Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yApRieLtJhDvqYdpywJ8ksPjLLg.roa
File:                     yApRieLtJhDvqYdpywJ8ksPjLLg.roa (raw, json)
Hash identifier:          Un3d9UZjI1r7oEUmKn0mHF2K+bTv6zcgGSjs0LMzcbY=
Subject key identifier:   C8:0A:51:89:E2:ED:26:10:EF:A9:87:69:CB:02:7C:92:C3:E3:2C:B8
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0186930BBE2F3141EE2131EEBA8D22B588B6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yApRieLtJhDvqYdpywJ8ksPjLLg.roa
Signing time:             Mon 27 Feb 2023 13:24:25 +0000
ROA not before:           Mon 27 Feb 2023 13:24:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50321
IP address blocks:        212.192.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Mar 2023 08:06:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:93:0b:be:2f:31:41:ee:21:31:ee:ba:8d:22:b5:88:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb 27 13:24:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c80a5189e2ed2610efa98769cb027c92c3e32cb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fd:ed:54:f4:60:e1:a1:57:a6:4f:7a:5a:7a:
                    71:59:c3:97:db:b5:0f:c8:de:44:0f:77:20:ad:03:
                    a0:0e:c0:c1:85:08:8c:1d:5f:0e:3c:a6:06:34:9b:
                    d9:fb:bb:f9:d0:97:59:1b:68:81:98:3d:00:05:9b:
                    e3:1f:be:04:5a:e8:ae:bf:35:ca:2c:e8:87:0e:e0:
                    ff:ab:98:a1:a4:87:20:37:a2:32:25:52:8f:c0:4f:
                    d3:f8:9f:e3:93:e3:6a:31:60:b9:61:d8:fb:b9:53:
                    5c:d4:f3:7e:d2:e6:d0:cf:0a:2f:aa:74:fd:7e:96:
                    99:8a:e4:c6:87:fd:31:db:9c:94:43:9d:ba:f7:ec:
                    f4:d4:59:43:45:64:d7:a6:fe:b0:22:3d:4b:2d:23:
                    4b:4b:1b:f3:ca:8b:43:42:d7:dc:9b:06:32:be:03:
                    e3:86:61:b5:2b:ac:d4:59:d0:8e:73:68:45:2a:94:
                    b2:f4:1a:6a:67:fa:f0:df:ae:df:5d:cd:f6:9a:a6:
                    b5:b1:df:32:95:be:bc:3f:e1:79:7c:ed:68:6a:8c:
                    78:3c:82:cb:8d:a9:ee:56:b4:16:fc:53:97:15:d5:
                    a8:1f:45:02:3c:1f:73:31:50:bc:7c:a2:95:ed:bd:
                    22:18:9d:a6:3c:95:2f:24:47:f2:f9:70:0f:c4:99:
                    64:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:0A:51:89:E2:ED:26:10:EF:A9:87:69:CB:02:7C:92:C3:E3:2C:B8
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yApRieLtJhDvqYdpywJ8ksPjLLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:b9:06:43:51:a3:df:fa:dc:5b:c7:3e:76:e2:51:22:24:a1:
         80:37:87:a6:51:91:cb:0f:36:9e:94:49:4a:b5:ff:67:e7:df:
         c8:6d:3e:b3:e0:39:c2:ff:d6:1a:ac:e5:6e:07:6d:c6:32:7e:
         75:dc:1e:9c:c3:0a:b2:67:2e:b1:c9:7d:80:86:35:2e:6e:13:
         c4:bd:be:54:6e:ce:88:37:e5:0b:37:1f:f6:b4:ef:63:66:69:
         0f:33:90:3b:ab:50:5e:a7:55:a1:5c:66:6a:0e:0d:c2:6e:e1:
         a5:e9:15:17:f1:19:d1:bf:b3:67:b7:e1:7c:81:fd:51:0f:ad:
         21:5c:a0:39:d0:de:38:d3:2f:9e:15:11:30:d1:44:80:f8:59:
         a2:ec:e5:bb:1e:cd:78:6b:af:0b:18:0a:6c:57:6a:4b:38:44:
         f5:a6:e6:22:ac:2f:18:32:18:bd:8e:5b:89:b3:61:e7:e0:a9:
         3a:83:78:ac:89:fb:77:5b:6d:22:d3:6e:1e:62:53:c9:d5:93:
         39:df:83:96:f9:ac:85:2e:34:e5:51:65:03:b5:9b:3e:f9:ab:
         6f:f0:5b:2f:db:c3:dd:f4:1b:01:41:aa:a5:9e:aa:94:3f:42:
         8f:54:65:8d:66:d1:e6:dd:00:b2:d5:72:91:c3:0e:3a:9c:10:
         7e:55:93:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaTC74vMUHuITHuuo0itYi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjI3MTMyNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODBhNTE4OWUyZWQyNjEwZWZhOTg3NjljYjAyN2M5MmMzZTMyY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv3tVPRg4aFXpk96WnpxWcOX27UP
yN5ED3cgrQOgDsDBhQiMHV8OPKYGNJvZ+7v50JdZG2iBmD0ABZvjH74EWuiuvzXK
LOiHDuD/q5ihpIcgN6IyJVKPwE/T+J/jk+NqMWC5Ydj7uVNc1PN+0ubQzwovqnT9
fpaZiuTGh/0x25yUQ5269+z01FlDRWTXpv6wIj1LLSNLSxvzyotDQtfcmwYyvgPj
hmG1K6zUWdCOc2hFKpSy9BpqZ/rw367fXc32mqa1sd8ylb68P+F5fO1oaox4PILL
januVrQW/FOXFdWoH0UCPB9zMVC8fKKV7b0iGJ2mPJUvJEfy+XAPxJlkdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgKUYni7SYQ76mHacsCfJLD4yy4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveUFwUmllTHRKaER2cVlkcHl3Sjhrc1BqTExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBRuQZDUaPf+txbxz524lEiJKGAN4emUZHLDzaelElK
tf9n59/IbT6z4DnC/9YarOVuB23GMn513B6cwwqyZy6xyX2AhjUubhPEvb5Ubs6I
N+ULNx/2tO9jZmkPM5A7q1Bep1WhXGZqDg3CbuGl6RUX8RnRv7Nnt+F8gf1RD60h
XKA50N440y+eFREw0USA+Fmi7OW7Hs14a68LGApsV2pLOET1puYirC8YMhi9jluJ
s2Hn4Kk6g3isift3W20i024eYlPJ1ZM534OW+ayFLjTlUWUDtZs++atv8Fsv28Pd
9BsBQaqlnqqUP0KPVGWNZtHm3QCy1XKRww46nBB+VZN5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org