Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6a1c6e-039a-4b7d-9253-0a5e6a36801f/1/yWRaVkB3FCWPK1hUbZR4l6pJs7E.roa
File:                     yWRaVkB3FCWPK1hUbZR4l6pJs7E.roa (raw, json)
Hash identifier:          X6kUO4zaoa5XDvlqUzC3X32WlL3ji3JO+vvwCBtw3es=
Subject key identifier:   C9:64:5A:56:40:77:14:25:8F:2B:58:54:6D:94:78:97:AA:49:B3:B1
Certificate issuer:       /CN=b2b57c07679f10870ec53b39efa7d08b0857a911
Certificate serial:       01856F4B6F2E4CC6BBF9D651DF091861E962
Authority key identifier: B2:B5:7C:07:67:9F:10:87:0E:C5:3B:39:EF:A7:D0:8B:08:57:A9:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/srV8B2efEIcOxTs576fQiwhXqRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/6a1c6e-039a-4b7d-9253-0a5e6a36801f/1/yWRaVkB3FCWPK1hUbZR4l6pJs7E.roa
Signing time:             Sun 01 Jan 2023 21:44:52 +0000
ROA not before:           Sun 01 Jan 2023 21:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31173
IP address blocks:        193.25.177.0/24 maxlen: 24
                          193.25.176.0/23 maxlen: 23
                          193.25.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:6f:2e:4c:c6:bb:f9:d6:51:df:09:18:61:e9:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2b57c07679f10870ec53b39efa7d08b0857a911
        Validity
            Not Before: Jan  1 21:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9645a56407714258f2b58546d947897aa49b3b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:5e:e1:6c:fa:2c:d2:5b:86:a2:a0:7c:5c:b9:
                    5b:8a:b0:1f:e2:de:b5:1c:c0:65:35:5a:8b:c5:71:
                    73:db:89:6c:72:41:fa:93:81:59:a6:66:53:76:84:
                    2f:1d:11:85:f3:92:19:7d:cc:5c:0d:8b:e2:7a:6c:
                    2c:3e:5f:fb:5e:1a:40:bb:70:a1:15:e9:d8:64:e9:
                    75:be:ba:78:68:b6:5a:df:ab:4d:d2:8e:17:44:4c:
                    4d:7b:e7:c1:0b:1c:d9:6e:9e:e8:58:d6:0f:b6:d4:
                    73:b0:c5:32:90:04:a3:36:e2:03:d4:35:e6:28:f0:
                    78:25:57:73:ea:29:19:d9:a4:25:12:08:af:f9:be:
                    aa:cb:8a:5c:d2:83:62:f8:d2:85:fc:53:81:84:9b:
                    63:c9:02:6e:62:6e:29:bc:a3:85:72:20:ea:ee:dd:
                    8e:69:35:87:56:2a:39:4e:5d:82:d6:94:89:31:26:
                    ad:9b:73:ab:e1:47:0f:4c:2c:75:ce:dc:4a:ca:80:
                    24:82:28:ac:05:8a:8a:69:23:f2:e9:ea:de:8b:e7:
                    c0:a5:ac:0f:58:c2:50:a7:77:f4:1e:cc:a5:77:69:
                    99:f2:c9:6d:d9:4a:2f:6f:a6:a5:02:d3:5e:78:51:
                    36:3c:22:a1:78:f1:d3:7f:ae:ad:e3:dd:16:f8:7e:
                    74:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:64:5A:56:40:77:14:25:8F:2B:58:54:6D:94:78:97:AA:49:B3:B1
            X509v3 Authority Key Identifier:
