Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/dqNQdHX6zerK1_lzEnfZHvYlzE8.roa
File:                     dqNQdHX6zerK1_lzEnfZHvYlzE8.roa (raw, json)
Hash identifier:          YGyAIiceFY29K0KB+bh4i7rxiy297goKIRfqB/zQDVU=
Subject key identifier:   76:A3:50:74:75:FA:CD:EA:CA:D7:F9:73:12:77:D9:1E:F6:25:CC:4F
Certificate issuer:       /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial:       01857139B7BD4940F327CE3EDFB1C2F64FEB
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/dqNQdHX6zerK1_lzEnfZHvYlzE8.roa
Signing time:             Mon 02 Jan 2023 06:44:46 +0000
ROA not before:           Mon 02 Jan 2023 06:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50673
IP address blocks:        5.56.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 14:24:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:b7:bd:49:40:f3:27:ce:3e:df:b1:c2:f6:4f:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
        Validity
            Not Before: Jan  2 06:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76a3507475facdeacad7f9731277d91ef625cc4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4f:43:e0:29:bd:5f:61:18:03:03:d2:d3:57:
                    dd:6f:c1:8f:ff:93:d0:7f:ac:5d:af:66:3f:42:df:
                    d8:5f:1d:04:78:46:1b:a8:aa:c0:9d:0a:db:81:64:
                    cb:d9:b1:bc:78:e4:dc:ea:d7:31:9a:86:82:5a:43:
                    02:1b:80:77:10:78:34:09:eb:99:79:cf:60:64:5e:
                    12:9c:3d:ba:1e:a5:9e:9b:44:7f:c4:35:a2:d3:8a:
                    65:a8:2c:55:aa:7e:59:9b:aa:53:a8:94:e7:10:23:
                    02:c3:29:48:4a:a8:ce:96:e2:97:6b:f9:d6:b6:e1:
                    ca:3d:bc:67:0f:62:80:e6:2c:33:3b:70:bf:f7:7c:
                    d9:93:9b:5b:c6:67:f0:cb:b2:b8:e4:45:bb:6f:8f:
                    34:ab:ad:78:a9:c9:0e:2e:2a:25:58:ea:14:26:8b:
                    a2:96:61:96:2a:9e:81:1a:5b:c9:73:97:ca:1d:a1:
                    af:c4:69:eb:ee:35:63:73:47:b4:90:1e:a4:15:e0:
                    57:21:06:3b:bc:9a:85:77:43:0d:40:a5:96:52:dd:
                    f5:c1:ab:0f:26:d9:e3:b9:90:40:84:c0:03:54:a1:
                    c6:ff:90:8e:41:ca:bf:ca:9b:4d:3c:72:21:cb:cc:
                    71:a3:22:d3:ba:d1:41:a6:3c:1a:57:14:5d:f8:55:
                    96:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:A3:50:74:75:FA:CD:EA:CA:D7:F9:73:12:77:D9:1E:F6:25:CC:4F
            X509v3 Authority Key Identifier:
                keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/dqNQdHX6zerK1_lzEnfZHvYlzE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.56.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:05:da:27:6c:7f:36:09:d3:12:3c:47:d3:cd:33:37:ff:32:
         6e:26:fc:de:de:40:31:39:f0:79:b3:4b:ce:7a:51:c1:3c:9e:
         04:d3:ee:4a:c6:33:6e:65:a0:ed:5f:ae:88:79:e6:06:e4:72:
         2a:8b:11:ac:c1:05:ab:c4:68:3f:d8:08:65:f5:85:50:af:a0:
         83:19:34:40:b3:34:51:33:ea:df:64:2c:64:ab:8b:ac:4f:fa:
         d2:62:45:bf:f6:ef:45:11:3b:3b:cc:33:f4:0e:e9:84:00:7c:
         77:48:f1:65:b0:bd:04:25:00:78:b7:09:c6:89:0a:25:94:b0:
         d2:e1:ea:50:fb:ab:cd:f4:19:ce:8d:41:ba:30:38:ee:79:35:
         23:29:d2:c1:1f:f3:b1:97:cf:0e:20:be:09:8a:c6:e4:24:98:
         6d:2e:f9:39:af:15:1f:94:e0:64:11:a5:eb:c2:9a:f9:9e:00:
         2e:c8:ab:c4:43:94:d9:dc:02:78:49:47:ef:54:80:0c:b4:2e:
         cd:96:0d:c0:a7:81:85:ce:8e:65:c3:02:49:6b:b7:ce:75:59:
         2e:d5:97:10:0d:4b:5a:59:b3:8a:ad:35:22:8b:2a:1e:97:83:
         8a:58:ca:97:4d:1f:ad:14:29:cf:f4:52:c0:d2:26:76:56:0b:
         bd:99:84:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxObe9SUDzJ84+37HC9k/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjMwMTAyMDY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmEzNTA3NDc1ZmFjZGVhY2FkN2Y5NzMxMjc3ZDkxZWY2MjVjYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU9D4Cm9X2EYAwPS01fdb8GP/5PQ
f6xdr2Y/Qt/YXx0EeEYbqKrAnQrbgWTL2bG8eOTc6tcxmoaCWkMCG4B3EHg0CeuZ
ec9gZF4SnD26HqWem0R/xDWi04plqCxVqn5Zm6pTqJTnECMCwylISqjOluKXa/nW
tuHKPbxnD2KA5iwzO3C/93zZk5tbxmfwy7K45EW7b480q614qckOLiolWOoUJoui
lmGWKp6BGlvJc5fKHaGvxGnr7jVjc0e0kB6kFeBXIQY7vJqFd0MNQKWWUt31wasP
JtnjuZBAhMADVKHG/5COQcq/yptNPHIhy8xxoyLTutFBpjwaVxRd+FWWrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHajUHR1+s3qytf5cxJ32R72JcxPMB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvZHFOUWRIWDZ6ZXJLMV9sekVuZlpIdllsekU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTiFMA0G
CSqGSIb3DQEBCwUAA4IBAQA8BdonbH82CdMSPEfTzTM3/zJuJvze3kAxOfB5s0vO
elHBPJ4E0+5KxjNuZaDtX66IeeYG5HIqixGswQWrxGg/2Ahl9YVQr6CDGTRAszRR
M+rfZCxkq4usT/rSYkW/9u9FETs7zDP0DumEAHx3SPFlsL0EJQB4twnGiQollLDS
4epQ+6vN9BnOjUG6MDjueTUjKdLBH/Oxl88OIL4JisbkJJhtLvk5rxUflOBkEaXr
wpr5ngAuyKvEQ5TZ3AJ4SUfvVIAMtC7Nlg3Ap4GFzo5lwwJJa7fOdVku1ZcQDUta
WbOKrTUiiyoel4OKWMqXTR+tFCnP9FLA0iZ2Vgu9mYTi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:43 2024 by rpki-client on console-fra.rpki-client.org