Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/jYTcZtH_I0ybhPPVo0MUc84GYYo.roa
File:                     jYTcZtH_I0ybhPPVo0MUc84GYYo.roa (raw, json)
Hash identifier:          STI/6inVQ3Aad5mlj8mfJ9VSRNH0JzlCjX1QJfp6tr8=
Subject key identifier:   8D:84:DC:66:D1:FF:23:4C:9B:84:F3:D5:A3:43:14:73:CE:06:61:8A
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01888FEF6A2565B718B46AE53213DF1DE309
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/jYTcZtH_I0ybhPPVo0MUc84GYYo.roa
Signing time:             Tue 06 Jun 2023 09:00:12 +0000
ROA not before:           Tue 06 Jun 2023 09:00:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198351
IP address blocks:        5.253.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 08:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8f:ef:6a:25:65:b7:18:b4:6a:e5:32:13:df:1d:e3:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jun  6 09:00:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d84dc66d1ff234c9b84f3d5a3431473ce06618a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:59:f1:da:13:0b:09:fa:fe:97:28:9a:f4:fd:
                    51:f0:ca:ef:04:cc:43:d4:d7:85:3c:33:33:93:f5:
                    f0:ed:f3:b1:5a:86:f5:5d:1a:53:5d:c4:b5:b3:94:
                    03:28:2c:f8:d8:37:e8:f7:a3:d7:c8:4f:64:0a:2c:
                    25:5b:0d:3f:17:73:9c:4c:f4:43:f5:43:d0:da:39:
                    5e:80:1d:7b:0f:97:80:99:fc:c0:da:e8:54:8e:af:
                    27:84:20:98:b5:dc:30:0a:73:b0:26:b8:e7:e8:3a:
                    e5:a6:e3:25:2b:32:33:f2:3b:91:8b:10:1c:17:24:
                    59:29:55:67:68:05:6f:fc:b0:b0:25:95:7b:f7:f1:
                    8b:a9:e7:ca:b5:dc:80:b6:d8:a2:97:18:e0:96:de:
                    68:8d:4d:15:2e:23:55:46:91:3a:82:71:8c:d5:22:
                    6d:be:55:21:3d:d1:cd:76:cb:99:2d:12:df:1e:cb:
                    ec:b4:60:b1:d2:07:7e:ab:4b:70:1f:e0:43:dd:f2:
                    f1:72:55:69:3d:31:2b:0e:9f:c6:4c:d7:67:d3:c7:
                    c8:92:4a:9b:30:1f:63:26:47:38:2e:4d:0f:03:d7:
                    5e:f6:a1:9e:fc:63:73:51:b8:9f:c0:e5:ff:6d:fe:
                    8f:66:a2:36:8f:5a:b2:73:c6:29:7c:49:90:20:2a:
                    58:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:84:DC:66:D1:FF:23:4C:9B:84:F3:D5:A3:43:14:73:CE:06:61:8A
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/jYTcZtH_I0ybhPPVo0MUc84GYYo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:f1:f5:4d:55:db:ec:5a:a2:4e:dc:bb:09:fc:df:d2:49:bd:
         64:f5:f0:5e:62:e2:cf:54:5d:20:a5:62:c8:33:d3:b4:28:76:
         70:53:45:82:9f:a6:71:8f:bb:90:8a:66:4e:77:b2:0c:17:88:
         d8:fa:77:d6:55:5a:ec:43:2f:ce:c2:5b:ad:38:77:f2:6a:0a:
         30:dc:7e:34:f7:a8:a7:09:3f:13:13:3d:2d:bf:3b:ad:d5:c3:
         e5:48:6f:c9:c0:b9:5a:c9:98:41:96:bd:1b:14:e2:f0:0a:61:
         f2:3c:4d:09:7f:99:3b:a7:a7:11:9d:b4:e1:f4:ed:a6:97:28:
         bb:75:10:1d:23:cc:9b:dc:4d:5a:3e:0a:16:95:ae:1c:1f:ff:
         de:a6:36:89:36:6b:09:b2:b5:03:fc:6d:1b:68:18:9a:b8:80:
         d5:c1:2c:9b:64:fe:12:05:d4:83:30:9e:cd:ff:66:ec:09:1a:
         0e:ca:a3:af:e2:bd:b2:88:dd:ed:c0:4f:89:7b:c6:ed:6e:90:
         f5:69:e9:d1:85:84:01:a6:c3:75:f1:32:b6:65:03:ae:f2:55:
         89:3b:81:fb:e5:a5:bc:11:ef:35:d2:25:bb:f1:11:c7:02:a4:
         ef:aa:43:37:bc:3e:89:75:5d:cb:1a:81:b0:0b:c2:6b:5f:e8:
         b9:a8:4f:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiP72olZbcYtGrlMhPfHeMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNjA2MDkwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDg0ZGM2NmQxZmYyMzRjOWI4NGYzZDVhMzQzMTQ3M2NlMDY2MThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1nx2hMLCfr+lyia9P1R8MrvBMxD
1NeFPDMzk/Xw7fOxWob1XRpTXcS1s5QDKCz42Dfo96PXyE9kCiwlWw0/F3OcTPRD
9UPQ2jlegB17D5eAmfzA2uhUjq8nhCCYtdwwCnOwJrjn6DrlpuMlKzIz8juRixAc
FyRZKVVnaAVv/LCwJZV79/GLqefKtdyAttiilxjglt5ojU0VLiNVRpE6gnGM1SJt
vlUhPdHNdsuZLRLfHsvstGCx0gd+q0twH+BD3fLxclVpPTErDp/GTNdn08fIkkqb
MB9jJkc4Lk0PA9de9qGe/GNzUbifwOX/bf6PZqI2j1qyc8YpfEmQICpYbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2E3GbR/yNMm4Tz1aNDFHPOBmGKMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvallUY1p0SF9JMHliaFBQVm8wTVVjODRHWVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf0mMA0G
CSqGSIb3DQEBCwUAA4IBAQAu8fVNVdvsWqJO3LsJ/N/SSb1k9fBeYuLPVF0gpWLI
M9O0KHZwU0WCn6Zxj7uQimZOd7IMF4jY+nfWVVrsQy/OwlutOHfyagow3H4096in
CT8TEz0tvzut1cPlSG/JwLlayZhBlr0bFOLwCmHyPE0Jf5k7p6cRnbTh9O2mlyi7
dRAdI8yb3E1aPgoWla4cH//epjaJNmsJsrUD/G0baBiauIDVwSybZP4SBdSDMJ7N
/2bsCRoOyqOv4r2yiN3twE+Je8btbpD1aenRhYQBpsN18TK2ZQOu8lWJO4H75aW8
Ee810iW78RHHAqTvqkM3vD6JdV3LGoGwC8JrX+i5qE/e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org