Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/yon6vrxgeVQAP7DXYlzyOt-0Nz8.roa
File:                     yon6vrxgeVQAP7DXYlzyOt-0Nz8.roa (raw, json)
Hash identifier:          qaOR/9lgN4WlzsYfWW8R78i5jIV1wlBhl/s962CnuQk=
Subject key identifier:   CA:89:FA:BE:BC:60:79:54:00:3F:B0:D7:62:5C:F2:3A:DF:B4:37:3F
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018AF5BC779CBC8CF4D70F82B428961AE682
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/yon6vrxgeVQAP7DXYlzyOt-0Nz8.roa
Signing time:             Tue 03 Oct 2023 13:31:23 +0000
ROA not before:           Tue 03 Oct 2023 13:31:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209272
IP address blocks:        46.161.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f5:bc:77:9c:bc:8c:f4:d7:0f:82:b4:28:96:1a:e6:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Oct  3 13:31:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca89fabebc607954003fb0d7625cf23adfb4373f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:73:74:ff:02:85:6d:20:ca:8f:8a:b6:00:e9:
                    6f:0f:90:b8:57:5a:19:b7:ca:ef:04:7c:8a:3b:1f:
                    21:de:0c:45:f4:ec:c5:41:19:b6:18:d2:02:3c:cb:
                    20:99:be:3d:51:16:da:f6:5c:85:dc:c6:19:f5:75:
                    30:db:ea:b1:05:f6:24:0e:0d:9b:83:a8:fe:ea:f0:
                    a3:ce:37:05:4e:f9:cd:bd:b9:9f:8f:be:0b:40:8a:
                    b8:0b:2a:e0:85:1d:a2:4f:c0:7b:08:10:e7:c3:1a:
                    1d:0b:fe:c3:ce:e5:b7:7d:35:6e:fc:f7:f7:90:bd:
                    d6:2b:85:2a:3e:60:49:5e:bc:5d:f0:0b:a8:df:b5:
                    25:57:32:3c:65:cf:e9:5f:f1:07:9d:fa:13:a1:d3:
                    ad:78:70:29:c3:fa:56:0a:12:d8:d0:c9:d7:8a:33:
                    ed:6f:f6:e5:3c:68:a6:54:4d:9c:50:d2:ed:c9:c3:
                    fd:40:73:e8:3d:1c:68:ea:4e:9f:3c:fe:1c:96:b9:
                    bd:c1:28:79:e7:48:7e:b5:c5:da:05:46:b7:5a:17:
                    c4:9a:64:c2:21:88:15:76:1c:1d:cf:2d:ad:27:79:
                    6a:ad:28:50:48:cf:aa:de:bb:17:96:06:4a:5a:b2:
                    0c:45:ce:3f:64:1d:03:98:5f:b1:4e:ec:fe:43:56:
                    c3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:89:FA:BE:BC:60:79:54:00:3F:B0:D7:62:5C:F2:3A:DF:B4:37:3F
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/yon6vrxgeVQAP7DXYlzyOt-0Nz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.161.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:65:68:b6:63:12:0a:f0:d0:f7:ee:41:4d:93:3b:0d:d0:f0:
         95:c1:7c:36:63:10:80:43:6c:5b:67:c1:4b:d4:ba:e8:2d:36:
         15:c0:cc:6e:12:38:83:63:c8:ba:4c:d2:fe:47:51:88:d5:43:
         5d:2b:11:60:9d:a6:c5:8d:65:71:ba:77:2c:4f:13:89:90:f8:
         4f:7b:8d:e3:0a:c7:d2:32:42:fa:9a:fd:0d:92:57:2a:15:84:
         12:08:7c:6b:38:5e:9d:79:e7:14:ef:82:bc:52:30:d5:ec:91:
         f2:9e:e0:c8:13:b9:ea:25:85:fc:20:4b:5e:c6:1c:54:08:da:
         b0:cf:92:c8:e1:7c:ab:95:5d:04:88:62:b1:c1:b2:63:40:0f:
         c3:2a:b9:80:b8:38:38:14:48:6e:f0:34:58:82:e4:f8:7e:ac:
         eb:d9:33:15:2c:86:f2:02:4b:31:75:2a:16:ee:fc:e5:f3:61:
         bd:cd:14:4e:e3:4a:f6:32:e3:8c:99:b6:28:7e:18:f9:5c:14:
         de:4f:87:24:50:5e:87:2b:3c:02:b2:a5:5b:ab:f7:3d:57:f1:
         a9:a1:31:47:bf:ad:2b:cc:4d:89:89:23:87:7b:b8:12:90:94:
         81:e5:ec:9d:d9:1c:a6:4a:ee:43:dc:68:80:b7:b3:93:ff:bc:
         46:8f:6f:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1vHecvIz01w+CtCiWGuaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMxMDAzMTMzMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTg5ZmFiZWJjNjA3OTU0MDAzZmIwZDc2MjVjZjIzYWRmYjQzNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3N0/wKFbSDKj4q2AOlvD5C4V1oZ
t8rvBHyKOx8h3gxF9OzFQRm2GNICPMsgmb49URba9lyF3MYZ9XUw2+qxBfYkDg2b
g6j+6vCjzjcFTvnNvbmfj74LQIq4CyrghR2iT8B7CBDnwxodC/7DzuW3fTVu/Pf3
kL3WK4UqPmBJXrxd8Auo37UlVzI8Zc/pX/EHnfoTodOteHApw/pWChLY0MnXijPt
b/blPGimVE2cUNLtycP9QHPoPRxo6k6fPP4clrm9wSh550h+tcXaBUa3WhfEmmTC
IYgVdhwdzy2tJ3lqrShQSM+q3rsXlgZKWrIMRc4/ZB0DmF+xTuz+Q1bDLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqJ+r68YHlUAD+w12Jc8jrftDc/MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEveW9uNnZyeGdlVlFBUDdEWFlsenlPdC0wTno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALqEoMA0G
CSqGSIb3DQEBCwUAA4IBAQA5ZWi2YxIK8ND37kFNkzsN0PCVwXw2YxCAQ2xbZ8FL
1LroLTYVwMxuEjiDY8i6TNL+R1GI1UNdKxFgnabFjWVxuncsTxOJkPhPe43jCsfS
MkL6mv0NklcqFYQSCHxrOF6deecU74K8UjDV7JHynuDIE7nqJYX8IEtexhxUCNqw
z5LI4XyrlV0EiGKxwbJjQA/DKrmAuDg4FEhu8DRYguT4fqzr2TMVLIbyAksxdSoW
7vzl82G9zRRO40r2MuOMmbYofhj5XBTeT4ckUF6HKzwCsqVbq/c9V/GpoTFHv60r
zE2JiSOHe7gSkJSB5eyd2RymSu5D3GiAt7OT/7xGj2+x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:56 2024 by rpki-client on console-ams.rpki-client.org