Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/yf7C4YrfAjdL_uUG0uP6l4dPpSU.roa
File:                     yf7C4YrfAjdL_uUG0uP6l4dPpSU.roa (raw, json)
Hash identifier:          0OYob51KyHdstMFq+GqaYCmNwsNBNDS0GU5q6Sh2T3w=
Subject key identifier:   C9:FE:C2:E1:8A:DF:02:37:4B:FE:E5:06:D2:E3:FA:97:87:4F:A5:25
Certificate issuer:       /CN=14446466c71d24658c8b6f7eae5305febd17a4ba
Certificate serial:       0188060358ECD8F814B8B566849216EC4A58
Authority key identifier: 14:44:64:66:C7:1D:24:65:8C:8B:6F:7E:AE:53:05:FE:BD:17:A4:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/yf7C4YrfAjdL_uUG0uP6l4dPpSU.roa
Signing time:             Wed 10 May 2023 14:14:22 +0000
ROA not before:           Wed 10 May 2023 14:14:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35704
IP address blocks:        80.245.156.0/24 maxlen: 24
                          2a09:1480:100::/40 maxlen: 40

Validation:               Failed, certificate revoked on Wed 10 May 2023 16:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:06:03:58:ec:d8:f8:14:b8:b5:66:84:92:16:ec:4a:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14446466c71d24658c8b6f7eae5305febd17a4ba
        Validity
            Not Before: May 10 14:14:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9fec2e18adf02374bfee506d2e3fa97874fa525
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:79:d4:49:54:92:90:31:9a:7e:72:c8:cb:76:
                    56:90:58:37:af:0e:70:02:e9:04:33:54:7a:4e:d0:
                    74:fb:29:f2:d5:21:13:2e:b2:03:a0:16:71:13:0a:
                    e0:5c:59:16:98:02:40:70:37:26:68:5e:6d:f6:92:
                    94:33:ae:30:15:c3:15:50:a3:7e:bf:aa:54:0e:49:
                    64:c5:14:e1:3e:ee:aa:eb:b2:f2:c2:ba:3d:9c:58:
                    23:dc:33:5c:3f:52:3a:03:67:9d:e9:b4:74:0f:e8:
                    8f:5b:e2:e3:d9:85:44:7c:02:9d:8a:4d:97:c1:db:
                    dd:50:bc:9e:c8:27:d9:b2:03:b5:cc:57:c9:46:dc:
                    26:5f:7d:81:96:21:8e:cc:23:68:aa:bc:4b:3b:a8:
                    cb:2c:41:6b:7c:45:fd:07:ed:6d:88:00:d6:76:5f:
                    f2:36:e3:31:01:08:7f:26:26:58:2d:98:0b:d4:55:
                    da:61:24:58:1d:21:fd:fa:c3:38:db:cc:b0:32:57:
                    5b:71:d7:96:8c:a4:ca:dc:aa:b1:e6:af:3e:c3:e5:
                    0e:f2:e9:39:a2:4c:c9:8c:1c:0b:6c:3b:fa:08:46:
                    84:74:b0:78:85:e1:8c:39:0f:a3:57:bc:96:ed:d1:
                    cc:97:67:c3:05:34:1d:a0:cc:97:6e:bb:ff:72:1e:
                    44:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:FE:C2:E1:8A:DF:02:37:4B:FE:E5:06:D2:E3:FA:97:87:4F:A5:25
            X509v3 Authority Key Identifier:
                keyid:14:44:64:66:C7:1D:24:65:8C:8B:6F:7E:AE:53:05:FE:BD:17:A4:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/yf7C4YrfAjdL_uUG0uP6l4dPpSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/FERkZscdJGWMi29-rlMF_r0XpLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.245.156.0/24
