Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/YAE_rdK1s3sDaCIa-uAxWop5iPE.roa
File:                     YAE_rdK1s3sDaCIa-uAxWop5iPE.roa (raw, json)
Hash identifier:          bGc1q/krfqydKBDBI1213241dN7HEj24nW9/xzH4Gic=
Subject key identifier:   60:01:3F:AD:D2:B5:B3:7B:03:68:22:1A:FA:E0:31:5A:8A:79:88:F1
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0189539130CB84FA4F4E88B7479F4991DA8B
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/YAE_rdK1s3sDaCIa-uAxWop5iPE.roa
Signing time:             Fri 14 Jul 2023 08:42:51 +0000
ROA not before:           Fri 14 Jul 2023 08:42:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        45.134.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Sep 2023 02:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:53:91:30:cb:84:fa:4f:4e:88:b7:47:9f:49:91:da:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jul 14 08:42:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60013fadd2b5b37b0368221afae0315a8a7988f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:71:db:35:4e:ad:57:47:d8:6f:da:b7:48:20:
                    de:0c:cb:a2:93:94:03:1c:87:c2:5f:e2:7b:8d:d9:
                    99:75:31:7c:a0:b6:7f:a3:30:7c:47:6c:91:7a:7c:
                    e9:a2:d7:78:32:10:b5:c2:85:2b:bc:5a:c2:23:7a:
                    ae:d6:a5:be:76:37:b2:51:a3:fa:75:74:4d:f2:6c:
                    c0:72:c5:e9:6b:b5:2f:f8:a5:9b:2e:cb:25:ca:d8:
                    38:90:72:a5:5e:15:e2:cc:1a:37:05:05:3d:a2:d0:
                    3e:fc:39:ba:68:42:b1:c6:88:ca:48:97:c5:a6:7d:
                    50:81:4b:ff:e7:8c:28:31:35:b1:1d:b1:2a:dc:f2:
                    f7:5b:c7:a2:2e:f2:2e:e3:11:c3:2f:d1:da:de:a3:
                    54:6d:cf:e3:08:47:61:3b:bf:7b:d8:89:97:d1:8d:
                    fa:25:81:c1:ff:16:ac:10:e1:99:40:5a:4e:60:ca:
                    bf:3b:ba:ce:63:13:15:7f:ba:59:0d:1e:83:0e:f9:
                    99:11:48:79:7b:49:a8:4b:cf:3b:54:7e:ac:fd:db:
                    93:5e:bd:a9:b1:a9:4f:da:aa:bb:36:95:4b:a3:04:
                    c8:11:74:8b:7a:73:23:c9:91:11:33:7d:c2:e9:4d:
                    98:e2:75:75:17:54:3a:6d:dd:28:b1:e6:4e:1e:99:
                    2e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:01:3F:AD:D2:B5:B3:7B:03:68:22:1A:FA:E0:31:5A:8A:79:88:F1
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/YAE_rdK1s3sDaCIa-uAxWop5iPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:6a:8c:c2:e0:c2:c2:5a:88:52:67:0e:cb:65:31:bf:4d:7e:
         e0:e6:55:56:4d:82:c3:47:3f:58:62:44:85:a8:e6:86:e4:9e:
         db:9e:39:58:10:df:a9:b8:19:69:d7:17:26:c6:b1:1e:ff:76:
         84:d8:f9:f8:33:87:dc:e8:b0:47:c8:b7:03:d9:20:34:85:01:
         e9:fc:b6:44:23:4d:4f:bb:45:8b:29:d8:94:c6:42:bf:c8:15:
         99:09:09:29:b4:39:85:c5:ba:43:b1:99:88:5f:4c:fa:31:d8:
         83:b2:a2:5e:04:60:cb:02:ce:0c:c2:bf:cb:ec:9f:af:7a:e4:
         12:91:b6:5a:41:2f:d0:05:37:66:15:d4:1e:5c:fe:a1:97:e0:
         f1:06:c2:89:31:a0:e9:7d:41:05:84:4e:6f:bb:dc:86:f1:cd:
         14:78:a6:d6:7b:5e:93:c8:32:5f:01:f1:67:cf:13:49:0d:5f:
         e4:06:3c:72:25:b8:f5:7a:2e:d2:57:95:43:b9:9f:1e:63:2f:
         93:d3:49:18:87:fa:d6:12:fe:8c:c9:90:5b:9f:b8:6b:f8:d9:
         ac:ac:93:8c:3e:03:d7:da:8c:1a:8c:2b:74:ab:89:93:b2:e6:
         06:ed:68:31:26:48:36:81:34:0a:2d:9a:8c:90:f2:f7:44:38:
         8e:2a:16:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlTkTDLhPpPToi3R59JkdqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNzE0MDg0MjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDAxM2ZhZGQyYjViMzdiMDM2ODIyMWFmYWUwMzE1YThhNzk4OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXHbNU6tV0fYb9q3SCDeDMuik5QD
HIfCX+J7jdmZdTF8oLZ/ozB8R2yRenzpotd4MhC1woUrvFrCI3qu1qW+djeyUaP6
dXRN8mzAcsXpa7Uv+KWbLsslytg4kHKlXhXizBo3BQU9otA+/Dm6aEKxxojKSJfF
pn1QgUv/54woMTWxHbEq3PL3W8eiLvIu4xHDL9Ha3qNUbc/jCEdhO7972ImX0Y36
JYHB/xasEOGZQFpOYMq/O7rOYxMVf7pZDR6DDvmZEUh5e0moS887VH6s/duTXr2p
salP2qq7NpVLowTIEXSLenMjyZERM33C6U2Y4nV1F1Q6bd0oseZOHpkugwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGABP63StbN7A2giGvrgMVqKeYjxMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWUFFX3JkSzFzM3NEYUNJYS11QXhXb3A1aVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYkMA0G
CSqGSIb3DQEBCwUAA4IBAQBcaozC4MLCWohSZw7LZTG/TX7g5lVWTYLDRz9YYkSF
qOaG5J7bnjlYEN+puBlp1xcmxrEe/3aE2Pn4M4fc6LBHyLcD2SA0hQHp/LZEI01P
u0WLKdiUxkK/yBWZCQkptDmFxbpDsZmIX0z6MdiDsqJeBGDLAs4Mwr/L7J+veuQS
kbZaQS/QBTdmFdQeXP6hl+DxBsKJMaDpfUEFhE5vu9yG8c0UeKbWe16TyDJfAfFn
zxNJDV/kBjxyJbj1ei7SV5VDuZ8eYy+T00kYh/rWEv6MyZBbn7hr+NmsrJOMPgPX
2owajCt0q4mTsuYG7WgxJkg2gTQKLZqMkPL3RDiOKhaY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org