Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/YzzR5BLsB2l-JSK-GjCOvVzyW1E.roa
File:                     YzzR5BLsB2l-JSK-GjCOvVzyW1E.roa (raw, json)
Hash identifier:          6pTJwhBWQJaHz2C+coleJvNlqg+UIB6d9SwXgveDSdg=
Subject key identifier:   63:3C:D1:E4:12:EC:07:69:7E:25:22:BE:1A:30:8E:BD:5C:F2:5B:51
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       018570028A3C3ADBC482EC0F6A9B64E43F25
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/YzzR5BLsB2l-JSK-GjCOvVzyW1E.roa
Signing time:             Mon 02 Jan 2023 01:04:52 +0000
ROA not before:           Mon 02 Jan 2023 01:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61418
IP address blocks:        195.87.95.0/24 maxlen: 24
                          195.87.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:8a:3c:3a:db:c4:82:ec:0f:6a:9b:64:e4:3f:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=633cd1e412ec07697e2522be1a308ebd5cf25b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2f:63:fb:12:31:0a:b6:61:84:05:77:c7:02:
                    3f:27:23:f8:2f:96:90:2a:3e:8f:e3:90:87:0c:11:
                    d8:57:ef:b8:e7:db:cb:60:ce:92:ed:5e:a4:8c:30:
                    04:f0:25:d2:42:74:2b:af:7c:f1:79:20:fc:a9:02:
                    66:5f:32:53:db:d4:7f:c2:a7:ec:67:f1:ad:6d:bf:
                    3a:ea:17:74:bd:95:b4:58:38:1e:27:00:0e:c5:3f:
                    1e:ae:7f:5d:af:37:42:3d:e4:4c:96:09:b0:70:81:
                    75:f9:32:90:16:8d:e7:f3:e3:a4:5a:ed:63:77:40:
                    32:dc:ad:ca:43:9e:ff:9a:98:26:0b:38:24:06:63:
                    25:31:be:9f:08:41:89:50:87:3f:b3:75:88:42:b0:
                    06:f1:3a:44:db:e8:f9:d5:bd:ee:f8:93:2a:f8:27:
                    54:8f:2c:cf:99:42:6e:f6:9d:05:a5:7f:a9:a5:9d:
                    09:56:29:5b:53:33:62:2e:d9:16:6e:27:21:06:0e:
                    31:c2:3c:5b:8d:0a:70:3a:71:3a:50:be:41:37:52:
                    01:01:71:79:0b:c2:0c:a5:f5:a3:2a:5f:9e:40:21:
                    56:b3:9b:b3:f2:16:28:bf:74:7e:cf:e0:41:8e:08:
                    c4:9b:73:56:72:c6:89:ed:ff:92:f2:a8:a1:95:bf:
                    34:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:3C:D1:E4:12:EC:07:69:7E:25:22:BE:1A:30:8E:BD:5C:F2:5B:51
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/YzzR5BLsB2l-JSK-GjCOvVzyW1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.87.95.0/24
                  195.87.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:88:6e:c1:7a:d8:e1:e9:65:8e:70:ad:85:eb:33:d9:05:3e:
         d5:f0:31:37:4d:d5:0f:49:52:b6:0a:87:57:23:99:ce:e7:e6:
         c7:68:58:f5:b3:5f:7a:ba:b7:ba:e1:a2:b3:24:95:1d:76:9b:
         b1:ab:dc:3d:cc:4c:a1:77:3e:4a:13:d8:cc:ae:8a:99:32:92:
         a6:fd:3f:da:17:61:52:07:ce:42:4d:5b:80:65:32:26:40:29:
         57:6f:71:8d:66:eb:ad:97:2f:4e:47:b8:8c:68:2d:0f:cf:26:
         c9:f6:59:d9:0b:ea:3f:5b:2b:e1:85:1b:d0:bd:77:fa:1e:13:
         41:c3:07:82:bf:5b:e0:07:c6:0a:c3:cf:b2:e9:db:e7:88:39:
         e7:df:b3:c2:ab:9e:8e:08:72:90:01:79:29:1d:f3:37:3f:c5:
         cc:2d:9e:b0:9e:3d:89:d5:57:99:fe:b1:d7:a8:a9:8a:36:15:
         aa:d3:26:39:d8:7c:ec:3d:c3:26:75:ce:9c:50:ff:ba:b1:80:
         74:fd:83:db:23:a3:54:d2:a5:40:d1:8f:f4:24:e8:c3:a7:20:
         95:c6:89:6c:83:92:25:4f:53:99:4d:47:59:ff:62:73:e3:fd:
         da:a6:fe:14:2d:f8:b2:70:96:31:a2:25:97:85:0f:e5:70:2b:
         aa:a4:ee:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAoo8OtvEguwPaptk5D8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNjZDFlNDEyZWMwNzY5N2UyNTIyYmUxYTMwOGViZDVjZjI1YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi9j+xIxCrZhhAV3xwI/JyP4L5aQ
Kj6P45CHDBHYV++459vLYM6S7V6kjDAE8CXSQnQrr3zxeSD8qQJmXzJT29R/wqfs
Z/Gtbb866hd0vZW0WDgeJwAOxT8ern9drzdCPeRMlgmwcIF1+TKQFo3n8+OkWu1j
d0Ay3K3KQ57/mpgmCzgkBmMlMb6fCEGJUIc/s3WIQrAG8TpE2+j51b3u+JMq+CdU
jyzPmUJu9p0FpX+ppZ0JVilbUzNiLtkWbichBg4xwjxbjQpwOnE6UL5BN1IBAXF5
C8IMpfWjKl+eQCFWs5uz8hYov3R+z+BBjgjEm3NWcsaJ7f+S8qihlb80zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGM80eQS7AdpfiUivhowjr1c8ltRMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvWXp6UjVCTHNCMmwtSlNLLUdqQ092Vnp5VzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw1dfAwQA
w1d9MA0GCSqGSIb3DQEBCwUAA4IBAQBDiG7Betjh6WWOcK2F6zPZBT7V8DE3TdUP
SVK2CodXI5nO5+bHaFj1s196ure64aKzJJUddpuxq9w9zEyhdz5KE9jMroqZMpKm
/T/aF2FSB85CTVuAZTImQClXb3GNZuutly9OR7iMaC0PzybJ9lnZC+o/WyvhhRvQ
vXf6HhNBwweCv1vgB8YKw8+y6dvniDnn37PCq56OCHKQAXkpHfM3P8XMLZ6wnj2J
1VeZ/rHXqKmKNhWq0yY52HzsPcMmdc6cUP+6sYB0/YPbI6NU0qVA0Y/0JOjDpyCV
xolsg5IlT1OZTUdZ/2Jz4/3apv4ULfiycJYxoiWXhQ/lcCuqpO6K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org