Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/WYT4dLwdGBd6fhUEvg-FD6v6s1A.roa
File:                     WYT4dLwdGBd6fhUEvg-FD6v6s1A.roa (raw, json)
Hash identifier:          zo1BrXy5NOe8fmfAlMNboj+pIcb+4xg9QTKLU1ZQA7M=
Subject key identifier:   59:84:F8:74:BC:1D:18:17:7A:7E:15:04:BE:0F:85:0F:AB:FA:B3:50
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       018A3AFF3A5171591E4AB4EB11DF24D01A08
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/WYT4dLwdGBd6fhUEvg-FD6v6s1A.roa
Signing time:             Mon 28 Aug 2023 07:15:19 +0000
ROA not before:           Mon 28 Aug 2023 07:15:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43289
IP address blocks:        92.243.67.0/24 maxlen: 24
                          2a03:f80:373::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:3a:ff:3a:51:71:59:1e:4a:b4:eb:11:df:24:d0:1a:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: Aug 28 07:15:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5984f874bc1d18177a7e1504be0f850fabfab350
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:86:47:0b:da:46:98:f2:4e:6c:94:97:83:84:
                    91:e3:97:0c:fb:39:57:99:fb:08:b8:df:e1:af:0a:
                    f3:0a:f4:16:be:c6:72:62:0e:cb:2f:d9:98:27:73:
                    b3:7d:9c:66:b0:96:5e:9a:e4:4b:3a:24:b1:11:74:
                    6c:d3:7b:e1:64:31:17:df:33:af:3e:b0:2f:f3:56:
                    8b:19:1c:74:aa:13:1b:b7:5a:42:af:8e:54:78:20:
                    e0:e5:3c:dc:87:11:3c:53:65:7e:01:8a:3b:23:06:
                    25:97:49:a4:d4:e8:b2:81:12:d6:de:88:ae:7a:25:
                    94:29:22:89:f1:22:c4:4f:af:88:fa:10:3c:53:6f:
                    df:db:51:7c:51:c3:02:b3:cd:2c:39:6a:23:d5:fc:
                    88:51:f1:d3:60:b4:b8:28:07:bd:fb:3a:4e:d2:7b:
                    b7:6b:81:fa:37:4e:ba:86:85:5d:1f:81:ce:24:d0:
                    95:12:07:96:54:a5:54:0b:d6:b3:77:a0:86:c2:cd:
                    11:e1:91:4f:2e:54:be:aa:e7:5a:d0:05:df:48:97:
                    7e:ef:77:a2:43:45:76:af:64:47:99:5e:c5:4e:88:
                    53:8c:d8:21:39:69:42:ca:dd:6a:11:21:0b:dc:bb:
                    55:9a:e8:52:85:6a:92:9d:13:c0:59:8a:ea:b8:a3:
                    92:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:84:F8:74:BC:1D:18:17:7A:7E:15:04:BE:0F:85:0F:AB:FA:B3:50
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/WYT4dLwdGBd6fhUEvg-FD6v6s1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.243.67.0/24
                IPv6:
                  2a03:f80:373::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:d0:6f:94:c0:cf:a2:da:75:ec:c4:78:39:9e:20:88:d7:0f:
         d8:c7:fc:21:d5:43:1e:c4:5f:e6:c4:4a:fd:3a:45:bb:9c:f5:
         08:66:5e:52:37:0b:98:8e:ae:da:c1:68:7d:6c:d4:6d:75:81:
         ba:b2:0a:21:6b:bf:d4:9b:5a:b3:2f:00:c6:a3:cc:37:b6:4e:
         23:94:27:d4:9c:f4:a1:4f:8a:e6:d3:d0:68:0f:ae:5b:57:38:
         5e:6b:37:6d:90:24:a1:a4:b1:9b:63:e7:44:cc:23:9d:dc:27:
         5d:49:f6:4b:4a:81:c5:28:ce:05:b3:08:7b:85:b1:3a:13:1a:
         c2:6b:1b:cc:91:27:46:83:4a:62:ec:35:ae:27:f3:a3:a5:2a:
         07:75:1e:e3:e5:99:58:8c:bb:22:e8:0f:93:0d:79:31:06:be:
         5f:7a:cf:e2:2e:72:a5:7b:89:0c:79:48:a5:eb:87:4d:9e:a2:
         f6:6d:a7:7e:6f:7f:16:44:9b:3b:3d:f4:c6:af:24:c3:af:14:
         cc:43:fc:94:9b:5c:72:3f:16:44:f1:54:38:bd:be:26:68:b8:
         f3:f5:03:31:9e:4c:71:0e:e3:79:e3:64:db:cd:9d:51:7d:5c:
         14:cf:83:a7:51:00:18:99:41:ac:1d:fa:f1:e5:bb:66:71:ae:
         f0:22:7d:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo6/zpRcVkeSrTrEd8k0BoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwODI4MDcxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTg0Zjg3NGJjMWQxODE3N2E3ZTE1MDRiZTBmODUwZmFiZmFiMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYZHC9pGmPJObJSXg4SR45cM+zlX
mfsIuN/hrwrzCvQWvsZyYg7LL9mYJ3OzfZxmsJZemuRLOiSxEXRs03vhZDEX3zOv
PrAv81aLGRx0qhMbt1pCr45UeCDg5TzchxE8U2V+AYo7IwYll0mk1OiygRLW3oiu
eiWUKSKJ8SLET6+I+hA8U2/f21F8UcMCs80sOWoj1fyIUfHTYLS4KAe9+zpO0nu3
a4H6N066hoVdH4HOJNCVEgeWVKVUC9azd6CGws0R4ZFPLlS+quda0AXfSJd+73ei
Q0V2r2RHmV7FTohTjNghOWlCyt1qESEL3LtVmuhShWqSnRPAWYrquKOS+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFmE+HS8HRgXen4VBL4PhQ+r+rNQMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvV1lUNGRMd2RHQmQ2ZmhVRXZnLUZENnY2czFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXPNDMA8E
AgACMAkDBwAqAw+AA3MwDQYJKoZIhvcNAQELBQADggEBAIzQb5TAz6LadezEeDme
IIjXD9jH/CHVQx7EX+bESv06Rbuc9QhmXlI3C5iOrtrBaH1s1G11gbqyCiFrv9Sb
WrMvAMajzDe2TiOUJ9Sc9KFPiubT0GgPrltXOF5rN22QJKGksZtj50TMI53cJ11J
9ktKgcUozgWzCHuFsToTGsJrG8yRJ0aDSmLsNa4n86OlKgd1HuPlmViMuyLoD5MN
eTEGvl96z+IucqV7iQx5SKXrh02eovZtp35vfxZEmzs99MavJMOvFMxD/JSbXHI/
FkTxVDi9viZouPP1AzGeTHEO43njZNvNnVF9XBTPg6dRABiZQawd+vHlu2ZxrvAi
fQg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org