Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/RYqoi-9DxMwasc_d8DWWLAQpnyI.roa
File:                     RYqoi-9DxMwasc_d8DWWLAQpnyI.roa (raw, json)
Hash identifier:          KY4PSfEurz164vtA2jWWNjQtvAX3SD6EChKrnMQMIjY=
Subject key identifier:   45:8A:A8:8B:EF:43:C4:CC:1A:B1:CF:DD:F0:35:96:2C:04:29:9F:22
Certificate issuer:       /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial:       018C41DDF6E991F74CE648DF7E6BFC6EA6D9
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/RYqoi-9DxMwasc_d8DWWLAQpnyI.roa
Signing time:             Thu 07 Dec 2023 01:21:54 +0000
ROA not before:           Thu 07 Dec 2023 01:21:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24852
IP address blocks:        213.164.112.0/22 maxlen: 22
                          88.223.96.0/22 maxlen: 22
                          213.164.116.0/23 maxlen: 23
                          213.164.118.0/24 maxlen: 24
                          88.223.104.0/21 maxlen: 21
                          84.55.0.0/18 maxlen: 18
                          88.223.112.0/20 maxlen: 20
                          88.223.128.0/22 maxlen: 22
                          84.55.32.0/24 maxlen: 24
                          84.55.33.0/24 maxlen: 24
                          84.55.34.0/23 maxlen: 23
                          84.55.36.0/23 maxlen: 23
                          88.223.144.0/21 maxlen: 21
                          213.164.96.0/20 maxlen: 20
                          79.132.160.0/19 maxlen: 19
                          88.223.152.0/24 maxlen: 24
                          84.55.48.0/21 maxlen: 21
                          88.223.153.0/24 maxlen: 24
                          88.223.160.0/20 maxlen: 20
                          84.55.56.0/23 maxlen: 23
                          84.55.58.0/23 maxlen: 23
                          84.55.60.0/23 maxlen: 23
                          84.55.62.0/23 maxlen: 23
                          95.173.32.0/19 maxlen: 19
                          88.223.192.0/19 maxlen: 19
                          88.222.0.0/15 maxlen: 15
                          185.104.176.0/22 maxlen: 22
                          217.147.41.0/24 maxlen: 24
                          217.147.44.0/23 maxlen: 23
                          217.147.40.0/24 maxlen: 24
                          217.147.46.0/24 maxlen: 24
                          217.147.47.0/24 maxlen: 24
                          88.223.0.0/18 maxlen: 18
                          217.147.34.0/24 maxlen: 24
                          217.147.35.0/24 maxlen: 24
                          217.147.36.0/23 maxlen: 23
                          217.147.38.0/24 maxlen: 24
                          217.147.32.0/20 maxlen: 20
                          2a01:7c80::/32 maxlen: 32
                          2a01:7c80::/33 maxlen: 33

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:41:dd:f6:e9:91:f7:4c:e6:48:df:7e:6b:fc:6e:a6:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
        Validity
            Not Before: Dec  7 01:21:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=458aa88bef43c4cc1ab1cfddf035962c04299f22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:de:46:9a:1e:ad:23:ec:31:94:b9:16:10:57:
                    6f:d1:0d:a6:89:13:3d:b1:92:ca:36:56:90:0b:d1:
                    f2:1f:f3:11:82:98:59:63:86:ca:4a:88:d0:fa:e1:
                    e2:a8:00:f1:ed:52:2d:e3:0e:db:e9:b1:7c:f9:c1:
                    38:8e:3b:4d:e5:c5:62:9c:4a:2b:b9:ac:f5:80:a8:
                    52:4c:f8:92:d3:82:cf:c6:fb:f2:ed:2d:61:28:22:
                    9f:87:77:0b:d1:42:2a:64:33:46:32:0c:b0:50:b7:
