Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/31bcbd-ee65-4f97-9a22-8a7e63e8cd75/1/yt_89rZvGMQ21WtaG5UfZn8VRUA.roa
File:                     yt_89rZvGMQ21WtaG5UfZn8VRUA.roa (raw, json)
Hash identifier:          9YtDzl3+x1o5kfZNolKJkd3s7LmUHD3QS+F1XKtA+1g=
Subject key identifier:   CA:DF:FC:F6:B6:6F:18:C4:36:D5:6B:5A:1B:95:1F:66:7F:15:45:40
Certificate issuer:       /CN=54285ffee97312c51c3a805ff9340ebec3352720
Certificate serial:       01856CE60C20ADD96967E9BEA78F7D121E63
Authority key identifier: 54:28:5F:FE:E9:73:12:C5:1C:3A:80:5F:F9:34:0E:BE:C3:35:27:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VChf_ulzEsUcOoBf-TQOvsM1JyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/31bcbd-ee65-4f97-9a22-8a7e63e8cd75/1/yt_89rZvGMQ21WtaG5UfZn8VRUA.roa
Signing time:             Sun 01 Jan 2023 10:34:53 +0000
ROA not before:           Sun 01 Jan 2023 10:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20886
IP address blocks:        185.209.236.0/22 maxlen: 22
                          80.90.144.0/20 maxlen: 20
                          89.21.32.0/19 maxlen: 19
                          217.76.96.0/20 maxlen: 20
                          2a02:b30::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:0c:20:ad:d9:69:67:e9:be:a7:8f:7d:12:1e:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54285ffee97312c51c3a805ff9340ebec3352720
        Validity
            Not Before: Jan  1 10:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cadffcf6b66f18c436d56b5a1b951f667f154540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:83:11:8a:b4:12:15:22:d1:ce:00:52:da:2d:
                    a3:22:8c:fa:5e:5c:82:1c:74:4b:73:83:b6:88:9e:
                    a7:e9:1a:e4:12:82:aa:17:30:6a:44:d3:b2:15:c8:
                    bd:8a:99:78:9d:3a:be:db:c4:35:81:8d:cf:27:e3:
                    a4:fa:ff:34:48:65:dd:0f:27:f6:bc:54:09:8a:67:
                    b4:39:bb:92:7c:c0:e3:de:50:0e:c7:69:99:7f:b1:
                    4f:d6:a5:a7:a6:77:01:b9:89:58:d7:7c:bb:17:5d:
                    02:74:b1:cb:ad:b8:8a:f3:0b:24:b1:dd:f4:90:6e:
                    ab:e5:68:76:31:1a:46:0d:77:27:1b:a2:c7:ef:2a:
                    eb:c1:9d:a7:3c:d4:c8:74:3b:ff:9a:55:57:b0:34:
                    e2:8c:da:86:f9:b0:19:19:d6:69:55:d5:8b:c7:0d:
                    30:7a:16:a6:bb:70:f9:0f:57:81:04:10:17:09:a8:
                    35:1b:69:c4:47:28:fb:35:65:38:bd:9d:47:f9:85:
                    80:bc:27:95:fe:53:3f:a5:18:35:8a:fa:16:70:40:
                    bd:bf:3a:d0:30:0f:96:c3:c4:f6:78:f4:bd:0e:c3:
                    7e:5e:55:ce:84:36:62:49:0e:2c:06:f1:cb:8b:2a:
                    60:40:eb:8a:8c:f5:ef:cf:c7:40:b6:b1:a4:12:3e:
                    97:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:DF:FC:F6:B6:6F:18:C4:36:D5:6B:5A:1B:95:1F:66:7F:15:45:40
            X509v3 Authority Key Identifier:
                keyid:54:28:5F:FE:E9:73:12:C5:1C:3A:80:5F:F9:34:0E:BE:C3:35:27:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VChf_ulzEsUcOoBf-TQOvsM1JyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31bcbd-ee65-4f97-9a22-8a7e63e8cd75/1/yt_89rZvGMQ21WtaG5UfZn8VRUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31bcbd-ee65-4f97-9a22-8a7e63e8cd75/1/VChf_ulzEsUcOoBf-TQOvsM1JyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.90.144.0/20
