Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa
File:                     YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa (raw, json)
Hash identifier:          X7wpCRJKcXeXf3xPREawf/IzITGWAqRG73qxrSy5zGs=
Subject key identifier:   62:F3:C2:67:CD:A6:D4:9F:9F:28:AF:AF:C5:17:7F:98:E7:84:2F:F5
Certificate issuer:       /CN=d4bbed63091439823ed391a472536c0fcafe8957
Certificate serial:       01856F9DC9758E3594A63DC9D71B4A0862D6
Authority key identifier: D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa
Signing time:             Sun 01 Jan 2023 23:14:49 +0000
ROA not before:           Sun 01 Jan 2023 23:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29266
IP address blocks:        159.20.0.0/21 maxlen: 21
                          195.85.253.0/24 maxlen: 24
                          195.137.194.0/23 maxlen: 23
                          2a03:2180::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:c9:75:8e:35:94:a6:3d:c9:d7:1b:4a:08:62:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4bbed63091439823ed391a472536c0fcafe8957
        Validity
            Not Before: Jan  1 23:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62f3c267cda6d49f9f28afafc5177f98e7842ff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:0f:3f:20:c0:85:be:73:99:c2:a1:32:bc:f0:
                    f8:54:f6:65:a1:39:59:42:6f:3a:96:f9:87:02:5b:
                    ea:19:a6:27:ba:47:1d:d0:38:dd:bb:53:8e:93:91:
                    56:53:13:d4:17:d0:cb:a4:f3:df:29:3c:be:f5:b9:
                    00:86:30:36:16:36:0f:84:e4:87:64:57:70:41:67:
                    a5:3f:85:49:c9:c6:fb:c3:e4:fe:d0:de:3d:0a:1a:
                    12:a1:26:f5:4b:aa:b3:13:ca:36:21:fc:3e:d3:89:
                    f1:f2:c9:a3:f6:b1:a5:53:44:2c:bb:2c:fe:e2:a2:
                    ca:05:ed:21:48:51:66:54:b4:b1:4f:28:0c:6b:18:
                    be:16:85:38:a7:48:18:0d:47:86:8d:0f:55:08:c3:
                    b2:17:64:5a:28:11:4b:ff:71:85:4d:e4:bf:15:56:
                    55:b4:af:3a:82:9a:a5:c6:2f:c8:7e:97:77:71:86:
                    7e:dd:ab:9d:1f:eb:5f:cd:aa:93:57:c6:c0:14:90:
                    f2:d2:3c:21:e9:33:0d:cd:da:17:02:18:a8:5d:2c:
                    23:74:ce:7f:b7:c2:6b:b5:45:be:28:02:80:28:d6:
                    dc:e3:0d:a0:11:52:bc:96:30:ce:9e:37:71:f7:d6:
                    58:90:1c:01:3b:33:8a:06:ca:2e:06:91:df:83:41:
                    98:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:F3:C2:67:CD:A6:D4:9F:9F:28:AF:AF:C5:17:7F:98:E7:84:2F:F5
            X509v3 Authority Key Identifier:
                keyid:D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/1LvtYwkUOYI-05GkclNsD8r-iVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.20.0.0/21
                  195.85.253.0/24
                  195.137.194.0/23
