Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YfR0P2Q1wNyG6jlBXA40qb3hryk.roa
File:                     YfR0P2Q1wNyG6jlBXA40qb3hryk.roa (raw, json)
Hash identifier:          mfnzYcXCE2iBPpcmEvt8wbF8xxMu7Cazp3uk4lFpzXA=
Subject key identifier:   61:F4:74:3F:64:35:C0:DC:86:EA:39:41:5C:0E:34:A9:BD:E1:AF:29
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0185B5234F2919B4D93B34C1498B3F73BB3F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YfR0P2Q1wNyG6jlBXA40qb3hryk.roa
Signing time:             Sun 15 Jan 2023 11:14:28 +0000
ROA not before:           Sun 15 Jan 2023 11:14:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212027
IP address blocks:        45.138.182.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b5:23:4f:29:19:b4:d9:3b:34:c1:49:8b:3f:73:bb:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 15 11:14:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61f4743f6435c0dc86ea39415c0e34a9bde1af29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:f2:b1:e0:21:3e:98:1b:32:bf:16:4c:36:b7:
                    e6:87:1b:50:3f:41:b3:8f:9f:17:a7:f3:db:d8:4c:
                    e7:ab:b6:ea:f7:a6:fb:af:bf:f6:e9:1a:67:b7:3a:
                    49:ae:5c:79:10:0e:82:f2:50:37:a4:8d:b1:07:8d:
                    18:f5:3c:30:31:b7:13:78:6c:c6:5f:cc:40:ae:ef:
                    1c:bb:c8:58:0d:cd:06:7c:bb:1c:b2:de:4a:e8:15:
                    52:ed:31:32:b7:d8:53:e6:00:7a:e3:bd:df:15:6f:
                    a3:9b:e2:7c:5e:9b:a2:9e:85:90:14:c9:47:8a:c4:
                    3a:c4:c5:f4:20:4b:c5:02:27:d2:59:50:43:a9:04:
                    10:13:e4:81:4b:f2:0c:28:0e:1c:d8:9e:d3:07:97:
                    d7:cf:7c:f4:2c:ea:1a:70:00:64:f9:6a:ce:40:cc:
                    0e:cd:a3:88:b9:95:04:c8:2e:3e:d8:6c:b2:b6:0a:
                    ec:11:10:5d:d2:6b:03:d7:7c:81:6f:04:79:5e:65:
                    bb:91:18:42:80:f4:ac:1a:31:0c:53:f5:78:7b:c7:
                    23:20:69:21:e3:e1:8a:27:97:e7:85:7f:21:ad:0d:
                    d9:a8:29:80:76:aa:d6:bf:03:08:50:f0:98:8f:38:
                    bf:eb:1b:0a:f5:a0:8f:bf:17:c5:ec:28:40:3d:f6:
                    d1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:F4:74:3F:64:35:C0:DC:86:EA:39:41:5C:0E:34:A9:BD:E1:AF:29
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YfR0P2Q1wNyG6jlBXA40qb3hryk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:61:f7:a7:27:88:a5:68:4f:37:30:5c:50:11:d3:9e:d7:00:
         56:92:4b:ac:09:13:e5:61:a8:12:af:c3:85:79:c4:32:2d:76:
         bd:30:10:13:8e:e3:66:92:ba:f2:31:12:ee:51:25:d3:fd:48:
         6b:25:57:ea:3d:45:84:ac:ae:f8:e8:f1:a4:82:97:89:1f:ff:
         8a:ad:21:6c:e0:65:50:f2:6b:f3:60:45:37:2f:b2:a9:fc:da:
         16:9c:c5:6f:1d:c2:76:00:b9:71:ad:83:73:d7:4d:b5:9d:b5:
         cd:c6:2b:38:8b:6e:07:c9:c1:56:f1:da:96:78:a3:8f:ec:eb:
         56:dc:33:c6:13:56:25:81:60:b5:b7:65:e7:5e:e2:03:16:3b:
         a6:40:6d:e3:fb:89:08:a5:24:d8:8d:69:80:8b:33:16:a1:ef:
         3f:b9:3a:43:66:a5:85:f1:4c:10:c2:03:a6:4c:29:c4:94:24:
         3d:10:37:18:f5:be:49:3d:c5:4c:cc:d9:fc:e9:96:66:f8:8c:
         2f:78:c5:62:1b:a0:1e:61:83:d9:40:36:09:d6:b9:28:07:03:
         1a:fc:6b:4b:6f:af:1b:d7:87:72:b4:7d:12:51:b6:28:af:95:
         37:8c:8b:d1:32:eb:45:f7:e5:b1:e6:74:ce:d5:ac:45:89:9e:
         66:b0:8d:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW1I08pGbTZOzTBSYs/c7s/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTE1MTExNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY0NzQzZjY0MzVjMGRjODZlYTM5NDE1YzBlMzRhOWJkZTFhZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPKx4CE+mBsyvxZMNrfmhxtQP0Gz
j58Xp/Pb2Eznq7bq96b7r7/26RpntzpJrlx5EA6C8lA3pI2xB40Y9TwwMbcTeGzG
X8xAru8cu8hYDc0GfLscst5K6BVS7TEyt9hT5gB6473fFW+jm+J8XpuinoWQFMlH
isQ6xMX0IEvFAifSWVBDqQQQE+SBS/IMKA4c2J7TB5fXz3z0LOoacABk+WrOQMwO
zaOIuZUEyC4+2GyytgrsERBd0msD13yBbwR5XmW7kRhCgPSsGjEMU/V4e8cjIGkh
4+GKJ5fnhX8hrQ3ZqCmAdqrWvwMIUPCYjzi/6xsK9aCPvxfF7ChAPfbRMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGH0dD9kNcDchuo5QVwONKm94a8pMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWWZSMFAyUTF3TnlHNmpsQlhBNDBxYjNocnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYq2MA0G
CSqGSIb3DQEBCwUAA4IBAQCeYfenJ4ilaE83MFxQEdOe1wBWkkusCRPlYagSr8OF
ecQyLXa9MBATjuNmkrryMRLuUSXT/UhrJVfqPUWErK746PGkgpeJH/+KrSFs4GVQ
8mvzYEU3L7Kp/NoWnMVvHcJ2ALlxrYNz1021nbXNxis4i24HycFW8dqWeKOP7OtW
3DPGE1YlgWC1t2XnXuIDFjumQG3j+4kIpSTYjWmAizMWoe8/uTpDZqWF8UwQwgOm
TCnElCQ9EDcY9b5JPcVMzNn86ZZm+IwveMViG6AeYYPZQDYJ1rkoBwMa/GtLb68b
14dytH0SUbYor5U3jIvRMutF9+Wx5nTO1axFiZ5msI2n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org