Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DYh3HILsW1iDlOjgKNvnrj-AtH0.roa
File:                     DYh3HILsW1iDlOjgKNvnrj-AtH0.roa (raw, json)
Hash identifier:          CQEDyDcI2Uw3HlR3mzavI4sUAmJisF/GBp7+QsU/nN8=
Subject key identifier:   0D:88:77:1C:82:EC:5B:58:83:94:E8:E0:28:DB:E7:AE:3F:80:B4:7D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F66FE619FEB3D69BAC9DB6F608F12F1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DYh3HILsW1iDlOjgKNvnrj-AtH0.roa
Signing time:             Sun 01 Jan 2023 22:14:58 +0000
ROA not before:           Sun 01 Jan 2023 22:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        192.124.177.0/24 maxlen: 24
                          192.124.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Jan 2023 12:31:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:fe:61:9f:eb:3d:69:ba:c9:db:6f:60:8f:12:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d88771c82ec5b588394e8e028dbe7ae3f80b47d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:73:d8:e7:8c:37:82:2b:95:ba:11:72:cd:b8:
                    65:ff:c7:f8:4f:97:23:02:68:8c:33:93:4d:13:5d:
                    c5:8c:20:9d:59:4b:07:4f:9e:0c:52:3e:60:1e:92:
                    cf:2e:b0:4d:82:fd:c2:98:66:67:15:e8:bc:36:88:
                    b9:da:13:a4:14:18:ba:10:32:6d:14:13:96:fe:57:
                    66:d0:29:c8:af:95:67:19:33:a1:d5:a0:c6:81:16:
                    41:fe:39:a5:6a:a9:84:77:5e:ca:c8:ad:f4:9b:7c:
                    ed:c2:e8:4a:3d:b5:69:a5:c6:1b:b0:de:16:b3:94:
                    a3:96:2f:2f:b5:2d:2c:00:b4:09:38:67:87:63:2d:
                    16:3d:c5:22:25:f3:12:7f:dc:52:d8:0c:7b:2c:a0:
                    2e:9c:0f:6c:21:63:b8:0d:ac:09:13:36:52:81:23:
                    bc:07:c2:c5:0b:b0:b0:41:56:dd:1a:40:1f:7c:c2:
                    53:d9:f8:3b:30:9d:14:8a:56:7a:ca:ad:38:46:b0:
                    7c:3f:42:df:66:a7:dc:01:2a:3b:f0:94:6e:d5:cf:
                    6f:6a:ed:8e:4b:31:ef:8f:34:21:88:8b:c0:ca:2d:
                    99:23:6a:b5:37:3a:81:c5:ac:cf:99:2a:0d:c6:d5:
                    80:29:c5:d5:2d:b9:46:6e:a1:1d:8d:32:9b:28:f6:
                    5e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:88:77:1C:82:EC:5B:58:83:94:E8:E0:28:DB:E7:AE:3F:80:B4:7D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DYh3HILsW1iDlOjgKNvnrj-AtH0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.175.0/24
                  192.124.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:06:39:e6:d6:08:14:7e:4c:df:38:5d:22:45:b3:ac:60:e9:
         6a:44:99:4d:6e:39:1c:2f:da:20:04:18:d4:12:9f:9e:df:d2:
         8d:0e:4e:44:15:13:d0:93:50:ad:b0:44:2a:3f:64:5c:de:1f:
         b4:96:3e:8a:08:e6:1a:94:a9:08:13:20:c4:8d:ea:94:6f:1a:
         2d:ce:65:b6:bd:9e:ed:df:75:c7:80:67:48:2e:3b:f7:35:5a:
         cd:44:89:af:83:f0:04:83:e2:05:7e:1b:dd:29:d2:0e:0b:32:
         56:49:8e:25:09:21:1f:c2:9a:1d:fa:bc:f8:1f:3b:44:8a:b4:
         0f:7c:51:85:19:03:99:cf:48:b0:a7:b7:75:20:4a:56:7e:7a:
         50:9f:ce:69:42:89:e4:1f:1d:15:90:86:c3:13:bd:c7:53:93:
         ff:b5:92:1f:a7:85:0f:25:54:93:5e:07:0b:97:8e:ef:cf:f4:
         ba:d5:c1:7c:5a:3f:e9:44:47:d7:60:a6:3e:d6:0c:d8:1a:e9:
         92:53:44:0a:f4:e1:fd:8e:c8:df:51:6f:44:38:c3:36:f8:e0:
         0b:07:19:c8:57:24:75:e6:6b:8c:52:9a:16:f3:e9:be:17:2d:
         29:e7:c1:f8:18:e0:3e:11:f1:82:24:ce:c4:21:5a:9f:84:93:
         7d:76:df:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZv5hn+s9abrJ229gjxLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg4NzcxYzgyZWM1YjU4ODM5NGU4ZTAyOGRiZTdhZTNmODBiNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHPY54w3giuVuhFyzbhl/8f4T5cj
AmiMM5NNE13FjCCdWUsHT54MUj5gHpLPLrBNgv3CmGZnFei8Noi52hOkFBi6EDJt
FBOW/ldm0CnIr5VnGTOh1aDGgRZB/jmlaqmEd17KyK30m3ztwuhKPbVppcYbsN4W
s5Sjli8vtS0sALQJOGeHYy0WPcUiJfMSf9xS2Ax7LKAunA9sIWO4DawJEzZSgSO8
B8LFC7CwQVbdGkAffMJT2fg7MJ0UilZ6yq04RrB8P0LfZqfcASo78JRu1c9vau2O
SzHvjzQhiIvAyi2ZI2q1NzqBxazPmSoNxtWAKcXVLblGbqEdjTKbKPZeCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA2IdxyC7FtYg5To4Cjb564/gLR9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRFloM0hJTHNXMWlEbE9qZ0tOdm5yai1BdEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHyvAwQA
wHyxMA0GCSqGSIb3DQEBCwUAA4IBAQAhBjnm1ggUfkzfOF0iRbOsYOlqRJlNbjkc
L9ogBBjUEp+e39KNDk5EFRPQk1CtsEQqP2Rc3h+0lj6KCOYalKkIEyDEjeqUbxot
zmW2vZ7t33XHgGdILjv3NVrNRImvg/AEg+IFfhvdKdIOCzJWSY4lCSEfwpod+rz4
HztEirQPfFGFGQOZz0iwp7d1IEpWfnpQn85pQonkHx0VkIbDE73HU5P/tZIfp4UP
JVSTXgcLl47vz/S61cF8Wj/pREfXYKY+1gzYGumSU0QK9OH9jsjfUW9EOMM2+OAL
BxnIVyR15muMUpoW8+m+Fy0p58H4GOA+EfGCJM7EIVqfhJN9dt+f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org