                IPv6:
                  2a03:2180::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:e5:c2:73:8b:1a:02:b4:ed:2c:28:41:13:da:ed:94:85:cd:
         39:f6:0f:88:6b:87:27:f7:3a:a8:1e:64:ca:8e:db:2d:c8:12:
         97:4d:d3:4e:9d:4a:ef:d7:3c:fa:f1:71:c5:92:2b:95:80:e4:
         30:91:72:56:47:a8:9f:65:5e:e0:3d:82:c1:66:66:1b:cf:06:
         37:05:cb:2a:9a:84:58:3d:7d:89:59:57:37:3b:3e:c0:86:f6:
         25:6a:f3:d9:01:ce:96:fd:a5:c1:94:47:d8:c8:16:7a:4e:5d:
         85:83:17:0b:22:a9:35:6b:95:80:c5:46:f5:07:61:48:fd:31:
         f4:fd:18:f5:9b:c1:12:5c:10:59:0e:79:0d:42:d6:ab:22:f8:
         54:f5:ff:a6:79:ca:b0:d1:73:b7:52:51:96:dd:6c:ea:89:97:
         e9:bf:62:aa:90:8d:a4:a4:36:cf:d1:fa:7c:8b:dd:55:1a:d4:
         43:e2:b9:89:19:8b:f6:d4:4a:aa:dc:23:b1:44:2d:63:ef:c0:
         21:1a:8c:c1:ab:8f:51:8e:25:cb:20:4f:cd:40:12:0d:77:fd:
         a7:74:7c:d3:ed:b3:33:d7:0d:27:7d:ae:bf:30:4b:ea:01:cb:
         91:87:fa:5e:6a:eb:60:e9:7b:67:37:85:40:dc:93:41:c9:26:
         73:41:61:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvncl1jjWUpj3J1xtKCGLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YmJlZDYzMDkxNDM5ODIzZWQzOTFhNDcyNTM2YzBmY2Fm
ZTg5NTcwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYzYzI2N2NkYTZkNDlmOWYyOGFmYWZjNTE3N2Y5OGU3ODQyZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA8/IMCFvnOZwqEyvPD4VPZloTlZ
Qm86lvmHAlvqGaYnukcd0Djdu1OOk5FWUxPUF9DLpPPfKTy+9bkAhjA2FjYPhOSH
ZFdwQWelP4VJycb7w+T+0N49ChoSoSb1S6qzE8o2Ifw+04nx8smj9rGlU0Qsuyz+
4qLKBe0hSFFmVLSxTygMaxi+FoU4p0gYDUeGjQ9VCMOyF2RaKBFL/3GFTeS/FVZV
tK86gpqlxi/Ifpd3cYZ+3audH+tfzaqTV8bAFJDy0jwh6TMNzdoXAhioXSwjdM5/
t8JrtUW+KAKAKNbc4w2gEVK8ljDOnjdx99ZYkBwBOzOKBsouBpHfg0GYRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGLzwmfNptSfnyivr8UXf5jnhC/1MB8GA1UdIwQY
MBaAFNS77WMJFDmCPtORpHJTbA/K/olXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUx2dFl3a1VPWUktMDVHa2NsTnNEOHItaVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi83NzU3ZWQtZDAyMC00NzFmLWJiYzUt
MTdiZjIwMmU1ZWVlLzEvWXZQQ1o4Mm0xSi1mS0stdnhSZF9tT2VFTF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi83NzU3ZWQtZDAyMC00NzFmLWJiYzUtMTdiZjIwMmU1ZWVl
LzEvMUx2dFl3a1VPWUktMDVHa2NsTnNEOHItaVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDnxQAAwQA
w1X9AwQBw4nCMA0EAgACMAcDBQAqAyGAMA0GCSqGSIb3DQEBCwUAA4IBAQCb5cJz
ixoCtO0sKEET2u2Uhc059g+Ia4cn9zqoHmTKjtstyBKXTdNOnUrv1zz68XHFkiuV
gOQwkXJWR6ifZV7gPYLBZmYbzwY3BcsqmoRYPX2JWVc3Oz7AhvYlavPZAc6W/aXB
lEfYyBZ6Tl2FgxcLIqk1a5WAxUb1B2FI/TH0/Rj1m8ESXBBZDnkNQtarIvhU9f+m
ecqw0XO3UlGW3WzqiZfpv2KqkI2kpDbP0fp8i91VGtRD4rmJGYv21Eqq3COxRC1j
78AhGozBq49RjiXLIE/NQBINd/2ndHzT7bMz1w0nfa6/MEvqAcuRh/peautg6Xtn
N4VA3JNBySZzQWEJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:24 2024 by rpki-client on console-fra.rpki-client.org