Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ytGsfhzIfgQTEGpk57QV5h4qdlU.roa
File:                     ytGsfhzIfgQTEGpk57QV5h4qdlU.roa (raw, json)
Hash identifier:          zL+77GbsM6wxb1BUJvlPYKnfF3lNk+MrEewKuSpQKB8=
Subject key identifier:   CA:D1:AC:7E:1C:C8:7E:04:13:10:6A:64:E7:B4:15:E6:1E:2A:76:55
Certificate issuer:       /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial:       018571309E8181359B2C42E75FB9C220D467
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ytGsfhzIfgQTEGpk57QV5h4qdlU.roa
Signing time:             Mon 02 Jan 2023 06:34:49 +0000
ROA not before:           Mon 02 Jan 2023 06:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211613
IP address blocks:        95.161.92.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:30:9e:81:81:35:9b:2c:42:e7:5f:b9:c2:20:d4:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
        Validity
            Not Before: Jan  2 06:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cad1ac7e1cc87e0413106a64e7b415e61e2a7655
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:16:5b:17:94:cf:38:7f:8d:fd:44:dc:eb:d2:
                    25:62:39:ee:55:d7:fd:e0:4e:e0:25:a5:72:10:45:
                    9b:85:1d:4a:95:9d:c9:ff:f2:11:16:b6:87:0f:1f:
                    05:2c:a4:77:26:63:f3:a5:98:a6:40:71:ba:c4:c8:
                    c5:61:d6:e5:0b:2a:83:d9:79:24:14:f4:fe:3a:df:
                    71:42:a4:d3:fa:fa:a7:83:9a:82:8a:a0:5e:95:9f:
                    3b:e1:8c:ca:0d:e4:26:71:93:42:0a:c8:f9:3d:b0:
                    d8:d4:79:81:85:32:b0:86:2e:05:39:a2:98:0e:31:
                    04:d7:ce:5a:90:48:d8:54:2b:aa:1c:b7:97:13:42:
                    0f:e6:e9:74:83:5b:f8:fb:b4:49:5c:66:7a:40:3c:
                    f4:26:d8:81:f0:b0:ae:8f:5f:49:bf:5f:a3:1b:2b:
                    a8:07:e7:17:e0:eb:e2:b0:79:35:0b:8e:85:ac:fd:
                    5c:56:ef:74:a5:56:7c:2e:2e:a6:43:5e:af:5b:92:
                    24:27:70:76:66:df:7c:6a:e1:2a:cd:d4:1f:23:53:
                    c7:f9:c2:07:1d:8d:cd:1e:f7:02:17:51:95:46:a2:
                    8d:30:2a:fb:8b:8f:fe:05:d0:86:6b:d3:f8:d5:1b:
                    54:62:4c:a8:61:27:ce:42:13:d5:f9:49:11:a7:cf:
                    96:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:D1:AC:7E:1C:C8:7E:04:13:10:6A:64:E7:B4:15:E6:1E:2A:76:55
            X509v3 Authority Key Identifier:
                keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ytGsfhzIfgQTEGpk57QV5h4qdlU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.161.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:3e:1b:e4:40:d2:93:86:a8:51:cf:40:7a:f8:7c:0e:81:4b:
         65:df:73:1f:11:1a:aa:53:ad:85:43:96:20:c3:ce:d7:c4:2d:
         0c:5f:58:1c:df:28:73:a1:84:52:53:bc:8b:e9:d3:2a:47:0d:
         e2:0d:0a:d0:d0:9a:f2:08:05:c8:0b:81:a6:0e:c0:83:a9:93:
         bb:06:6e:64:0a:b4:7d:16:6b:3b:ba:89:f2:1c:48:42:d1:8c:
         bd:6c:99:0d:8c:98:c5:bd:d2:f0:9d:3c:e8:8b:62:f6:c6:5a:
         ad:f8:ac:87:f1:b8:49:6b:40:bd:f7:a5:03:b8:39:4e:2b:0a:
         51:d2:2d:67:3c:8f:b0:21:ff:33:fb:24:2e:dd:d4:32:67:02:
         19:2c:e2:c9:ed:b2:a3:db:0c:5e:2b:ae:fe:0b:af:6b:dd:cd:
         a6:0d:5d:26:fc:83:62:ad:fd:f7:d5:0a:07:35:89:99:1e:16:
         2b:b0:5e:e2:dc:b4:f6:de:d8:24:44:fc:30:43:e9:8f:30:62:
         41:da:89:72:bf:6e:f4:59:90:6f:6a:f9:05:63:92:f9:c0:81:
         97:13:01:ed:53:32:ce:f9:9a:ba:58:81:43:f0:2f:97:e3:23:
         18:80:25:0c:e3:ae:b5:ff:e5:7d:e4:db:f7:7d:14:b4:fe:00:
         0b:e1:5d:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMJ6BgTWbLELnX7nCINRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwMTAyMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQxYWM3ZTFjYzg3ZTA0MTMxMDZhNjRlN2I0MTVlNjFlMmE3NjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxZbF5TPOH+N/UTc69IlYjnuVdf9
4E7gJaVyEEWbhR1KlZ3J//IRFraHDx8FLKR3JmPzpZimQHG6xMjFYdblCyqD2Xkk
FPT+Ot9xQqTT+vqng5qCiqBelZ874YzKDeQmcZNCCsj5PbDY1HmBhTKwhi4FOaKY
DjEE185akEjYVCuqHLeXE0IP5ul0g1v4+7RJXGZ6QDz0JtiB8LCuj19Jv1+jGyuo
B+cX4OvisHk1C46FrP1cVu90pVZ8Li6mQ16vW5IkJ3B2Zt98auEqzdQfI1PH+cIH
HY3NHvcCF1GVRqKNMCr7i4/+BdCGa9P41RtUYkyoYSfOQhPV+UkRp8+W5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrRrH4cyH4EExBqZOe0FeYeKnZVMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEveXRHc2ZoeklmZ1FURUdwazU3UVY1aDRxZGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX6FcMA0G
CSqGSIb3DQEBCwUAA4IBAQB0PhvkQNKThqhRz0B6+HwOgUtl33MfERqqU62FQ5Yg
w87XxC0MX1gc3yhzoYRSU7yL6dMqRw3iDQrQ0JryCAXIC4GmDsCDqZO7Bm5kCrR9
Fms7uonyHEhC0Yy9bJkNjJjFvdLwnTzoi2L2xlqt+KyH8bhJa0C996UDuDlOKwpR
0i1nPI+wIf8z+yQu3dQyZwIZLOLJ7bKj2wxeK67+C69r3c2mDV0m/INirf331QoH
NYmZHhYrsF7i3LT23tgkRPwwQ+mPMGJB2olyv270WZBvavkFY5L5wIGXEwHtUzLO
+Zq6WIFD8C+X4yMYgCUM4661/+V95Nv3fRS0/gAL4V3q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:56 2024 by rpki-client on console-fra.rpki-client.org