Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/yLZNqTIP2YcHs3Go3UdZkiqk_dY.roa
File:                     yLZNqTIP2YcHs3Go3UdZkiqk_dY.roa (raw, json)
Hash identifier:          KH8L2Vt8wDdhM/j//nL0u72Ufx9AJuvSd1qJi3IURK8=
Subject key identifier:   C8:B6:4D:A9:32:0F:D9:87:07:B3:71:A8:DD:47:59:92:2A:A4:FD:D6
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE61CF1AC7BE6990561D1CD08108357
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/yLZNqTIP2YcHs3Go3UdZkiqk_dY.roa
Signing time:             Sun 01 Jan 2023 10:34:58 +0000
ROA not before:           Sun 01 Jan 2023 10:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58299
IP address blocks:        204.11.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:1c:f1:ac:7b:e6:99:05:61:d1:cd:08:10:83:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c8b64da9320fd98707b371a8dd4759922aa4fdd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:cd:55:9a:f4:3c:cb:f2:d9:31:61:74:17:14:
                    8f:0e:a7:07:be:84:74:fa:ea:53:bc:ce:f9:c3:ee:
                    5c:13:dd:03:46:5b:e0:d5:a0:ed:c4:21:37:05:64:
                    be:ac:2e:12:7e:93:15:17:07:4a:40:6c:18:08:8e:
                    e6:9e:da:dc:36:56:8f:10:46:87:f3:ef:cf:b1:34:
                    a3:23:e9:91:33:e7:ac:95:cd:37:a3:c6:af:d1:60:
                    c5:bd:df:20:28:5d:f3:e7:dc:d9:4b:6d:e0:d4:32:
                    57:87:51:2f:41:13:6c:c7:00:0a:03:49:c7:2c:75:
                    fb:c8:aa:3f:78:fa:de:d4:a6:5d:01:d0:49:5e:49:
                    06:c5:a7:0a:76:45:0f:9b:25:23:d3:e1:eb:ee:06:
                    35:db:13:69:2b:66:eb:05:37:63:51:79:d2:78:e8:
                    1e:84:f2:a4:00:19:d6:c7:93:e4:2e:50:ce:28:bc:
                    95:b8:8b:5a:47:a5:2e:87:28:f5:cd:96:d0:9b:03:
                    ee:a8:ab:bd:e1:ae:a6:44:ce:33:18:a6:9a:c8:a6:
                    3b:5a:d4:1c:95:9d:34:80:96:60:36:3f:b4:52:ef:
                    81:0f:e0:76:4d:f9:af:6e:f4:02:85:6c:94:03:8d:
                    6c:58:01:8c:45:e4:88:5f:e2:b7:e6:24:67:78:96:
                    b8:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:B6:4D:A9:32:0F:D9:87:07:B3:71:A8:DD:47:59:92:2A:A4:FD:D6
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/yLZNqTIP2YcHs3Go3UdZkiqk_dY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.11.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:96:0e:ce:9e:b0:68:f7:79:97:44:f4:91:65:53:e7:12:85:
         72:f5:da:57:d3:d7:d7:ea:02:a5:c1:fb:ab:3f:8f:d5:c5:3e:
         3a:91:83:21:9f:1f:fe:ed:9a:a7:60:5c:f6:60:b8:0e:11:e2:
         96:d0:46:51:85:2c:2f:77:cb:a0:59:d9:2f:bd:dd:fa:04:76:
         a1:23:4b:db:36:75:47:ae:47:ea:80:8e:ae:55:44:39:af:fb:
         f1:62:b8:19:9f:aa:41:89:9c:28:c6:aa:37:6a:77:47:90:ef:
         ba:af:ed:a1:f0:c9:ad:8a:45:33:bc:7f:34:d8:50:27:05:7d:
         e4:9d:b7:bf:9f:0c:c1:51:37:b7:d3:cd:19:a3:bd:c9:a1:e3:
         22:ce:07:f8:bb:59:77:8d:e9:be:3e:1a:94:5b:36:d5:b8:bb:
         39:22:86:5d:5e:f5:a1:d3:f0:44:86:96:83:b2:c9:2c:9d:61:
         85:3c:60:a9:9a:0f:eb:19:4c:fc:13:43:8f:a4:1c:3f:be:47:
         11:47:4f:67:0d:cb:ba:9c:31:85:63:0c:12:89:b9:3c:4b:f9:
         d1:fd:0a:03:46:e2:93:00:04:14:8b:91:2c:78:5a:50:70:02:
         c8:6e:28:49:21:21:7a:7c:1a:0e:89:b4:67:36:dd:5e:73:d5:
         18:09:63:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5hzxrHvmmQVh0c0IEINXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI2NGRhOTMyMGZkOTg3MDdiMzcxYThkZDQ3NTk5MjJhYTRmZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s1VmvQ8y/LZMWF0FxSPDqcHvoR0
+upTvM75w+5cE90DRlvg1aDtxCE3BWS+rC4SfpMVFwdKQGwYCI7mntrcNlaPEEaH
8+/PsTSjI+mRM+eslc03o8av0WDFvd8gKF3z59zZS23g1DJXh1EvQRNsxwAKA0nH
LHX7yKo/ePre1KZdAdBJXkkGxacKdkUPmyUj0+Hr7gY12xNpK2brBTdjUXnSeOge
hPKkABnWx5PkLlDOKLyVuItaR6Uuhyj1zZbQmwPuqKu94a6mRM4zGKaayKY7WtQc
lZ00gJZgNj+0Uu+BD+B2TfmvbvQChWyUA41sWAGMReSIX+K35iRneJa4tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMi2TakyD9mHB7NxqN1HWZIqpP3WMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEveUxaTnFUSVAyWWNIczNHbzNVZFpraXFrX2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzAsCMA0G
CSqGSIb3DQEBCwUAA4IBAQBulg7OnrBo93mXRPSRZVPnEoVy9dpX09fX6gKlwfur
P4/VxT46kYMhnx/+7ZqnYFz2YLgOEeKW0EZRhSwvd8ugWdkvvd36BHahI0vbNnVH
rkfqgI6uVUQ5r/vxYrgZn6pBiZwoxqo3andHkO+6r+2h8MmtikUzvH802FAnBX3k
nbe/nwzBUTe3080Zo73JoeMizgf4u1l3jem+PhqUWzbVuLs5IoZdXvWh0/BEhpaD
ssksnWGFPGCpmg/rGUz8E0OPpBw/vkcRR09nDcu6nDGFYwwSibk8S/nR/QoDRuKT
AAQUi5EseFpQcALIbihJISF6fBoOibRnNt1ec9UYCWMD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org