Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YBwNSEzI-yl6FDxCp4SXOJ5tgsY.roa
File:                     YBwNSEzI-yl6FDxCp4SXOJ5tgsY.roa (raw, json)
Hash identifier:          Rpqjl6Clu7OlZfoXdROiFebgi8G4rJPQ2ga8QaAzKxs=
Subject key identifier:   60:1C:0D:48:4C:C8:FB:29:7A:14:3C:42:A7:84:97:38:9E:6D:82:C6
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42DB08302E1E60C42655AD67DE752A
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YBwNSEzI-yl6FDxCp4SXOJ5tgsY.roa
Signing time:             Sun 01 Jan 2023 21:35:30 +0000
ROA not before:           Sun 01 Jan 2023 21:35:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211414
IP address blocks:        2a0e:8f02:2140::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:db:08:30:2e:1e:60:c4:26:55:ad:67:de:75:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=601c0d484cc8fb297a143c42a78497389e6d82c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a6:3b:86:79:62:88:4a:60:4b:5b:65:57:32:
                    f5:1c:05:48:8c:13:2a:1b:bd:94:59:42:a1:11:8b:
                    2e:19:e3:f9:42:98:2d:ec:63:b4:30:29:63:ec:76:
                    e1:75:3d:a9:93:90:47:28:80:ad:f8:1f:4b:2a:3a:
                    4e:00:a2:d7:6d:17:e5:03:40:7b:b7:22:bc:e4:af:
                    35:d5:a4:c8:ac:56:65:5d:10:01:f3:b1:c4:7e:84:
                    32:7c:81:c5:8d:56:08:71:02:4f:db:e3:d3:2a:7d:
                    0b:23:73:42:1f:11:6f:b5:e9:94:c2:9e:73:5d:e0:
                    06:2a:ed:48:1b:7e:93:28:3b:aa:9f:1c:da:fd:7b:
                    ae:41:fc:28:56:73:56:d8:8f:81:50:5f:b1:dc:be:
                    1f:13:61:07:79:42:72:74:c8:42:37:03:49:9b:19:
                    7a:a4:8d:17:0d:96:f5:8c:21:a1:49:bf:b2:90:99:
                    b2:d1:0e:d8:db:61:a0:97:b0:cd:e0:a6:f2:79:56:
                    35:04:98:7e:de:75:17:dc:fc:76:94:bc:ae:3a:b9:
                    14:19:5b:06:49:98:d9:87:7e:0b:18:2d:08:dd:ed:
                    a6:d6:b0:10:e4:f8:ad:58:a0:a6:71:d6:21:be:d7:
                    46:42:97:e2:a3:7a:b6:1e:69:f9:e4:d0:e6:bd:ef:
                    e1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:1C:0D:48:4C:C8:FB:29:7A:14:3C:42:A7:84:97:38:9E:6D:82:C6
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YBwNSEzI-yl6FDxCp4SXOJ5tgsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:2140::/44

    Signature Algorithm: sha256WithRSAEncryption
         06:f7:fc:44:b0:1c:03:3c:0a:63:24:93:4d:72:f6:2e:2b:47:
         9e:1d:8d:ce:c4:08:bc:df:80:91:3a:2c:7b:f0:eb:4e:1e:83:
         26:cc:22:6a:99:81:28:6e:5d:c8:c2:ef:90:ae:4e:c2:cc:df:
         24:ce:c2:6c:8e:48:60:be:ec:4f:3c:c6:a5:df:6d:39:7d:69:
         9e:72:99:df:c9:a5:62:19:d4:7a:2b:3a:d9:68:86:40:ae:19:
         91:a8:c3:02:ad:4d:b1:d7:31:d2:1c:69:84:df:29:37:4a:f1:
         1e:9c:e0:ab:07:bd:a6:f8:e9:12:b2:46:11:70:11:21:30:c7:
         8e:14:0e:16:5c:79:24:5a:13:3f:b2:7c:5c:53:47:69:1f:9a:
         82:34:44:e5:7c:13:e8:36:dc:9d:66:00:58:a2:08:23:d9:d7:
         be:e0:d9:fd:c1:71:0d:33:09:c0:48:2c:cf:19:4d:6c:ad:e4:
         ae:27:8e:87:19:7b:af:ab:29:59:08:a9:ae:cd:ab:da:9e:71:
         63:13:0e:f4:82:3f:61:2c:9a:29:a1:85:47:41:f2:da:b9:b3:
         46:f0:55:f4:83:0a:ed:53:95:9f:bc:6b:aa:e9:de:41:25:07:
         90:85:92:ce:54:2a:4b:b3:ad:1e:40:44:76:15:64:aa:f3:07:
         b2:87:05:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtsIMC4eYMQmVa1n3nUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFjMGQ0ODRjYzhmYjI5N2ExNDNjNDJhNzg0OTczODllNmQ4MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaY7hnliiEpgS1tlVzL1HAVIjBMq
G72UWUKhEYsuGeP5Qpgt7GO0MClj7HbhdT2pk5BHKICt+B9LKjpOAKLXbRflA0B7
tyK85K811aTIrFZlXRAB87HEfoQyfIHFjVYIcQJP2+PTKn0LI3NCHxFvtemUwp5z
XeAGKu1IG36TKDuqnxza/XuuQfwoVnNW2I+BUF+x3L4fE2EHeUJydMhCNwNJmxl6
pI0XDZb1jCGhSb+ykJmy0Q7Y22Ggl7DN4KbyeVY1BJh+3nUX3Px2lLyuOrkUGVsG
SZjZh34LGC0I3e2m1rAQ5PitWKCmcdYhvtdGQpfio3q2Hmn55NDmve/hIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGAcDUhMyPspehQ8QqeElziebYLGMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvWUJ3TlNFekkteWw2RkR4Q3A0U1hPSjV0Z3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAG9/xEsBwDPApjJJNNcvYuK0eeHY3OxAi834CR
Oix78OtOHoMmzCJqmYEobl3Iwu+Qrk7CzN8kzsJsjkhgvuxPPMal3205fWmecpnf
yaViGdR6KzrZaIZArhmRqMMCrU2x1zHSHGmE3yk3SvEenOCrB72m+OkSskYRcBEh
MMeOFA4WXHkkWhM/snxcU0dpH5qCNETlfBPoNtydZgBYoggj2de+4Nn9wXENMwnA
SCzPGU1sreSuJ46HGXuvqylZCKmuzavannFjEw70gj9hLJopoYVHQfLaubNG8FX0
gwrtU5WfvGuq6d5BJQeQhZLOVCpLs60eQER2FWSq8weyhwW+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org