Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/yUHSIhv_gtcz7OJ7_OMAjorBjao.roa
File:                     yUHSIhv_gtcz7OJ7_OMAjorBjao.roa (raw, json)
Hash identifier:          adAsNObCJTsBIWY6vsLp9YxlnpPTZOT3uNxDZSwZxhw=
Subject key identifier:   C9:41:D2:22:1B:FF:82:D7:33:EC:E2:7B:FC:E3:00:8E:8A:C1:8D:AA
Certificate issuer:       /CN=eaf9788c995130d70eac46c06b226672d25d4185
Certificate serial:       01856F0B6694D9AAA06974D6AA8892B74FF3
Authority key identifier: EA:F9:78:8C:99:51:30:D7:0E:AC:46:C0:6B:22:66:72:D2:5D:41:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6vl4jJlRMNcOrEbAayJmctJdQYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/yUHSIhv_gtcz7OJ7_OMAjorBjao.roa
Signing time:             Sun 01 Jan 2023 20:34:56 +0000
ROA not before:           Sun 01 Jan 2023 20:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28753
IP address blocks:        185.49.68.0/22 maxlen: 22
                          2a01:9260::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:66:94:d9:aa:a0:69:74:d6:aa:88:92:b7:4f:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaf9788c995130d70eac46c06b226672d25d4185
        Validity
            Not Before: Jan  1 20:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c941d2221bff82d733ece27bfce3008e8ac18daa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6f:2a:15:8f:48:a4:15:be:bc:e6:0a:3c:b3:
                    07:e8:d2:f2:26:31:cf:5f:f5:db:80:dc:47:94:0b:
                    78:6e:84:6f:9d:48:29:35:89:94:d2:56:aa:29:5a:
                    e4:34:81:04:8a:d2:f9:f4:a2:13:b8:fb:9b:a9:3a:
                    e5:98:24:f6:d2:7f:a4:a9:0d:29:e8:95:9c:9f:5e:
                    87:7f:97:df:96:b1:f2:34:99:fa:11:fd:6a:08:f2:
                    66:01:fb:23:44:3b:5c:5e:58:b7:bf:63:32:e4:67:
                    f4:60:84:ac:7c:46:cf:a9:79:df:e2:2d:f5:c7:7c:
                    38:e0:aa:a9:cb:bd:e7:1f:4e:fe:85:1a:5f:e3:05:
                    0f:4f:b4:c9:22:85:ea:33:45:ff:c7:bf:4c:30:91:
                    d4:eb:5a:35:cc:55:c9:a3:07:e2:65:b3:59:43:8a:
                    66:d9:70:4f:f8:bf:61:c3:31:a4:53:41:14:11:67:
                    79:de:48:14:f8:67:ee:5e:72:01:34:62:c6:80:8c:
                    cc:38:de:62:f2:1c:99:3d:73:21:d7:89:fd:ad:d2:
                    e9:b7:61:e8:4a:2e:88:d8:83:55:95:c4:de:bd:4c:
                    87:fa:a1:d8:25:e8:bf:ff:a7:f1:f7:99:16:ed:67:
                    da:de:e3:10:28:4e:20:88:19:de:52:f5:4e:ee:d3:
                    bc:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:41:D2:22:1B:FF:82:D7:33:EC:E2:7B:FC:E3:00:8E:8A:C1:8D:AA
            X509v3 Authority Key Identifier:
                keyid:EA:F9:78:8C:99:51:30:D7:0E:AC:46:C0:6B:22:66:72:D2:5D:41:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6vl4jJlRMNcOrEbAayJmctJdQYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/yUHSIhv_gtcz7OJ7_OMAjorBjao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/6vl4jJlRMNcOrEbAayJmctJdQYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.68.0/22