                  89.21.32.0/19
                  185.209.236.0/22
                  217.76.96.0/20
                IPv6:
                  2a02:b30::/32

    Signature Algorithm: sha256WithRSAEncryption
         2b:8c:11:b9:84:03:85:e3:b1:70:64:29:69:1c:24:51:4d:23:
         c5:a0:2e:39:3e:40:4f:97:18:a4:d0:86:ef:1d:31:44:e2:e3:
         5f:a8:ee:93:85:70:d9:ff:55:ee:1b:4e:ff:46:e0:e3:55:21:
         21:f3:04:32:35:3a:42:7b:5d:b2:56:7a:92:f2:8c:52:0e:6f:
         d0:5a:82:35:c0:75:3e:11:db:35:02:7e:29:87:c2:46:1a:84:
         d8:26:20:f8:18:05:75:f1:ef:8f:30:ea:8b:31:4e:20:32:45:
         e6:13:22:35:f4:29:d9:44:04:90:19:2c:03:7e:71:d7:49:2c:
         cd:1a:91:71:4d:24:a6:91:3a:ed:f3:3d:7d:50:4e:70:52:23:
         86:63:27:2f:40:85:e1:8b:7b:8f:b4:9c:b0:7c:aa:dd:81:3d:
         af:8f:8c:8b:be:7a:8c:10:03:c2:d4:92:92:41:88:23:17:86:
         8f:cb:b2:89:ee:14:0e:5e:b3:41:8c:50:db:f3:9c:d9:46:bc:
         a1:b2:a6:80:20:85:01:36:a4:e7:26:43:b6:e9:c0:ba:58:fe:
         7e:ba:08:ea:73:aa:e3:01:96:3b:1a:ef:0d:6e:98:96:56:70:
         24:49:9d:7d:db:10:b8:dd:b1:aa:13:6b:72:dd:ad:1c:ab:4b:
         af:00:2c:46
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVs5gwgrdlpZ+m+p499Eh5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjg1ZmZlZTk3MzEyYzUxYzNhODA1ZmY5MzQwZWJlYzMz
NTI3MjAwHhcNMjMwMTAxMTAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWRmZmNmNmI2NmYxOGM0MzZkNTZiNWExYjk1MWY2NjdmMTU0NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4MRirQSFSLRzgBS2i2jIoz6XlyC
HHRLc4O2iJ6n6RrkEoKqFzBqRNOyFci9ipl4nTq+28Q1gY3PJ+Ok+v80SGXdDyf2
vFQJime0ObuSfMDj3lAOx2mZf7FP1qWnpncBuYlY13y7F10CdLHLrbiK8wsksd30
kG6r5Wh2MRpGDXcnG6LH7yrrwZ2nPNTIdDv/mlVXsDTijNqG+bAZGdZpVdWLxw0w
ehamu3D5D1eBBBAXCag1G2nERyj7NWU4vZ1H+YWAvCeV/lM/pRg1ivoWcEC9vzrQ
MA+Ww8T2ePS9DsN+XlXOhDZiSQ4sBvHLiypgQOuKjPXvz8dAtrGkEj6XbQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMrf/Pa2bxjENtVrWhuVH2Z/FUVAMB8GA1UdIwQY
MBaAFFQoX/7pcxLFHDqAX/k0Dr7DNScgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNoZl91bHpFc1VjT29CZi1UUU92c00xSnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMWJjYmQtZWU2NS00Zjk3LTlhMjIt
OGE3ZTYzZThjZDc1LzEveXRfODlyWnZHTVEyMVd0YUc1VWZabjhWUlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMWJjYmQtZWU2NS00Zjk3LTlhMjItOGE3ZTYzZThjZDc1
LzEvVkNoZl91bHpFc1VjT29CZi1UUU92c00xSnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFqQAwQF
WRUgAwQCudHsAwQE2UxgMA0EAgACMAcDBQAqAgswMA0GCSqGSIb3DQEBCwUAA4IB
AQArjBG5hAOF47FwZClpHCRRTSPFoC45PkBPlxik0IbvHTFE4uNfqO6ThXDZ/1Xu
G07/RuDjVSEh8wQyNTpCe12yVnqS8oxSDm/QWoI1wHU+Eds1An4ph8JGGoTYJiD4
GAV18e+PMOqLMU4gMkXmEyI19CnZRASQGSwDfnHXSSzNGpFxTSSmkTrt8z19UE5w
UiOGYycvQIXhi3uPtJywfKrdgT2vj4yLvnqMEAPC1JKSQYgjF4aPy7KJ7hQOXrNB
jFDb85zZRryhsqaAIIUBNqTnJkO26cC6WP5+ugjqc6rjAZY7Gu8NbpiWVnAkSZ19
2xC43bGqE2ty3a0cq0uvACxG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:58 2024 by rpki-client on console-ams.rpki-client.org