Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Yv12R5G1nPE72r6YpJ6cVh5281c.roa
File:                     Yv12R5G1nPE72r6YpJ6cVh5281c.roa (raw, json)
Hash identifier:          rjuYLiZG35/HU7fi/qqIY1wn/L+wd31pQkeMUIsWyTA=
Subject key identifier:   62:FD:76:47:91:B5:9C:F1:3B:DA:BE:98:A4:9E:9C:56:1E:76:F3:57
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018ACD524CA30E867714C9829C33D9C6F54F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Yv12R5G1nPE72r6YpJ6cVh5281c.roa
Signing time:             Mon 25 Sep 2023 17:10:37 +0000
ROA not before:           Mon 25 Sep 2023 17:10:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        212.192.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Nov 2023 05:21:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:cd:52:4c:a3:0e:86:77:14:c9:82:9c:33:d9:c6:f5:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 25 17:10:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62fd764791b59cf13bdabe98a49e9c561e76f357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5f:77:66:a8:1d:df:5c:eb:e2:ee:51:b1:f5:
                    57:ea:ed:0f:f5:ba:4a:fa:97:20:8b:bc:2d:e6:1a:
                    18:90:50:6a:09:ba:54:dc:ff:fd:1a:3b:8b:f4:1e:
                    ad:d9:4d:b0:a8:c6:b1:b7:3d:d2:c6:d4:37:54:51:
                    02:3c:db:8f:97:c7:3d:ad:4f:00:63:6e:b3:fe:5d:
                    2c:10:80:01:31:1e:59:ee:ca:67:9a:94:4c:9f:af:
                    c2:bc:89:c2:09:6d:44:f8:93:88:b3:93:ff:b3:e0:
                    aa:87:9b:f2:55:e3:23:cb:06:58:8b:6a:c9:53:a2:
                    c7:6e:7e:ea:95:a0:ed:4c:b2:ba:bd:da:a0:42:62:
                    91:a4:ca:fc:5b:e0:2d:13:11:c5:a4:8a:cc:b1:20:
                    5a:2c:b4:e3:47:e3:4c:8d:a7:a8:c9:f3:f3:2e:1d:
                    1f:6a:50:62:ca:c6:e3:59:9e:3a:88:09:99:d7:40:
                    dc:eb:b5:f8:af:c9:76:91:d0:76:e5:1d:46:72:4d:
                    ed:d1:4b:aa:7c:b7:2e:a4:4f:f4:95:a6:e6:e2:66:
                    74:be:f8:8f:49:c3:2a:42:27:78:52:57:f4:f9:e8:
                    c1:a0:00:ba:70:fc:18:67:83:10:e9:40:38:93:59:
                    4b:fa:ca:5f:53:09:77:09:76:72:5e:4b:1f:68:c6:
                    98:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:FD:76:47:91:B5:9C:F1:3B:DA:BE:98:A4:9E:9C:56:1E:76:F3:57
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Yv12R5G1nPE72r6YpJ6cVh5281c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:95:23:21:35:b8:e6:df:00:24:7b:8b:70:1e:49:3c:c0:86:
         44:94:29:66:c0:86:bd:06:97:8d:c7:c6:71:7f:4c:37:f8:60:
         af:d5:24:1e:80:2e:d3:7a:17:d7:7f:a0:80:25:06:75:f3:74:
         b4:de:0d:a6:fd:e6:3b:50:2b:7c:9e:4a:dc:d1:ed:6a:aa:e6:
         07:c9:15:96:cc:08:2e:b3:16:36:01:db:42:dc:52:11:10:e7:
         83:55:66:a5:70:8c:f7:f8:d0:c4:2e:73:de:d6:1f:ae:de:b2:
         64:4d:77:ca:b1:48:89:ae:fc:cb:b9:d4:17:e3:1b:17:d2:2b:
         5a:2c:86:dc:39:66:53:1a:ab:a5:bf:54:32:4b:b5:33:ea:56:
         f4:e0:6e:8e:55:1a:16:07:ae:54:b1:d5:0c:97:29:3f:c8:2b:
         15:2b:a8:f3:32:4b:41:9f:21:e0:04:bb:ae:67:e2:f4:d0:0a:
         38:54:a6:5d:5c:c1:70:fd:db:48:68:7b:04:77:34:21:f7:80:
         ae:2f:83:7a:5c:90:9c:fb:64:28:34:1f:45:2a:62:89:06:cd:
         b5:16:33:26:2e:bc:6d:75:e9:80:8f:47:8c:bb:be:38:ce:ef:
         13:f4:1b:35:55:a3:5d:6f:79:eb:d3:32:9f:af:d9:2e:1c:e5:
         6a:02:33:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrNUkyjDoZ3FMmCnDPZxvVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI1MTcxMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZkNzY0NzkxYjU5Y2YxM2JkYWJlOThhNDllOWM1NjFlNzZmMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0193Zqgd31zr4u5RsfVX6u0P9bpK
+pcgi7wt5hoYkFBqCbpU3P/9GjuL9B6t2U2wqMaxtz3SxtQ3VFECPNuPl8c9rU8A
Y26z/l0sEIABMR5Z7spnmpRMn6/CvInCCW1E+JOIs5P/s+Cqh5vyVeMjywZYi2rJ
U6LHbn7qlaDtTLK6vdqgQmKRpMr8W+AtExHFpIrMsSBaLLTjR+NMjaeoyfPzLh0f
alBiysbjWZ46iAmZ10Dc67X4r8l2kdB25R1Gck3t0UuqfLcupE/0labm4mZ0vviP
ScMqQid4Ulf0+ejBoAC6cPwYZ4MQ6UA4k1lL+spfUwl3CXZyXksfaMaYEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL9dkeRtZzxO9q+mKSenFYedvNXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWXYxMlI1RzFuUEU3MnI2WXBKNmNWaDUyODFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDyMA0G
CSqGSIb3DQEBCwUAA4IBAQCSlSMhNbjm3wAke4twHkk8wIZElClmwIa9BpeNx8Zx
f0w3+GCv1SQegC7TehfXf6CAJQZ183S03g2m/eY7UCt8nkrc0e1qquYHyRWWzAgu
sxY2AdtC3FIREOeDVWalcIz3+NDELnPe1h+u3rJkTXfKsUiJrvzLudQX4xsX0ita
LIbcOWZTGqulv1QyS7Uz6lb04G6OVRoWB65UsdUMlyk/yCsVK6jzMktBnyHgBLuu
Z+L00Ao4VKZdXMFw/dtIaHsEdzQh94CuL4N6XJCc+2QoNB9FKmKJBs21FjMmLrxt
demAj0eMu744zu8T9Bs1VaNdb3nr0zKfr9kuHOVqAjMJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org