Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/vyOIZG_OS8T_qA7N3SwNtecdqXc.roa
File:                     vyOIZG_OS8T_qA7N3SwNtecdqXc.roa (raw, json)
Hash identifier:          EMIdfY0uXvxZ3KgU372FmXfDLNoAxWB7gS2Pc+cImMk=
Subject key identifier:   BF:23:88:64:6F:CE:4B:C4:FF:A8:0E:CD:DD:2C:0D:B5:E7:1D:A9:77
Certificate issuer:       /CN=57c5a76f28b71ea8dbf999abaab7a659839ac182
Certificate serial:       01856D940F1BA37C2197CD37BBE55E9A70AD
Authority key identifier: 57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/vyOIZG_OS8T_qA7N3SwNtecdqXc.roa
Signing time:             Sun 01 Jan 2023 13:44:57 +0000
ROA not before:           Sun 01 Jan 2023 13:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29186
IP address blocks:        195.85.219.0/24 maxlen: 24
                          193.104.16.0/24 maxlen: 24
                          2001:678:abc::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:34:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:94:0f:1b:a3:7c:21:97:cd:37:bb:e5:5e:9a:70:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57c5a76f28b71ea8dbf999abaab7a659839ac182
        Validity
            Not Before: Jan  1 13:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf2388646fce4bc4ffa80ecddd2c0db5e71da977
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ea:c8:b5:2c:6f:6a:0c:1a:36:8c:74:60:87:
                    7b:96:2c:ec:a2:c4:c7:0b:da:3a:f9:ec:1d:3f:bc:
                    5f:e3:e6:90:d6:ce:8a:0f:3e:f9:3b:82:73:6f:af:
                    b1:41:dc:45:9f:0a:14:b1:af:7a:8f:fe:08:04:75:
                    3b:c1:ec:be:81:73:81:55:63:92:b1:7a:e5:f3:d8:
                    46:c7:c8:ec:f5:ff:d9:cd:c6:53:6b:b2:37:30:9d:
                    9d:5d:0a:7b:0c:57:a0:2f:27:4c:19:38:2d:18:7f:
                    c9:61:40:8e:59:33:55:40:1f:c2:f3:e9:43:92:b7:
                    83:53:e4:b0:f0:f2:6f:cb:4c:a9:09:fc:a5:c0:49:
                    c7:18:4a:b1:c3:04:15:0a:c6:6a:a2:ad:b9:2a:98:
                    24:df:25:ac:08:4a:48:44:a2:a7:b4:9d:8a:98:92:
                    a8:54:2e:20:a8:e3:be:00:83:7c:e2:bd:5c:37:87:
                    29:13:c1:65:13:c4:81:00:0b:f0:8d:24:39:66:0b:
                    fb:f5:03:a1:1a:22:ca:e1:f0:db:51:8c:85:87:a0:
                    12:f0:16:4a:74:6c:9c:bb:df:1e:63:83:11:61:23:
                    a6:e4:7a:0f:d7:28:8a:32:11:58:0c:ba:7e:56:cb:
                    bd:64:40:0d:62:e7:39:3c:cb:cf:7a:95:07:28:48:
                    8a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:23:88:64:6F:CE:4B:C4:FF:A8:0E:CD:DD:2C:0D:B5:E7:1D:A9:77
            X509v3 Authority Key Identifier:
                keyid:57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/vyOIZG_OS8T_qA7N3SwNtecdqXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.16.0/24
