Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/y0z9dKYATLcgssP9QVcBnufsZWA.roa
File:                     y0z9dKYATLcgssP9QVcBnufsZWA.roa (raw, json)
Hash identifier:          6csP3kRzy09OzXN5H/L/GugeTnFc9TdbX00Omm22RgQ=
Subject key identifier:   CB:4C:FD:74:A6:00:4C:B7:20:B2:C3:FD:41:57:01:9E:E7:EC:65:60
Certificate issuer:       /CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Certificate serial:       01856C01090CB4E757A7926AF86242524CF8
Authority key identifier: 75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/y0z9dKYATLcgssP9QVcBnufsZWA.roa
Signing time:             Sun 01 Jan 2023 06:24:45 +0000
ROA not before:           Sun 01 Jan 2023 06:24:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     327712
IP address blocks:        213.140.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:01:09:0c:b4:e7:57:a7:92:6a:f8:62:42:52:4c:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
        Validity
            Not Before: Jan  1 06:24:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb4cfd74a6004cb720b2c3fd4157019ee7ec6560
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:dd:2f:68:85:ed:fe:a4:c5:76:11:05:6e:30:
                    10:48:b1:58:a2:c7:5f:e1:9e:92:3c:2b:da:0f:6a:
                    07:4c:09:ea:f0:6d:1b:71:a4:3d:5a:55:73:3c:43:
                    30:d8:cb:f1:5f:91:5b:a1:79:15:2a:44:ff:ed:1c:
                    fa:4a:33:cf:0e:96:6c:59:bf:f0:9c:7d:fb:e2:4b:
                    39:8b:0d:87:80:66:51:d2:7d:50:dc:ab:77:82:0d:
                    6a:ab:67:e8:5b:97:8e:22:ed:29:b7:39:1b:ea:d8:
                    b1:52:12:6f:26:34:1d:cd:6f:73:f6:33:c2:a0:7a:
                    b4:2f:ec:3b:a6:da:79:3d:57:4c:d9:b2:63:a7:4c:
                    cd:b1:7f:c4:95:89:20:ac:1e:74:02:45:fe:da:d8:
                    97:49:bb:d2:c1:c9:a3:3f:55:68:8a:ef:5d:40:f0:
                    e6:2b:b1:2c:bd:c6:8e:b4:17:d0:a3:f4:7d:59:80:
                    a0:26:98:7e:93:40:87:61:ca:4b:10:de:f1:13:9a:
                    ae:77:53:a6:21:8b:6f:76:96:42:83:12:81:4d:3e:
                    2f:21:ee:b0:6b:93:cc:db:af:88:b9:18:c9:2d:e7:
                    6b:40:65:86:e1:ed:74:00:31:a9:de:be:8b:24:92:
                    09:30:c7:a4:2b:25:72:30:01:1b:19:42:57:0a:c5:
                    c1:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:4C:FD:74:A6:00:4C:B7:20:B2:C3:FD:41:57:01:9E:E7:EC:65:60
            X509v3 Authority Key Identifier:
                keyid:75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/y0z9dKYATLcgssP9QVcBnufsZWA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.140.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:a7:5e:d7:b5:f1:3c:05:73:51:1d:33:cc:9c:17:af:bd:ce:
         77:11:35:76:9e:8b:31:b1:5d:0f:1d:27:55:d4:2c:1c:0f:e6:
         e4:f5:cc:60:17:83:5d:b1:66:44:75:3d:f5:69:5c:7c:93:fd:
         e4:4d:74:34:42:66:1e:f4:f0:31:55:23:da:86:85:c3:03:e7:
         4a:40:0c:73:89:e1:36:9a:4b:e6:cd:03:9b:bf:b1:9b:f5:69:
         15:70:9e:59:e8:ce:0a:53:88:d7:67:d8:ca:6d:50:92:62:4c:
         60:bc:b9:48:c2:73:95:ec:e7:72:32:c0:36:d6:1e:cf:ef:30:
         15:92:56:89:77:40:5c:d2:80:2c:e4:ae:f4:75:12:19:ef:80:
         02:8e:36:85:57:2e:95:e5:8a:e6:9a:ae:d4:65:77:21:a6:8a:
         c9:11:f9:d0:f8:1f:b2:e0:48:06:1b:90:f3:b3:fe:04:41:7b:
         60:30:a2:bc:50:d4:61:3f:21:e6:ee:46:f2:de:94:e3:7e:9e:
         ce:96:26:de:47:8d:09:89:d2:7a:bf:39:02:6d:90:ba:f0:38:
         0a:83:f3:95:22:c8:32:a4:38:f0:66:e7:d4:7d:c8:e8:f9:2b:
         36:75:51:0a:f5:6e:fd:b0:43:98:01:e9:45:63:bd:ba:13:b6:
         16:c1:79:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAQkMtOdXp5Jq+GJCUkz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZTA1YmMyMWIyYTZmMTAzMzcxMWZmY2E2NDkxYzZjMzBj
ZTVhNGEwHhcNMjMwMTAxMDYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRjZmQ3NGE2MDA0Y2I3MjBiMmMzZmQ0MTU3MDE5ZWU3ZWM2NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn90vaIXt/qTFdhEFbjAQSLFYosdf
4Z6SPCvaD2oHTAnq8G0bcaQ9WlVzPEMw2MvxX5FboXkVKkT/7Rz6SjPPDpZsWb/w
nH374ks5iw2HgGZR0n1Q3Kt3gg1qq2foW5eOIu0ptzkb6tixUhJvJjQdzW9z9jPC
oHq0L+w7ptp5PVdM2bJjp0zNsX/ElYkgrB50AkX+2tiXSbvSwcmjP1Voiu9dQPDm
K7EsvcaOtBfQo/R9WYCgJph+k0CHYcpLEN7xE5qud1OmIYtvdpZCgxKBTT4vIe6w
a5PM26+IuRjJLedrQGWG4e10ADGp3r6LJJIJMMekKyVyMAEbGUJXCsXBfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtM/XSmAEy3ILLD/UFXAZ7n7GVgMB8GA1UdIwQY
MBaAFHXgW8IbKm8QM3Ef/KZJHGwwzlpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDct
ZDQ1YWI3ZGYyZGUxLzEveTB6OWRLWUFUTGNnc3NQOVFWY0JudWZzWldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDctZDQ1YWI3ZGYyZGUx
LzEvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Yw7MA0G
CSqGSIb3DQEBCwUAA4IBAQDHp17XtfE8BXNRHTPMnBevvc53ETV2nosxsV0PHSdV
1CwcD+bk9cxgF4NdsWZEdT31aVx8k/3kTXQ0QmYe9PAxVSPahoXDA+dKQAxzieE2
mkvmzQObv7Gb9WkVcJ5Z6M4KU4jXZ9jKbVCSYkxgvLlIwnOV7OdyMsA21h7P7zAV
klaJd0Bc0oAs5K70dRIZ74ACjjaFVy6V5Yrmmq7UZXchporJEfnQ+B+y4EgGG5Dz
s/4EQXtgMKK8UNRhPyHm7kby3pTjfp7OlibeR40JidJ6vzkCbZC68DgKg/OVIsgy
pDjwZufUfcjo+Ss2dVEK9W79sEOYAelFY726E7YWwXlj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:58 2024 by rpki-client on console-ams.rpki-client.org