Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/63R8dpAvHeno9Qj0to0aelJbDOs.roa
File:                     63R8dpAvHeno9Qj0to0aelJbDOs.roa (raw, json)
Hash identifier:          q1G1DJIjqVW134Ddy6K6AS3l22wrer8W8CiJXHynM+Q=
Subject key identifier:   EB:74:7C:76:90:2F:1D:E9:E8:F5:08:F4:B6:8D:1A:7A:52:5B:0C:EB
Certificate issuer:       /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial:       01859746D4C5B5C9A92B3140BC68F46E4DE5
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/63R8dpAvHeno9Qj0to0aelJbDOs.roa
Signing time:             Mon 09 Jan 2023 16:04:39 +0000
ROA not before:           Mon 09 Jan 2023 16:04:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49619
IP address blocks:        89.43.152.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Jan 2023 16:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:97:46:d4:c5:b5:c9:a9:2b:31:40:bc:68:f4:6e:4d:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
        Validity
            Not Before: Jan  9 16:04:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb747c76902f1de9e8f508f4b68d1a7a525b0ceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:28:23:26:7f:ce:7b:50:dd:cf:47:07:43:6a:
                    92:bd:60:b4:ec:3f:36:ae:32:a5:5f:54:41:80:8c:
                    14:73:1a:3e:cb:19:13:17:3f:17:d2:b7:97:e2:d0:
                    93:a2:fc:08:09:fe:42:65:c9:4b:16:4d:84:70:6e:
                    f6:68:5a:0d:6d:f9:ff:b1:87:33:b8:02:e2:64:df:
                    f6:57:72:8b:69:fc:c1:1d:90:02:b8:e1:17:9f:5e:
                    01:55:15:d6:55:bc:25:e8:76:ec:24:36:92:a2:96:
                    ab:d8:85:c1:bd:fc:57:e7:97:f4:88:07:c7:7b:dc:
                    ee:f3:ae:7e:a3:58:2a:19:e7:9e:9f:76:38:50:0a:
                    6d:e1:ec:3e:ee:91:1e:0e:a9:8f:da:1d:8c:d4:8c:
                    43:1b:a2:be:d7:eb:cc:64:a1:bd:a8:e2:d1:50:f1:
                    63:88:73:8b:ef:dc:a2:e8:84:37:0f:61:92:06:f9:
                    c3:5c:5c:55:74:c6:6d:5c:c4:64:f8:bb:a0:02:12:
                    72:23:60:bb:96:23:36:11:b6:b5:03:56:2e:56:9c:
                    f4:60:de:3d:ef:0f:91:8e:f5:60:b1:22:e4:92:16:
                    44:81:43:01:fc:c9:17:86:e2:1c:d0:df:4d:93:31:
                    14:7e:cd:0c:77:cc:ce:6a:40:3a:55:c0:e8:68:6b:
                    c1:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:74:7C:76:90:2F:1D:E9:E8:F5:08:F4:B6:8D:1A:7A:52:5B:0C:EB
            X509v3 Authority Key Identifier:
                keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/63R8dpAvHeno9Qj0to0aelJbDOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.43.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:99:db:2d:d6:7e:78:bd:45:9f:00:96:07:75:b4:c9:46:2f:
         9d:47:38:38:f5:5b:be:93:61:bb:b4:80:a0:30:56:80:38:b6:
         8e:aa:12:35:02:9d:1b:ff:ae:dd:e3:1a:27:df:89:0c:3c:fa:
         0f:e5:58:d3:d3:52:05:22:c0:81:a6:08:6f:ae:fb:79:f3:e4:
         b2:c6:b8:1b:24:13:4a:9c:74:cd:97:c9:ab:58:8b:b4:5d:ec:
         62:7b:b9:d8:03:8f:7c:82:00:1b:00:7d:5e:85:fe:31:a4:ae:
         82:40:59:3b:06:02:3e:fd:f0:71:49:90:c4:71:50:be:42:3c:
         1a:81:4c:50:7e:7a:7f:01:57:98:99:a0:e6:c8:cf:16:b8:0d:
         43:1f:d9:fd:fd:95:10:ff:35:89:a1:41:83:33:9a:0c:72:f1:
         61:b9:f6:6c:72:cb:e4:a9:24:79:76:40:d5:be:93:33:ac:b2:
         3c:f8:e9:c6:86:0b:b3:ad:8d:a7:f7:70:c8:74:c5:84:59:20:
         85:1c:22:d1:83:b5:41:1b:be:ef:01:5b:1e:02:b5:9f:62:43:
         bc:c0:77:35:a8:81:05:cc:d9:33:d4:f8:b9:97:63:01:12:55:
         f3:80:47:4f:6a:19:f6:7d:d7:58:a9:44:3d:46:fc:fc:db:2b:
         81:d9:e6:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWXRtTFtcmpKzFAvGj0bk3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTA5MTYwNDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc0N2M3NjkwMmYxZGU5ZThmNTA4ZjRiNjhkMWE3YTUyNWIwY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnygjJn/Oe1Ddz0cHQ2qSvWC07D82
rjKlX1RBgIwUcxo+yxkTFz8X0reX4tCTovwICf5CZclLFk2EcG72aFoNbfn/sYcz
uALiZN/2V3KLafzBHZACuOEXn14BVRXWVbwl6HbsJDaSopar2IXBvfxX55f0iAfH
e9zu865+o1gqGeeen3Y4UApt4ew+7pEeDqmP2h2M1IxDG6K+1+vMZKG9qOLRUPFj
iHOL79yi6IQ3D2GSBvnDXFxVdMZtXMRk+LugAhJyI2C7liM2Eba1A1YuVpz0YN49
7w+RjvVgsSLkkhZEgUMB/MkXhuIc0N9NkzEUfs0Md8zOakA6VcDoaGvBHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOt0fHaQLx3p6PUI9LaNGnpSWwzrMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvNjNSOGRwQXZIZW5vOVFqMHRvMGFlbEpiRE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSuYMA0G
CSqGSIb3DQEBCwUAA4IBAQBdmdst1n54vUWfAJYHdbTJRi+dRzg49Vu+k2G7tICg
MFaAOLaOqhI1Ap0b/67d4xon34kMPPoP5VjT01IFIsCBpghvrvt58+SyxrgbJBNK
nHTNl8mrWIu0Xexie7nYA498ggAbAH1ehf4xpK6CQFk7BgI+/fBxSZDEcVC+Qjwa
gUxQfnp/AVeYmaDmyM8WuA1DH9n9/ZUQ/zWJoUGDM5oMcvFhufZscsvkqSR5dkDV
vpMzrLI8+OnGhguzrY2n93DIdMWEWSCFHCLRg7VBG77vAVseArWfYkO8wHc1qIEF
zNkz1Pi5l2MBElXzgEdPahn2fddYqUQ9Rvz82yuB2eYm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:46 2024 by rpki-client on console-fra.rpki-client.org