                  195.85.219.0/24
                IPv6:
                  2001:678:abc::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:00:11:39:d4:7a:7b:d6:29:ad:99:72:38:8a:22:98:81:3e:
         7e:aa:4b:e1:a6:85:5e:bd:d2:3c:a4:dc:f9:65:6f:10:06:60:
         07:be:e7:f6:eb:ce:f7:37:83:68:bf:ee:63:39:3c:1e:c8:c3:
         97:ec:71:ab:48:e2:0d:1d:6e:6c:c6:8b:b5:6a:e7:11:80:e0:
         3b:6f:99:74:d8:53:15:84:c9:5d:68:21:a9:de:16:4d:2a:54:
         b9:89:60:54:4d:12:e5:02:3a:9d:04:4f:ef:2d:c5:cb:43:3a:
         04:1e:c1:04:41:62:4b:36:c1:93:39:1c:7e:c1:08:fd:cc:db:
         09:09:80:e6:ba:bd:30:ea:f9:4d:80:49:00:34:4a:9d:57:26:
         76:a2:fd:ca:f8:72:be:ec:55:58:a6:6c:0c:66:c1:7b:e2:6f:
         01:0c:3b:f6:79:62:f7:b1:60:c2:2f:78:22:26:7a:48:79:e3:
         f7:cf:10:8b:4a:56:c1:14:9c:a7:8f:5e:26:f5:d0:bb:27:74:
         22:88:12:fa:ca:89:79:1a:36:5a:17:c4:45:98:5c:f0:ff:1e:
         a0:bf:55:7d:e8:15:8f:cb:cf:eb:8e:18:e4:f6:f9:df:36:3b:
         fa:e7:e8:ee:56:64:f9:23:c1:1d:fc:9e:aa:fe:4b:d3:0b:16:
         e0:57:44:f6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtlA8bo3whl803u+VemnCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzVhNzZmMjhiNzFlYThkYmY5OTlhYmFhYjdhNjU5ODM5
YWMxODIwHhcNMjMwMTAxMTM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIzODg2NDZmY2U0YmM0ZmZhODBlY2RkZDJjMGRiNWU3MWRhOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOrItSxvagwaNox0YId7lizsosTH
C9o6+ewdP7xf4+aQ1s6KDz75O4Jzb6+xQdxFnwoUsa96j/4IBHU7wey+gXOBVWOS
sXrl89hGx8js9f/ZzcZTa7I3MJ2dXQp7DFegLydMGTgtGH/JYUCOWTNVQB/C8+lD
kreDU+Sw8PJvy0ypCfylwEnHGEqxwwQVCsZqoq25Kpgk3yWsCEpIRKKntJ2KmJKo
VC4gqOO+AIN84r1cN4cpE8FlE8SBAAvwjSQ5Zgv79QOhGiLK4fDbUYyFh6AS8BZK
dGycu98eY4MRYSOm5HoP1yiKMhFYDLp+Vsu9ZEANYuc5PMvPepUHKEiKDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL8jiGRvzkvE/6gOzd0sDbXnHal3MB8GA1UdIwQY
MBaAFFfFp28otx6o2/mZq6q3plmDmsGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEt
NmE2ODI1MWYxMzg3LzEvdnlPSVpHX09TOFRfcUE3TjNTd050ZWNkcVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEtNmE2ODI1MWYxMzg3
LzEvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWgQAwQA
w1XbMA8EAgACMAkDBwAgAQZ4CrwwDQYJKoZIhvcNAQELBQADggEBAIAAETnUenvW
Ka2ZcjiKIpiBPn6qS+GmhV690jyk3PllbxAGYAe+5/brzvc3g2i/7mM5PB7Iw5fs
catI4g0dbmzGi7Vq5xGA4DtvmXTYUxWEyV1oIaneFk0qVLmJYFRNEuUCOp0ET+8t
xctDOgQewQRBYks2wZM5HH7BCP3M2wkJgOa6vTDq+U2ASQA0Sp1XJnai/cr4cr7s
VVimbAxmwXvibwEMO/Z5YvexYMIveCImekh54/fPEItKVsEUnKePXib10LsndCKI
EvrKiXkaNloXxEWYXPD/HqC/VX3oFY/Lz+uOGOT2+d82O/rn6O5WZPkjwR38nqr+
S9MLFuBXRPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:14 2024 by rpki-client on console-ams.rpki-client.org