Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/y5Q8Ixg7Zi4PP0nTRKo3ikkTtPE.roa
File:                     y5Q8Ixg7Zi4PP0nTRKo3ikkTtPE.roa (raw, json)
Hash identifier:          mcr09B4Zw9AgugSUIPClugoKy+8SLgaYvGrS+H/KfD4=
Subject key identifier:   CB:94:3C:23:18:3B:66:2E:0F:3F:49:D3:44:AA:37:8A:49:13:B4:F1
Certificate issuer:       /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial:       018572BA9009520730BBC6B78E63DA83A2DB
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/y5Q8Ixg7Zi4PP0nTRKo3ikkTtPE.roa
Signing time:             Mon 02 Jan 2023 13:45:07 +0000
ROA not before:           Mon 02 Jan 2023 13:45:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20900
IP address blocks:        194.4.7.0/24 maxlen: 24
                          194.4.10.0/24 maxlen: 24
                          194.4.13.0/24 maxlen: 24
                          194.4.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:90:09:52:07:30:bb:c6:b7:8e:63:da:83:a2:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
        Validity
            Not Before: Jan  2 13:45:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb943c23183b662e0f3f49d344aa378a4913b4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ec:b8:70:37:35:6d:e8:16:f9:87:6c:48:e0:
                    f5:09:87:06:88:64:23:c0:c0:50:30:19:39:18:da:
                    78:b2:0d:3f:9f:e6:d3:9e:17:63:b1:bb:d5:cb:eb:
                    9c:7d:3a:f2:51:8f:93:b1:9f:da:cf:a8:59:60:62:
                    46:93:b5:45:14:77:3f:18:f4:86:7b:97:02:36:54:
                    aa:1b:82:81:2b:1d:71:c0:4d:63:c1:5e:c3:40:77:
                    0b:1c:eb:62:a0:9f:c0:c5:59:33:00:d5:84:6e:33:
                    1c:b0:96:0b:29:b5:69:88:ba:76:b5:13:c0:ac:fd:
                    9d:d7:b2:3a:25:e4:96:9d:91:29:5c:82:6e:24:5e:
                    44:c8:dc:80:97:d8:5d:72:98:ac:c5:12:af:9a:4b:
                    21:72:ea:a2:75:20:e9:7a:dd:fc:ee:d8:67:57:c1:
                    31:14:01:ca:f7:6c:30:0d:99:ce:c4:41:ab:eb:76:
                    7b:d1:ec:64:87:ab:79:9c:65:50:ea:80:b7:42:ce:
                    14:b9:b5:3a:a3:33:3c:1b:ca:8f:3a:a8:11:1c:45:
                    c0:cc:de:59:48:28:0a:1c:bd:ae:55:c2:c2:3a:60:
                    73:b4:b9:9d:e2:5f:ac:f4:12:fd:c9:c1:c0:0a:75:
                    d8:a4:26:43:82:dc:ac:b5:25:88:36:da:37:d6:1b:
                    e8:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:94:3C:23:18:3B:66:2E:0F:3F:49:D3:44:AA:37:8A:49:13:B4:F1
            X509v3 Authority Key Identifier:
                keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/y5Q8Ixg7Zi4PP0nTRKo3ikkTtPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.4.7.0/24
                  194.4.10.0/24
                  194.4.12.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:3d:ac:1b:24:b1:20:cb:70:2e:e2:44:18:bc:0e:b1:93:16:
         d4:59:0c:c9:d8:5a:24:17:4d:bb:9f:3f:7c:5d:2b:d2:75:ec:
         2a:24:98:e8:a6:1f:9a:83:6a:42:52:c3:0b:27:86:a1:16:51:
         a8:45:a1:52:4c:5e:52:29:f2:7d:15:17:6b:86:9d:50:b3:02:
         07:ff:a2:d6:8c:c9:07:21:08:46:0c:ed:68:b2:ba:b4:b4:19:
         3a:1d:c7:c7:7c:14:c5:a9:f5:21:6c:3e:f1:d2:25:13:81:88:
         1e:98:c4:b6:c4:50:a3:ee:b5:5f:e8:6f:46:dd:a3:39:11:33:
         60:76:6d:a2:61:96:72:0b:5f:54:1d:b1:6e:4c:d8:6a:f1:e0:
         a3:6d:f4:f8:3d:e6:f3:22:10:20:b3:8f:7b:8b:a0:98:ec:e4:
         c8:4b:a8:56:08:1a:39:51:da:5b:a3:a3:57:6d:12:17:ea:85:
         fb:f2:14:bc:75:cb:fb:51:2e:0d:e7:12:20:12:f2:68:fb:b4:
         d4:8b:af:73:5d:6e:b3:56:6d:68:2f:dd:61:e9:4c:76:a3:eb:
         e3:ed:f6:fb:4c:8a:f4:88:79:54:93:d6:2b:65:7a:cf:86:d5:
         cf:99:76:57:4b:05:ed:a8:bc:57:46:04:16:31:39:ab:1a:00:
         58:33:d1:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyupAJUgcwu8a3jmPag6LbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjMwMTAyMTM0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk0M2MyMzE4M2I2NjJlMGYzZjQ5ZDM0NGFhMzc4YTQ5MTNiNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOy4cDc1begW+YdsSOD1CYcGiGQj
wMBQMBk5GNp4sg0/n+bTnhdjsbvVy+ucfTryUY+TsZ/az6hZYGJGk7VFFHc/GPSG
e5cCNlSqG4KBKx1xwE1jwV7DQHcLHOtioJ/AxVkzANWEbjMcsJYLKbVpiLp2tRPA
rP2d17I6JeSWnZEpXIJuJF5EyNyAl9hdcpisxRKvmkshcuqidSDpet387thnV8Ex
FAHK92wwDZnOxEGr63Z70exkh6t5nGVQ6oC3Qs4UubU6ozM8G8qPOqgRHEXAzN5Z
SCgKHL2uVcLCOmBztLmd4l+s9BL9ycHACnXYpCZDgtystSWINto31hvoewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMuUPCMYO2YuDz9J00SqN4pJE7TxMB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEveTVROEl4ZzdaaTRQUDBuVFJLbzNpa2tUdFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgQHAwQA
wgQKAwQBwgQMMA0GCSqGSIb3DQEBCwUAA4IBAQCnPawbJLEgy3Au4kQYvA6xkxbU
WQzJ2FokF027nz98XSvSdewqJJjoph+ag2pCUsMLJ4ahFlGoRaFSTF5SKfJ9FRdr
hp1QswIH/6LWjMkHIQhGDO1osrq0tBk6HcfHfBTFqfUhbD7x0iUTgYgemMS2xFCj
7rVf6G9G3aM5ETNgdm2iYZZyC19UHbFuTNhq8eCjbfT4PebzIhAgs497i6CY7OTI
S6hWCBo5Udpbo6NXbRIX6oX78hS8dcv7US4N5xIgEvJo+7TUi69zXW6zVm1oL91h
6Ux2o+vj7fb7TIr0iHlUk9YrZXrPhtXPmXZXSwXtqLxXRgQWMTmrGgBYM9Gu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org