Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa
File:                     Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa (raw, json)
Hash identifier:          O1UiSzOJUBjhzgWP8qzn8slaPrKu6RCEDZVAyM/Wk7c=
Subject key identifier:   61:CE:E6:E3:44:D9:CC:32:F9:C6:B6:D3:53:A0:EE:21:AD:A6:12:43
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FE8A4F38C99E6836067CE07DE1702
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa
Signing time:             Mon 02 Jan 2023 17:38:09 +0000
ROA not before:           Mon 02 Jan 2023 17:38:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43357
IP address blocks:        194.50.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:e8:a4:f3:8c:99:e6:83:60:67:ce:07:de:17:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61cee6e344d9cc32f9c6b6d353a0ee21ada61243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:47:c0:ee:18:cb:e4:7c:fc:bf:5b:2f:b4:74:
                    db:b3:9c:7c:a4:e1:3c:b2:54:e9:9b:a6:35:3e:e6:
                    11:7f:f3:42:0e:91:a0:2d:b4:7f:ee:07:59:1e:76:
                    a6:73:5d:e5:17:52:3f:91:33:ad:1b:86:11:18:a4:
                    4c:81:24:58:e1:8b:70:d2:53:63:67:50:2c:ee:33:
                    8e:09:28:0f:08:5c:a1:90:08:75:42:2e:d7:9b:97:
                    fb:32:77:be:11:1a:16:f1:0f:a8:5a:ea:b8:6d:8f:
                    0d:61:01:49:d7:09:17:dd:86:9a:60:2f:53:c7:8a:
                    17:bf:a0:78:6e:77:a0:fb:96:0d:a4:88:77:c1:d0:
                    ce:ef:fb:a3:ef:8e:5e:61:29:b8:f8:7a:2c:b4:a3:
                    19:0d:3c:66:3e:cc:66:b3:c9:3c:04:cb:b1:09:50:
                    16:fa:06:4b:77:4e:19:b3:13:85:33:84:15:c4:d2:
                    a1:99:d0:21:7c:90:1b:fc:14:9a:64:32:e2:21:c4:
                    13:bd:72:c8:9c:d4:63:05:e8:53:27:af:5f:b4:62:
                    ad:5f:91:18:2c:d6:84:77:69:ec:66:43:28:e8:2b:
                    e3:7c:3c:21:51:f7:07:cd:c8:6d:c7:67:9f:c5:20:
                    7b:22:62:1d:e9:8d:20:05:9e:63:b2:1e:e7:40:d3:
                    e2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:CE:E6:E3:44:D9:CC:32:F9:C6:B6:D3:53:A0:EE:21:AD:A6:12:43
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Yc7m40TZzDL5xrbTU6DuIa2mEkM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:6e:93:e8:8e:64:59:e5:51:8c:c7:f2:07:2b:1b:f0:96:c9:
         3f:35:7f:ce:d6:a1:81:2f:b5:e9:8a:d3:d7:1e:fd:4d:9e:72:
         91:9e:21:76:86:04:ee:e0:b6:f4:e7:77:ac:44:fb:af:28:fc:
         ac:94:0e:68:b4:b8:dc:05:0a:a1:2d:8c:63:eb:c1:ab:0b:fa:
         55:5c:6c:a2:43:8d:9f:40:fc:fc:23:3f:77:eb:99:35:76:bc:
         d4:a5:f2:ce:65:79:8a:fd:47:5a:6d:be:f0:0e:f9:05:49:e1:
         cc:6c:4c:85:65:9f:9d:20:ef:6d:36:2d:22:fc:f8:d3:0f:9b:
         3f:95:43:b1:bc:f2:d3:4e:20:be:73:b2:43:ad:0f:f0:21:47:
         d3:b1:e2:ed:3d:dc:bc:c1:d5:71:fc:ba:95:82:d5:2c:0e:79:
         a7:d3:ba:f2:50:75:27:3b:a3:13:5b:3e:d9:a0:2f:fc:af:56:
         80:37:7a:47:d9:ee:e6:d7:39:4a:34:0a:f1:04:88:8c:f0:c3:
         1b:ee:d2:3e:30:ae:c0:c7:3d:85:c6:21:eb:d2:d1:d4:c6:57:
         f8:96:cc:dd:56:46:5e:b6:af:05:d0:09:43:58:a0:68:ee:c5:
         7c:fb:37:46:93:89:4e:fc:3b:b0:b1:80:74:08:b0:e8:12:81:
         0d:e7:b4:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj+ik84yZ5oNgZ84H3hcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWNlZTZlMzQ0ZDljYzMyZjljNmI2ZDM1M2EwZWUyMWFkYTYxMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEfA7hjL5Hz8v1svtHTbs5x8pOE8
slTpm6Y1PuYRf/NCDpGgLbR/7gdZHnamc13lF1I/kTOtG4YRGKRMgSRY4Ytw0lNj
Z1As7jOOCSgPCFyhkAh1Qi7Xm5f7Mne+ERoW8Q+oWuq4bY8NYQFJ1wkX3YaaYC9T
x4oXv6B4bneg+5YNpIh3wdDO7/uj745eYSm4+HostKMZDTxmPsxms8k8BMuxCVAW
+gZLd04ZsxOFM4QVxNKhmdAhfJAb/BSaZDLiIcQTvXLInNRjBehTJ69ftGKtX5EY
LNaEd2nsZkMo6CvjfDwhUfcHzchtx2efxSB7ImId6Y0gBZ5jsh7nQNPi7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHO5uNE2cwy+ca201Og7iGtphJDMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWWM3bTQwVFp6REw1eHJiVFU2RHVJYTJtRWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjISMA0G
CSqGSIb3DQEBCwUAA4IBAQApbpPojmRZ5VGMx/IHKxvwlsk/NX/O1qGBL7XpitPX
Hv1NnnKRniF2hgTu4Lb053esRPuvKPyslA5otLjcBQqhLYxj68GrC/pVXGyiQ42f
QPz8Iz9365k1drzUpfLOZXmK/Udabb7wDvkFSeHMbEyFZZ+dIO9tNi0i/PjTD5s/
lUOxvPLTTiC+c7JDrQ/wIUfTseLtPdy8wdVx/LqVgtUsDnmn07ryUHUnO6MTWz7Z
oC/8r1aAN3pH2e7m1zlKNArxBIiM8MMb7tI+MK7Axz2FxiHr0tHUxlf4lszdVkZe
tq8F0AlDWKBo7sV8+zdGk4lO/DuwsYB0CLDoEoEN57Re
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org