                IPv6:
                  2a09:1480:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         1b:4a:34:52:bf:1a:b0:79:b3:51:e1:ac:c0:87:29:85:7b:88:
         21:cc:9a:be:7e:7a:b0:26:2f:8e:d2:c0:1b:94:85:10:d3:bd:
         78:45:88:ad:6a:66:ef:48:d2:b8:18:2e:fb:83:a6:5a:6d:ca:
         f5:b1:56:95:f2:96:5f:0e:4b:9f:48:13:3f:e8:12:be:ed:d4:
         f5:ed:05:4a:e6:d0:2b:25:ff:67:93:cf:d9:f8:fe:df:21:ba:
         f4:12:67:a5:dc:bd:e2:3e:78:00:9f:15:cb:cf:75:70:ca:0b:
         c1:07:f5:c9:ae:dc:f4:cb:7d:2f:d5:f4:8d:2e:5c:35:22:f6:
         8f:eb:e1:79:07:12:fe:21:9b:8c:fb:b8:49:14:8d:92:99:03:
         b5:ce:4d:a4:f0:8d:44:7f:ea:84:64:06:85:94:1e:3a:39:bb:
         1e:09:c4:de:74:fa:68:d4:88:c2:d6:67:44:75:1e:92:48:49:
         94:e5:fe:3d:2d:e2:ce:54:21:20:97:1a:83:07:77:55:a0:1c:
         3d:ed:ac:bc:f0:66:cb:fb:f5:ec:d7:08:c7:fe:62:30:ea:c7:
         cc:ce:eb:4e:a7:c8:d4:9c:90:27:3b:a7:78:91:e7:8b:8a:3d:
         96:79:a3:c7:7a:4c:95:99:94:59:28:0d:c0:4f:d3:26:3c:c4:
         93:8f:8e:7c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYgGA1js2PgUuLVmhJIW7EpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NDQ2NDY2YzcxZDI0NjU4YzhiNmY3ZWFlNTMwNWZlYmQx
N2E0YmEwHhcNMjMwNTEwMTQxNDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWZlYzJlMThhZGYwMjM3NGJmZWU1MDZkMmUzZmE5Nzg3NGZhNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXnUSVSSkDGafnLIy3ZWkFg3rw5w
AukEM1R6TtB0+yny1SETLrIDoBZxEwrgXFkWmAJAcDcmaF5t9pKUM64wFcMVUKN+
v6pUDklkxRThPu6q67Lywro9nFgj3DNcP1I6A2ed6bR0D+iPW+Lj2YVEfAKdik2X
wdvdULyeyCfZsgO1zFfJRtwmX32BliGOzCNoqrxLO6jLLEFrfEX9B+1tiADWdl/y
NuMxAQh/JiZYLZgL1FXaYSRYHSH9+sM428ywMldbcdeWjKTK3Kqx5q8+w+UO8uk5
okzJjBwLbDv6CEaEdLB4heGMOQ+jV7yW7dHMl2fDBTQdoMyXbrv/ch5EfQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMn+wuGK3wI3S/7lBtLj+peHT6UlMB8GA1UdIwQY
MBaAFBREZGbHHSRljItvfq5TBf69F6S6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkVSa1pzY2RKR1dNaTI5LXJsTUZfcjBYcExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC81NjZmYjMtYTY0MS00ZDE5LWE1OGUt
NjQwZTA3NWJmODdmLzEveWY3QzRZcmZBamRMX3VVRzB1UDZsNGRQcFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC81NjZmYjMtYTY0MS00ZDE5LWE1OGUtNjQwZTA3NWJmODdm
LzEvRkVSa1pzY2RKR1dNaTI5LXJsTUZfcjBYcExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAUPWcMA4E
AgACMAgDBgAqCRSAATANBgkqhkiG9w0BAQsFAAOCAQEAG0o0Ur8asHmzUeGswIcp
hXuIIcyavn56sCYvjtLAG5SFENO9eEWIrWpm70jSuBgu+4OmWm3K9bFWlfKWXw5L
n0gTP+gSvu3U9e0FSubQKyX/Z5PP2fj+3yG69BJnpdy94j54AJ8Vy891cMoLwQf1
ya7c9Mt9L9X0jS5cNSL2j+vheQcS/iGbjPu4SRSNkpkDtc5NpPCNRH/qhGQGhZQe
Ojm7HgnE3nT6aNSIwtZnRHUekkhJlOX+PS3izlQhIJcagwd3VaAcPe2svPBmy/v1
7NcIx/5iMOrHzM7rTqfI1JyQJzuneJHni4o9lnmjx3pMlZmUWSgNwE/TJjzEk4+O
fA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:24 2024 by rpki-client on console-ams.rpki-client.org