Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/diIYPVdBFZqgfO3f22V-QRG9uE8.roa
File:                     diIYPVdBFZqgfO3f22V-QRG9uE8.roa (raw, json)
Hash identifier:          6iZtIrWXcoEjL5GKj9TL9tOL0fwFek6/Ay+dVl2Dt+Q=
Subject key identifier:   76:22:18:3D:57:41:15:9A:A0:7C:ED:DF:DB:65:7E:41:11:BD:B8:4F
Certificate issuer:       /CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Certificate serial:       01857315F30C4562700BA386E22551D1CC1D
Authority key identifier: 87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/diIYPVdBFZqgfO3f22V-QRG9uE8.roa
Signing time:             Mon 02 Jan 2023 15:24:56 +0000
ROA not before:           Mon 02 Jan 2023 15:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1299
IP address blocks:        185.59.52.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:15:f3:0c:45:62:70:0b:a3:86:e2:25:51:d1:cc:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
        Validity
            Not Before: Jan  2 15:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7622183d5741159aa07ceddfdb657e4111bdb84f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:39:4c:72:3f:a7:9e:8b:b1:88:b3:64:a1:5b:
                    97:c4:fa:f9:37:28:79:d9:89:79:45:21:2e:25:df:
                    df:59:78:47:5a:ba:36:5e:2c:e9:0c:e2:51:2c:80:
                    20:b1:bd:61:34:39:c5:8b:cf:b8:bf:aa:83:1a:f5:
                    61:65:e3:d8:07:98:5b:d3:80:9f:33:3b:65:bd:e0:
                    38:d6:d4:72:10:8f:1e:29:a5:1c:0b:aa:36:e1:32:
                    7c:8f:ea:5c:16:bc:af:97:e9:c2:0d:83:82:12:b0:
                    ab:f4:a4:1c:08:39:20:21:66:53:ff:5b:ea:f8:c2:
                    df:0c:ff:66:31:b6:e6:6c:a7:39:35:df:73:3c:85:
                    a5:5f:ab:48:f3:19:62:d2:b1:80:6e:87:17:20:d2:
                    fe:b5:5e:32:9d:e0:70:e7:e4:34:c0:ce:6b:0e:bb:
                    b0:26:04:ed:b9:2d:c1:b2:e1:e5:29:93:53:ea:1d:
                    b4:a4:e3:99:63:1e:05:1a:7e:09:3b:a8:f4:08:58:
                    6b:7e:14:91:6d:6d:cb:cb:56:15:3b:69:f0:68:45:
                    cc:6e:8e:22:0e:1d:65:65:8c:7f:e1:97:2d:f1:27:
                    e7:6a:4f:00:34:8f:86:10:77:c8:85:08:0d:40:21:
                    4f:a6:c4:17:84:63:6e:8e:7b:18:7f:aa:e8:0e:bc:
                    9f:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:22:18:3D:57:41:15:9A:A0:7C:ED:DF:DB:65:7E:41:11:BD:B8:4F
            X509v3 Authority Key Identifier:
                keyid:87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/diIYPVdBFZqgfO3f22V-QRG9uE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/h8N9A12V_vuh1H-Yuf9Jc_F99s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.59.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:fe:eb:30:61:ae:82:ff:9d:03:23:5d:83:9e:86:c6:73:1c:
         2d:0a:a4:17:99:1c:fe:ca:56:e4:1d:47:b4:03:2a:3b:45:86:
         21:14:f5:3d:21:ae:37:a1:18:5d:72:6c:f1:2b:1b:26:f3:ed:
         5f:02:53:9f:6b:8f:88:58:74:fe:7f:51:1a:59:d1:2b:e0:79:
         b0:8f:f7:64:fd:df:35:f5:30:56:53:3a:34:5d:52:fc:e1:88:
         72:e8:03:cf:c0:ad:b6:f2:51:f3:60:be:a0:70:69:34:9d:68:
         08:71:c0:1f:26:56:7d:17:80:56:6a:c2:6e:0e:78:25:97:66:
         68:11:eb:e6:07:39:4d:5b:5a:0c:32:20:14:2b:6b:0f:48:9f:
         6a:37:3b:6a:b0:58:c6:82:a9:05:01:b2:f3:ff:5e:72:5f:02:
         f0:f4:27:46:37:0f:61:b4:2b:d5:2a:68:fd:1b:a6:5d:88:e6:
         4c:f8:c1:94:87:ba:ed:70:fb:75:33:de:ef:7e:a4:65:79:ea:
         63:a6:ad:30:d4:28:24:ab:e3:5c:8c:0a:1a:b1:6c:1c:25:0c:
         85:bb:91:7f:9e:d7:dc:43:d1:f8:fc:49:e4:86:48:94:43:fa:
         45:6f:bf:1d:08:ed:59:53:d8:d8:75:0a:bc:07:2f:89:9d:78:
         b1:d2:25:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfMMRWJwC6OG4iVR0cwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzM3ZDAzNWQ5NWZlZmJhMWQ0N2Y5OGI5ZmY0OTczZjE3
ZGY2Y2QwHhcNMjMwMTAyMTUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIyMTgzZDU3NDExNTlhYTA3Y2VkZGZkYjY1N2U0MTExYmRiODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DlMcj+nnouxiLNkoVuXxPr5Nyh5
2Yl5RSEuJd/fWXhHWro2XizpDOJRLIAgsb1hNDnFi8+4v6qDGvVhZePYB5hb04Cf
MztlveA41tRyEI8eKaUcC6o24TJ8j+pcFryvl+nCDYOCErCr9KQcCDkgIWZT/1vq
+MLfDP9mMbbmbKc5Nd9zPIWlX6tI8xli0rGAbocXINL+tV4yneBw5+Q0wM5rDruw
JgTtuS3BsuHlKZNT6h20pOOZYx4FGn4JO6j0CFhrfhSRbW3Ly1YVO2nwaEXMbo4i
Dh1lZYx/4Zct8Sfnak8ANI+GEHfIhQgNQCFPpsQXhGNujnsYf6roDryfOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYiGD1XQRWaoHzt39tlfkERvbhPMB8GA1UdIwQY
MBaAFIfDfQNdlf77odR/mLn/SXPxffbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTIt
ZTFiN2M3NjQ5ZmEzLzEvZGlJWVBWZEJGWnFnZk8zZjIyVi1RUkc5dUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTItZTFiN2M3NjQ5ZmEz
LzEvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTs0MA0G
CSqGSIb3DQEBCwUAA4IBAQAf/uswYa6C/50DI12DnobGcxwtCqQXmRz+ylbkHUe0
Ayo7RYYhFPU9Ia43oRhdcmzxKxsm8+1fAlOfa4+IWHT+f1EaWdEr4Hmwj/dk/d81
9TBWUzo0XVL84Yhy6APPwK228lHzYL6gcGk0nWgIccAfJlZ9F4BWasJuDngll2Zo
EevmBzlNW1oMMiAUK2sPSJ9qNztqsFjGgqkFAbLz/15yXwLw9CdGNw9htCvVKmj9
G6ZdiOZM+MGUh7rtcPt1M97vfqRleepjpq0w1Cgkq+NcjAoasWwcJQyFu5F/ntfc
Q9H4/EnkhkiUQ/pFb78dCO1ZU9jYdQq8By+JnXix0iWQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:44 2024 by rpki-client on console-ams.rpki-client.org