                    e1:45:42:34:dd:b1:d5:a1:03:a3:b8:96:17:ea:e6:
                    09:eb:05:55:2a:2b:6e:01:ff:2e:3e:a2:64:74:15:
                    54:dc:ae:49:aa:ad:8f:11:3d:e1:74:a2:5b:82:9d:
                    76:90:5c:69:98:c0:5a:08:94:ff:66:1a:a5:84:a7:
                    76:30:f0:14:e5:da:f7:9a:7b:dd:21:5c:fa:0c:6f:
                    8e:24:20:b5:00:7e:16:c0:eb:59:64:9f:89:80:dc:
                    d6:e5:56:db:78:39:39:3c:77:03:74:ea:4a:f6:cb:
                    dd:a9:2d:ff:5c:85:b7:bb:d7:2f:a4:11:0a:e0:6e:
                    ef:79:95:01:0d:58:61:fd:27:c1:a2:8e:a2:84:1f:
                    ff:24:55:7b:3a:29:9a:0b:c5:ce:c1:31:e7:ca:e0:
                    65:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:8A:A8:8B:EF:43:C4:CC:1A:B1:CF:DD:F0:35:96:2C:04:29:9F:22
            X509v3 Authority Key Identifier:
                keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/RYqoi-9DxMwasc_d8DWWLAQpnyI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.132.160.0/19
                  84.55.0.0/18
                  88.222.0.0/15
                  95.173.32.0/19
                  185.104.176.0/22
                  213.164.96.0-213.164.118.255
                  217.147.32.0/20
                IPv6:
                  2a01:7c80::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:2a:ea:bb:ab:db:b4:95:a7:80:2e:2b:a0:0b:3f:c9:88:cc:
         b8:ec:06:8f:36:6e:bc:e5:63:b9:c5:24:51:7a:6e:f9:30:6b:
         2f:ae:ff:3d:8c:cf:cf:9e:2b:f8:de:38:6b:ac:cf:ca:d8:33:
         45:a0:9a:2b:ab:7d:85:12:4e:b2:56:35:7f:07:c2:5e:8b:b3:
         b4:37:70:6c:1d:fc:44:2e:02:ec:ad:68:90:6c:0d:41:4b:b6:
         35:70:46:8f:48:69:fb:72:80:86:aa:f4:53:e9:a8:2a:19:af:
         ce:b3:24:fb:27:f5:3e:f4:9f:75:65:5b:cc:3a:d2:d1:86:ef:
         83:de:93:05:b7:7c:c9:01:89:03:08:bc:0a:ff:57:46:f3:60:
         53:14:50:9c:db:f6:ad:9e:48:9a:b1:24:99:97:9f:59:59:3f:
         80:ac:94:c3:58:7e:13:e7:5a:57:d8:44:f5:eb:c5:f9:84:76:
         1a:b8:1b:ad:51:11:29:c1:71:0d:61:ab:f1:83:26:04:86:8b:
         ec:aa:ea:21:f3:0d:9d:ef:64:f0:c8:5a:fd:bc:19:bd:dc:66:
         6a:a8:c6:86:db:e0:5a:a7:0c:57:96:fd:ca:83:d9:9a:5e:49:
         37:00:ad:8d:45:16:b5:07:c4:07:81:79:42:8b:73:fb:24:89:
         10:ac:e9:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYxB3fbpkfdM5kjffmv8bqbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjMxMjA3MDEyMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NThhYTg4YmVmNDNjNGNjMWFiMWNmZGRmMDM1OTYyYzA0Mjk5ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt5Gmh6tI+wxlLkWEFdv0Q2miRM9
sZLKNlaQC9HyH/MRgphZY4bKSojQ+uHiqADx7VIt4w7b6bF8+cE4jjtN5cVinEor
uaz1gKhSTPiS04LPxvvy7S1hKCKfh3cL0UIqZDNGMgywULfhRUI03bHVoQOjuJYX
6uYJ6wVVKituAf8uPqJkdBVU3K5Jqq2PET3hdKJbgp12kFxpmMBaCJT/ZhqlhKd2
MPAU5dr3mnvdIVz6DG+OJCC1AH4WwOtZZJ+JgNzW5VbbeDk5PHcDdOpK9svdqS3/
XIW3u9cvpBEK4G7veZUBDVhh/SfBoo6ihB//JFV7OimaC8XOwTHnyuBl0wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEWKqIvvQ8TMGrHP3fA1liwEKZ8iMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvUllxb2ktOUR4TXdhc2NfZDhEV1dMQVFwbnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQFT4SgAwQG
VDcAAwMBWN4DBAVfrSADBAK5aLAwDAMEBdWkYAMEANWkdgMEBNmTIDANBAIAAjAH
AwUAKgF8gDANBgkqhkiG9w0BAQsFAAOCAQEAAyrqu6vbtJWngC4roAs/yYjMuOwG
jzZuvOVjucUkUXpu+TBrL67/PYzPz54r+N44a6zPytgzRaCaK6t9hRJOslY1fwfC
XouztDdwbB38RC4C7K1okGwNQUu2NXBGj0hp+3KAhqr0U+moKhmvzrMk+yf1PvSf
dWVbzDrS0Ybvg96TBbd8yQGJAwi8Cv9XRvNgUxRQnNv2rZ5ImrEkmZefWVk/gKyU
w1h+E+daV9hE9evF+YR2GrgbrVERKcFxDWGr8YMmBIaL7KrqIfMNne9k8Mha/bwZ
vdxmaqjGhtvgWqcMV5b9yoPZml5JNwCtjUUWtQfEB4F5Qotz+ySJEKzpqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org