                keyid:B2:B5:7C:07:67:9F:10:87:0E:C5:3B:39:EF:A7:D0:8B:08:57:A9:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/srV8B2efEIcOxTs576fQiwhXqRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6a1c6e-039a-4b7d-9253-0a5e6a36801f/1/yWRaVkB3FCWPK1hUbZR4l6pJs7E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6a1c6e-039a-4b7d-9253-0a5e6a36801f/1/srV8B2efEIcOxTs576fQiwhXqRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.25.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:80:e4:00:d3:da:2a:a9:2d:c9:f1:04:f2:5e:ac:40:b5:bf:
         c5:a9:ec:aa:b4:ab:0a:f2:b9:c2:46:0c:b8:cc:0c:a1:6c:1e:
         c7:55:0f:39:97:9a:0b:ec:60:aa:ef:4e:dc:dc:d1:03:a5:76:
         51:4a:7a:7e:0b:ae:a5:eb:1b:11:ab:d3:46:6e:86:8d:e0:9f:
         f5:3d:1b:dc:4f:67:2b:b4:25:6e:24:f3:b4:e4:5a:ee:0e:02:
         83:f8:52:41:9d:10:8b:13:dd:9a:bf:10:7f:e3:3a:c8:41:ea:
         3b:24:b3:8d:96:2e:24:54:fa:4a:e0:2c:aa:01:90:90:74:b5:
         4c:98:ce:4a:94:1e:95:09:e9:2c:c9:4d:fb:bc:7c:a1:c5:bb:
         85:ec:13:84:16:09:35:a2:c0:97:01:00:90:b7:92:a2:17:f4:
         a0:4e:ab:0d:52:2c:76:8d:b8:03:10:f1:45:86:8a:b0:41:1d:
         ce:19:1a:ce:d8:2c:ec:42:dc:9b:96:21:dc:a3:3c:e0:6b:85:
         1a:c9:2f:d9:7d:10:07:0a:a7:bb:b3:99:60:b0:d8:27:ee:7b:
         26:10:95:6a:9c:ef:b4:9a:86:16:7d:c5:90:d0:88:14:c9:d6:
         05:72:2a:bf:30:e8:e5:7a:49:27:53:04:1f:4b:00:04:6c:f3:
         66:98:69:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS28uTMa7+dZR3wkYYeliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYjU3YzA3Njc5ZjEwODcwZWM1M2IzOWVmYTdkMDhiMDg1
N2E5MTEwHhcNMjMwMTAxMjE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY0NWE1NjQwNzcxNDI1OGYyYjU4NTQ2ZDk0Nzg5N2FhNDliM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkV7hbPos0luGoqB8XLlbirAf4t61
HMBlNVqLxXFz24lsckH6k4FZpmZTdoQvHRGF85IZfcxcDYviemwsPl/7XhpAu3Ch
FenYZOl1vrp4aLZa36tN0o4XRExNe+fBCxzZbp7oWNYPttRzsMUykASjNuID1DXm
KPB4JVdz6ikZ2aQlEgiv+b6qy4pc0oNi+NKF/FOBhJtjyQJuYm4pvKOFciDq7t2O
aTWHVio5Tl2C1pSJMSatm3Or4UcPTCx1ztxKyoAkgiisBYqKaSPy6erei+fApawP
WMJQp3f0Hsyld2mZ8slt2Uovb6alAtNeeFE2PCKhePHTf66t490W+H50QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlkWlZAdxQljytYVG2UeJeqSbOxMB8GA1UdIwQY
MBaAFLK1fAdnnxCHDsU7Oe+n0IsIV6kRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3JWOEIyZWZFSWNPeFRzNTc2ZlFpd2hYcVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82YTFjNmUtMDM5YS00YjdkLTkyNTMt
MGE1ZTZhMzY4MDFmLzEveVdSYVZrQjNGQ1dQSzFoVWJaUjRsNnBKczdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82YTFjNmUtMDM5YS00YjdkLTkyNTMtMGE1ZTZhMzY4MDFm
LzEvc3JWOEIyZWZFSWNPeFRzNTc2ZlFpd2hYcVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRmwMA0G
CSqGSIb3DQEBCwUAA4IBAQA4gOQA09oqqS3J8QTyXqxAtb/FqeyqtKsK8rnCRgy4
zAyhbB7HVQ85l5oL7GCq707c3NEDpXZRSnp+C66l6xsRq9NGboaN4J/1PRvcT2cr
tCVuJPO05FruDgKD+FJBnRCLE92avxB/4zrIQeo7JLONli4kVPpK4CyqAZCQdLVM
mM5KlB6VCeksyU37vHyhxbuF7BOEFgk1osCXAQCQt5KiF/SgTqsNUix2jbgDEPFF
hoqwQR3OGRrO2CzsQtybliHcozzga4UayS/ZfRAHCqe7s5lgsNgn7nsmEJVqnO+0
moYWfcWQ0IgUydYFciq/MOjlekknUwQfSwAEbPNmmGkq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:00 2024 by rpki-client on console-ams.rpki-client.org