                IPv6:
                  2a01:9260::/32

    Signature Algorithm: sha256WithRSAEncryption
         92:91:5d:8e:f1:1b:25:18:8d:84:d7:a6:78:5a:01:a9:f8:2a:
         68:83:c4:be:c8:a3:ad:7f:e7:c4:09:6d:b6:19:19:2d:79:23:
         64:86:11:f2:44:8d:d4:28:e0:6e:34:a8:5e:fa:3d:a9:d2:6e:
         72:15:e7:dd:45:57:2b:20:4e:26:4e:eb:71:ec:a3:74:9a:7b:
         8a:26:ae:9e:b5:c9:06:2d:c3:39:f4:91:a2:62:6e:19:eb:91:
         b2:ee:78:ea:25:0f:07:6d:44:72:93:e6:0e:50:87:6c:1b:36:
         a7:c5:ce:4d:51:9b:1f:f0:72:81:80:63:48:b1:a3:b6:b2:db:
         82:35:fd:1b:6e:c6:97:d8:e0:9c:e1:91:d3:1a:7b:72:64:86:
         d0:c6:91:21:ef:f8:98:b8:65:bb:7e:65:2d:9e:ec:66:ad:d6:
         da:42:94:48:59:5c:2f:ec:79:73:56:e8:e2:0e:b3:5f:88:4e:
         f5:c1:63:07:50:6a:d9:d7:9b:ed:10:b4:eb:43:12:f1:2f:c3:
         7b:37:bf:fc:f6:3c:7f:41:20:cb:87:2a:58:35:88:2e:b3:de:
         b1:d2:29:99:eb:01:be:44:9b:40:48:46:b6:38:11:dd:6c:6b:
         cd:90:20:5e:d5:f8:ba:c3:e2:23:98:66:d7:08:d0:a6:04:25:
         7c:bd:f9:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC2aU2aqgaXTWqoiSt0/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZjk3ODhjOTk1MTMwZDcwZWFjNDZjMDZiMjI2NjcyZDI1
ZDQxODUwHhcNMjMwMTAxMjAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQxZDIyMjFiZmY4MmQ3MzNlY2UyN2JmY2UzMDA4ZThhYzE4ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW8qFY9IpBW+vOYKPLMH6NLyJjHP
X/XbgNxHlAt4boRvnUgpNYmU0laqKVrkNIEEitL59KITuPubqTrlmCT20n+kqQ0p
6JWcn16Hf5fflrHyNJn6Ef1qCPJmAfsjRDtcXli3v2My5Gf0YISsfEbPqXnf4i31
x3w44Kqpy73nH07+hRpf4wUPT7TJIoXqM0X/x79MMJHU61o1zFXJowfiZbNZQ4pm
2XBP+L9hwzGkU0EUEWd53kgU+GfuXnIBNGLGgIzMON5i8hyZPXMh14n9rdLpt2Ho
Si6I2INVlcTevUyH+qHYJei//6fx95kW7Wfa3uMQKE4giBneUvVO7tO80QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlB0iIb/4LXM+zie/zjAI6KwY2qMB8GA1UdIwQY
MBaAFOr5eIyZUTDXDqxGwGsiZnLSXUGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnZsNGpKbFJNTmNPckViQWF5Sm1jdEpkUVlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81NTk2YjAtYThhNy00NWIwLWIyNDUt
MGZlN2EwZWU2YmQzLzEveVVIU0lodl9ndGN6N09KN19PTUFqb3JCamFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81NTk2YjAtYThhNy00NWIwLWIyNDUtMGZlN2EwZWU2YmQz
LzEvNnZsNGpKbFJNTmNPckViQWF5Sm1jdEpkUVlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTFEMA0E
AgACMAcDBQAqAZJgMA0GCSqGSIb3DQEBCwUAA4IBAQCSkV2O8RslGI2E16Z4WgGp
+Cpog8S+yKOtf+fECW22GRkteSNkhhHyRI3UKOBuNKhe+j2p0m5yFefdRVcrIE4m
Tutx7KN0mnuKJq6etckGLcM59JGiYm4Z65Gy7njqJQ8HbURyk+YOUIdsGzanxc5N
UZsf8HKBgGNIsaO2stuCNf0bbsaX2OCc4ZHTGntyZIbQxpEh7/iYuGW7fmUtnuxm
rdbaQpRIWVwv7HlzVujiDrNfiE71wWMHUGrZ15vtELTrQxLxL8N7N7/89jx/QSDL
hypYNYgus96x0imZ6wG+RJtASEa2OBHdbGvNkCBe1fi6w+IjmGbXCNCmBCV8vfm2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:49 2024 by rpki-client on console-fra.rpki-client.org