07:95:6e:83:12:1f:49:5b:2d:63:3f:
                    21:14:63:29:44:1d:5e:f4:87:fe:4b:3a:2e:56:85:
                    52:d2:18:f8:55:c3:00:b1:20:f2:4a:45:0f:e6:88:
                    e6:24:4e:26:d9:ca:90:d3:39:e3:01:1a:9a:fc:04:
                    d0:e1:79:f7:17:23:bd:7a:17:0f:48:ed:9b:c0:f1:
                    74:c0:4e:e6:99:8e:95:d3:5d:9f:a4:4f:ae:4b:25:
                    ee:c9:57:7a:87:8d:08:e3:ad:7e:31:0b:75:fe:c5:
                    f0:9c:9b:52:ed:bf:75:d9:e5:d3:4c:dd:9d:53:ff:
                    7e:ba:cd:35:ef:f3:2e:39:00:a2:89:ae:95:05:92:
                    18:25:47:9d:93:88:83:7d:52:68:3b:e0:d3:f4:bb:
                    88:be:81:64:81:01:a6:2a:1e:cc:b4:93:6b:fa:a9:
                    d2:04:43:f8:c0:56:ab:49:d6:bc:62:f2:74:45:4c:
                    63:18:42:b2:cb:7d:89:0e:4f:40:5e:9c:f3:ea:d7:
                    72:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:38:5C:6C:C9:24:50:F3:24:55:9E:CB:0E:D5:44:AD:7E:7E:67:58
            X509v3 Authority Key Identifier:
                keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/SzhcbMkkUPMkVZ7LDtVErX5-Z1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:60:43:f3:3a:1f:ca:31:c9:18:9c:6a:5e:be:3d:bd:b7:58:
         69:80:b6:c7:fc:37:c3:42:b2:2f:ad:ad:ef:bb:44:03:13:6a:
         a6:d9:1b:18:4c:0a:84:43:ca:7e:ec:16:de:ba:b3:68:b9:58:
         99:b3:b4:2f:74:b1:e6:62:42:5e:56:cd:04:72:43:d9:90:71:
         88:e6:33:9e:cb:87:b2:e5:41:ae:c0:33:a2:70:10:57:9f:25:
         f2:43:d2:f6:97:ff:34:0b:1c:d4:12:91:51:85:59:27:40:51:
         db:49:69:f3:42:56:bd:db:c6:49:4a:51:ed:9b:8a:b3:ee:3a:
         e3:74:f7:fd:10:ea:d4:6a:e1:d4:bb:86:08:2f:52:28:1a:61:
         1b:a2:12:21:da:67:03:36:17:90:ab:95:2f:f8:24:2f:9d:10:
         14:21:09:07:38:6b:1f:92:59:a0:c1:6e:a4:61:5c:7e:ef:8d:
         24:c0:3b:62:d2:77:62:a8:ae:37:d1:36:6a:51:93:47:6b:b7:
         f6:3b:a9:02:13:e7:7e:3f:bc:74:71:fd:73:35:4e:59:25:62:
         80:9b:4c:90:9f:26:a4:db:be:4e:15:4e:d1:af:26:7e:49:1f:
         27:be:27:89:b8:d6:02:13:83:73:cc:65:b8:d2:0e:e2:14:96:
         ef:05:6b:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOXpc9ryGH90r2aWpZ7p6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjE5NDMwODdjZTY5NjIzZTc2YjIxNDViMzQ3OWFjMjA0
YmExYzkwHhcNMjMwMTAyMDIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM4NWM2Y2M5MjQ1MGYzMjQ1NTllY2IwZWQ1NDRhZDdlN2U2NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGCu3MecFcWgrego4uwvt+5Sfvlr
rTu9WYdXHjrKqYxscuoDukw1qj21AHOfXiR0oQQ/bM59USd5/4skx/pIB5VugxIf
SVstYz8hFGMpRB1e9If+SzouVoVS0hj4VcMAsSDySkUP5ojmJE4m2cqQ0znjARqa
/ATQ4Xn3FyO9ehcPSO2bwPF0wE7mmY6V012fpE+uSyXuyVd6h40I461+MQt1/sXw
nJtS7b912eXTTN2dU/9+us017/MuOQCiia6VBZIYJUedk4iDfVJoO+DT9LuIvoFk
gQGmKh7MtJNr+qnSBEP4wFarSda8YvJ0RUxjGEKyy32JDk9AXpzz6tdyhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEs4XGzJJFDzJFWeyw7VRK1+fmdYMB8GA1UdIwQY
MBaAFCOxlDCHzmliPnayFFs0eawgS6HJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTkt
Zjc0MmYzOTVhYWY5LzEvU3poY2JNa2tVUE1rVlo3TER0VkVyWDUtWjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTktZjc0MmYzOTVhYWY5
LzEvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+xDMA0G
CSqGSIb3DQEBCwUAA4IBAQBnYEPzOh/KMckYnGpevj29t1hpgLbH/DfDQrIvra3v
u0QDE2qm2RsYTAqEQ8p+7BbeurNouViZs7QvdLHmYkJeVs0EckPZkHGI5jOey4ey
5UGuwDOicBBXnyXyQ9L2l/80CxzUEpFRhVknQFHbSWnzQla928ZJSlHtm4qz7jrj
dPf9EOrUauHUu4YIL1IoGmEbohIh2mcDNheQq5Uv+CQvnRAUIQkHOGsfklmgwW6k
YVx+740kwDti0ndiqK430TZqUZNHa7f2O6kCE+d+P7x0cf1zNU5ZJWKAm0yQnyak
275OFU7RryZ+SR8nvieJuNYCE4NzzGW40g7iFJbvBWub
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:13 2024 by rpki-client on console-ams.rpki-client.org