Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/y8wVPiauSxzGQZTF4QNIK6GaTbA.roa
File:                     y8wVPiauSxzGQZTF4QNIK6GaTbA.roa (raw, json)
Hash identifier:          gkXusS0H8NP1TDiw8p6EkUaZoVJbCN26oz/l9aH8RRM=
Subject key identifier:   CB:CC:15:3E:26:AE:4B:1C:C6:41:94:C5:E1:03:48:2B:A1:9A:4D:B0
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018572470C996D9137DCF70486F3CC9576D4
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/y8wVPiauSxzGQZTF4QNIK6GaTbA.roa
Signing time:             Mon 02 Jan 2023 11:38:56 +0000
ROA not before:           Mon 02 Jan 2023 11:38:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50673
IP address blocks:        146.185.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:47:0c:99:6d:91:37:dc:f7:04:86:f3:cc:95:76:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan  2 11:38:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbcc153e26ae4b1cc64194c5e103482ba19a4db0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:11:9c:d7:ed:70:09:14:63:1b:10:98:86:94:
                    07:db:e8:5e:e4:24:dc:bd:4d:9a:d5:aa:10:59:5d:
                    74:0f:5d:ce:aa:96:ad:84:03:c0:26:75:18:6c:24:
                    97:07:4b:a1:81:50:ed:48:08:84:0c:99:a5:eb:98:
                    06:d0:b6:99:38:4b:f7:2e:88:77:62:cb:f8:27:b3:
                    45:0c:86:1d:a1:37:37:12:e9:f5:a9:84:5c:32:7b:
                    1f:78:68:e2:6d:05:7d:59:b0:78:1f:7f:81:d4:b1:
                    db:f0:88:16:df:8b:1a:85:a2:33:60:6f:97:47:4a:
                    4d:98:ed:af:29:ff:f6:5e:e3:3d:35:a3:70:37:16:
                    17:31:2c:36:29:53:c8:67:94:bf:4e:67:99:bc:26:
                    61:5b:a6:f7:ca:03:24:05:7d:08:74:82:62:2f:2c:
                    d2:39:2e:ae:dd:27:ec:2d:63:79:55:33:11:f1:83:
                    e1:bf:41:cb:2f:8c:e0:11:f2:1e:4a:e6:6e:5d:59:
                    d3:8f:5f:fb:d3:1f:ee:28:32:74:8f:dd:4a:ef:09:
                    92:bc:43:70:a4:b0:7e:c1:93:d4:e4:11:c5:5c:68:
                    6d:aa:aa:a7:bc:99:33:ec:44:da:ea:2d:36:36:0c:
                    d3:a7:bd:a4:b2:29:f2:7f:09:58:a9:fe:39:a7:16:
                    bb:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:CC:15:3E:26:AE:4B:1C:C6:41:94:C5:E1:03:48:2B:A1:9A:4D:B0
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/y8wVPiauSxzGQZTF4QNIK6GaTbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.185.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:bc:8c:a4:76:13:31:5d:15:1e:06:64:4c:ec:c7:40:9b:ca:
         d9:7e:4e:bd:ee:95:09:88:43:f5:20:89:ad:a5:7e:52:55:24:
         f2:db:f0:a4:15:98:16:81:e5:f9:94:34:1c:35:82:a8:27:4a:
         b9:df:fb:56:c8:70:0b:71:6b:2f:c3:ea:7d:60:63:85:8c:44:
         65:69:8b:44:90:48:c3:2a:da:d4:0d:f3:9b:ce:7e:2b:8d:3e:
         cb:c1:46:20:5c:ef:a4:76:fc:8f:c6:85:44:d0:99:f7:10:04:
         98:56:68:89:d5:8b:2d:d5:d9:b9:1b:9b:69:0a:f8:b9:57:6f:
         3a:43:97:7c:12:4d:b2:fa:93:ee:c5:2c:b8:e3:48:d4:d7:1b:
         32:5d:64:56:32:d0:92:f3:26:ef:b7:05:f4:ad:94:95:95:cd:
         d2:33:a0:15:49:a3:33:c5:7f:37:58:f1:5a:20:d8:d8:83:2b:
         e4:c8:37:16:65:0a:02:6d:b1:55:4e:ea:20:35:02:bd:f9:d2:
         f2:83:b7:ac:84:35:ca:b0:82:3c:a2:be:5d:71:17:fa:a6:06:
         02:c1:f9:e1:67:31:68:92:26:8f:f0:ed:15:54:28:95:01:3f:
         61:89:91:e0:2c:51:b9:6f:c8:6a:b5:ee:51:73:71:2f:7f:37:
         fc:06:55:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRwyZbZE33PcEhvPMlXbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNjMTUzZTI2YWU0YjFjYzY0MTk0YzVlMTAzNDgyYmExOWE0ZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBGc1+1wCRRjGxCYhpQH2+he5CTc
vU2a1aoQWV10D13OqpathAPAJnUYbCSXB0uhgVDtSAiEDJml65gG0LaZOEv3Loh3
Ysv4J7NFDIYdoTc3Eun1qYRcMnsfeGjibQV9WbB4H3+B1LHb8IgW34sahaIzYG+X
R0pNmO2vKf/2XuM9NaNwNxYXMSw2KVPIZ5S/TmeZvCZhW6b3ygMkBX0IdIJiLyzS
OS6u3SfsLWN5VTMR8YPhv0HLL4zgEfIeSuZuXVnTj1/70x/uKDJ0j91K7wmSvENw
pLB+wZPU5BHFXGhtqqqnvJkz7ETa6i02NgzTp72ksinyfwlYqf45pxa7OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvMFT4mrkscxkGUxeEDSCuhmk2wMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEveTh3VlBpYXVTeHpHUVpURjRRTklLNkdhVGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkrn9MA0G
CSqGSIb3DQEBCwUAA4IBAQCsvIykdhMxXRUeBmRM7MdAm8rZfk697pUJiEP1IImt
pX5SVSTy2/CkFZgWgeX5lDQcNYKoJ0q53/tWyHALcWsvw+p9YGOFjERlaYtEkEjD
KtrUDfObzn4rjT7LwUYgXO+kdvyPxoVE0Jn3EASYVmiJ1Yst1dm5G5tpCvi5V286
Q5d8Ek2y+pPuxSy440jU1xsyXWRWMtCS8ybvtwX0rZSVlc3SM6AVSaMzxX83WPFa
INjYgyvkyDcWZQoCbbFVTuogNQK9+dLyg7eshDXKsII8or5dcRf6pgYCwfnhZzFo
kiaP8O0VVCiVAT9hiZHgLFG5b8hqte5Rc3Evfzf8BlWf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:56 2024 by rpki-client on console-ams.rpki-client.org