Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/C-_yqFvG9JIR79VX7MLji97Nxxs.roa
File:                     C-_yqFvG9JIR79VX7MLji97Nxxs.roa (raw, json)
Hash identifier:          6cFS2ObMGGwX+t/XRyNybHzmpPVkzkTrm0WQSplHlqs=
Subject key identifier:   0B:EF:F2:A8:5B:C6:F4:92:11:EF:D5:57:EC:C2:E3:8B:DE:CD:C7:1B
Certificate issuer:       /CN=715b885c3b302fd50e6c22647a33dc47727fea95
Certificate serial:       01896DE35BCE2A27D82CBB5AC8E783B91695
Authority key identifier: 71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/C-_yqFvG9JIR79VX7MLji97Nxxs.roa
Signing time:             Wed 19 Jul 2023 11:22:43 +0000
ROA not before:           Wed 19 Jul 2023 11:22:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        5.62.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6d:e3:5b:ce:2a:27:d8:2c:bb:5a:c8:e7:83:b9:16:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=715b885c3b302fd50e6c22647a33dc47727fea95
        Validity
            Not Before: Jul 19 11:22:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0beff2a85bc6f49211efd557ecc2e38bdecdc71b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:17:69:69:f1:c4:a0:27:98:22:af:26:93:78:
                    ad:26:b8:23:f6:61:3d:84:61:38:0b:7d:8a:69:3c:
                    c1:d3:30:eb:8b:a5:6c:89:da:96:1b:9d:eb:96:ec:
                    10:76:e7:54:c9:4f:1c:91:fd:fd:bf:95:32:51:3e:
                    bd:6f:60:d4:4e:86:d9:f1:82:bd:ee:e2:f6:c1:9e:
                    78:0b:d7:d7:6d:8c:45:0f:ad:94:1e:a5:2e:2d:df:
                    c6:e6:e4:bf:55:c7:07:6c:b9:7e:7f:ee:ce:a1:f2:
                    1c:eb:5f:4e:94:76:2e:5e:6e:0a:02:da:75:14:50:
                    50:33:a4:8a:69:45:ba:14:85:0a:c1:ca:e4:4d:72:
                    47:62:09:8b:c9:3c:be:8d:6c:9e:45:e3:6e:b2:2c:
                    5d:4e:5b:f4:f8:b2:c0:42:8f:f3:65:64:82:27:4a:
                    25:94:66:56:b3:69:85:d7:24:9f:2c:47:0f:df:37:
                    fb:5f:20:a1:8f:c9:62:37:c9:4f:ce:6c:cb:b7:09:
                    e7:9f:89:43:aa:3a:55:21:42:24:b6:93:78:22:90:
                    57:7d:81:60:96:58:88:19:49:81:87:59:f3:bd:09:
                    e0:5e:85:16:54:cf:44:f5:b1:d9:9f:76:eb:b6:b3:
                    d2:17:96:fd:4f:87:86:98:c5:d2:70:ab:e0:e3:99:
                    9f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:EF:F2:A8:5B:C6:F4:92:11:EF:D5:57:EC:C2:E3:8B:DE:CD:C7:1B
            X509v3 Authority Key Identifier:
                keyid:71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/C-_yqFvG9JIR79VX7MLji97Nxxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/cVuIXDswL9UObCJkejPcR3J_6pU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.62.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:f2:0e:6e:4c:89:65:d1:b6:19:0a:db:6d:de:43:88:19:da:
         62:b9:02:93:42:20:31:cb:e3:93:10:6f:74:93:29:33:57:a1:
         7a:84:af:08:21:a5:87:bc:5d:af:4d:9a:ee:f1:92:52:0a:12:
         d8:4f:7d:21:3a:7b:02:de:9c:e7:b7:9d:fc:b9:c6:fa:1c:1e:
         35:f2:17:98:49:22:28:9d:c0:c0:be:23:44:02:6f:be:55:83:
         98:be:26:18:6c:14:aa:b9:ed:e2:f1:17:20:c8:22:b7:b0:e3:
         c7:37:86:15:7a:1b:27:3d:cc:a1:d0:64:31:f5:fa:e0:4a:6d:
         03:0a:d7:f6:fa:be:1b:21:9f:98:0e:6c:a2:e5:0a:02:1a:c5:
         32:a9:88:bf:10:48:fb:39:9f:7c:e0:b4:94:a4:52:6c:03:dd:
         d8:ef:89:94:77:47:33:53:fd:3d:dc:c0:89:63:1a:ec:48:f9:
         ae:08:30:18:a9:87:49:b0:9e:81:2b:e6:cb:e2:ea:19:0c:5e:
         95:e3:7e:f3:68:a3:8b:e1:5a:b5:2e:32:4d:74:f8:04:04:ac:
         3e:af:51:7f:9b:27:08:1a:ad:c0:58:8f:ee:b4:74:ef:0a:5f:
         24:2f:6f:57:83:b4:f1:1f:95:6d:cb:5d:86:20:3a:dd:6a:5d:
         c6:63:c5:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlt41vOKifYLLtayOeDuRaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWI4ODVjM2IzMDJmZDUwZTZjMjI2NDdhMzNkYzQ3NzI3
ZmVhOTUwHhcNMjMwNzE5MTEyMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmVmZjJhODViYzZmNDkyMTFlZmQ1NTdlY2MyZTM4YmRlY2RjNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxdpafHEoCeYIq8mk3itJrgj9mE9
hGE4C32KaTzB0zDri6VsidqWG53rluwQdudUyU8ckf39v5UyUT69b2DUTobZ8YK9
7uL2wZ54C9fXbYxFD62UHqUuLd/G5uS/VccHbLl+f+7OofIc619OlHYuXm4KAtp1
FFBQM6SKaUW6FIUKwcrkTXJHYgmLyTy+jWyeReNusixdTlv0+LLAQo/zZWSCJ0ol
lGZWs2mF1ySfLEcP3zf7XyChj8liN8lPzmzLtwnnn4lDqjpVIUIktpN4IpBXfYFg
lliIGUmBh1nzvQngXoUWVM9E9bHZn3brtrPSF5b9T4eGmMXScKvg45mfhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAvv8qhbxvSSEe/VV+zC44vezccbMB8GA1UdIwQY
MBaAFHFbiFw7MC/VDmwiZHoz3Edyf+qVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYt
MmE5MjMzM2Y5ZGY2LzEvQy1feXFGdkc5SklSNzlWWDdNTGppOTdOeHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYtMmE5MjMzM2Y5ZGY2
LzEvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT4iMA0G
CSqGSIb3DQEBCwUAA4IBAQAm8g5uTIll0bYZCttt3kOIGdpiuQKTQiAxy+OTEG90
kykzV6F6hK8IIaWHvF2vTZru8ZJSChLYT30hOnsC3pznt538ucb6HB418heYSSIo
ncDAviNEAm++VYOYviYYbBSque3i8RcgyCK3sOPHN4YVehsnPcyh0GQx9frgSm0D
Ctf2+r4bIZ+YDmyi5QoCGsUyqYi/EEj7OZ984LSUpFJsA93Y74mUd0czU/093MCJ
YxrsSPmuCDAYqYdJsJ6BK+bL4uoZDF6V437zaKOL4Vq1LjJNdPgEBKw+r1F/mycI
Gq3AWI/utHTvCl8kL29Xg7TxH5Vty12GIDrdal3GY8Xk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:36 2024 by rpki-client on console-ams.rpki-client.org