Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YWks6jifSDt1oqxz1YYfoyUlanw.roa
File:                     YWks6jifSDt1oqxz1YYfoyUlanw.roa (raw, json)
Hash identifier:          Yvxj3avX2cn0aSV535eCW23AkwoS1dZqO4Y7eV4aANU=
Subject key identifier:   61:69:2C:EA:38:9F:48:3B:75:A2:AC:73:D5:86:1F:A3:25:25:6A:7C
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7BCA58AA1239E65B00ADE7BCA9F3A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YWks6jifSDt1oqxz1YYfoyUlanw.roa
Signing time:             Mon 02 Jan 2023 08:44:56 +0000
ROA not before:           Mon 02 Jan 2023 08:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209375
IP address blocks:        89.33.135.0/24 maxlen: 24
                          193.169.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:bc:a5:8a:a1:23:9e:65:b0:0a:de:7b:ca:9f:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61692cea389f483b75a2ac73d5861fa325256a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f6:0a:de:df:2e:81:ac:a6:6d:2f:82:3a:c5:
                    ee:64:b9:44:7e:21:24:59:21:cb:d6:87:1e:a1:73:
                    77:cb:fb:33:f3:33:b5:99:14:40:aa:37:ef:a3:7b:
                    fd:a2:05:27:b0:46:95:3a:ab:7e:bc:2c:55:2b:34:
                    5a:0c:6f:80:6e:0f:9f:60:f3:3d:ee:73:e5:57:4a:
                    89:2f:16:18:73:ab:6c:f1:bc:57:9b:be:81:d4:a8:
                    85:99:d0:5b:48:15:44:ec:e6:99:f4:bc:4a:a3:cb:
                    42:1c:9f:93:bf:0e:14:e2:ed:f4:36:e1:9a:fa:e3:
                    09:25:39:c9:63:4f:e2:83:e4:2d:7a:eb:a8:9b:3f:
                    15:71:eb:f0:ef:cc:f1:81:1e:6d:da:03:46:f4:04:
                    47:9c:0c:b3:65:2e:ab:db:f9:b5:38:2c:3e:72:60:
                    c4:19:20:8f:c9:04:59:b6:58:fa:e4:c3:67:0d:95:
                    aa:5a:9e:1d:0c:81:fa:4f:02:c4:a0:86:54:9c:5e:
                    83:a6:fd:9d:1c:67:9b:7d:a8:93:8a:6d:04:c1:62:
                    60:55:4f:29:6a:8d:9a:63:52:d7:e3:6b:c8:5c:81:
                    d0:7e:35:cc:cf:ce:4c:93:2c:8c:ff:1f:4c:ba:c4:
                    88:5c:04:c9:f1:f1:16:65:06:1c:27:27:f5:e5:8d:
                    1d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:69:2C:EA:38:9F:48:3B:75:A2:AC:73:D5:86:1F:A3:25:25:6A:7C
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YWks6jifSDt1oqxz1YYfoyUlanw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.135.0/24
                  193.169.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:44:c5:df:f5:b7:de:8d:59:cf:da:08:99:ae:51:a5:eb:de:
         d0:d5:44:f7:f6:f7:79:be:82:7a:b9:7c:9a:b2:f9:70:dc:a9:
         5e:3a:ff:63:22:a3:f2:7a:4c:61:0f:1b:1b:d6:88:13:46:c5:
         32:27:a9:a0:4d:28:38:a0:b7:aa:9d:9a:b8:da:a6:8b:92:b9:
         be:63:79:2e:19:d3:e3:ac:a9:b1:40:9d:1a:69:d3:f1:7e:9f:
         ad:37:00:a3:03:4a:95:30:b0:d2:7d:eb:73:c8:a7:0a:59:45:
         6e:3b:fc:10:b9:b2:6f:fd:37:d9:24:fd:23:07:e4:4f:d5:05:
         ca:1c:79:76:f0:96:41:21:2f:65:45:c7:72:f8:49:58:4f:c8:
         0c:ef:87:c3:82:b0:2e:e2:1e:f1:a8:75:be:97:4c:db:35:6b:
         7d:f9:41:b4:35:09:68:56:86:f0:d6:76:47:e7:d0:d8:11:2a:
         49:bd:fa:3f:30:ef:79:af:7a:b1:a0:25:5f:58:12:6c:db:bf:
         ed:69:7f:80:12:77:e2:ae:91:3e:3b:92:c4:8f:d2:2e:51:3e:
         41:a5:fa:44:e8:fd:8d:78:2a:b6:8f:3f:93:0a:ed:00:67:af:
         97:63:d5:71:57:63:81:ae:c6:f9:c1:3e:2d:61:a3:48:a3:ac:
         d4:08:89:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp7yliqEjnmWwCt57yp86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTY5MmNlYTM4OWY0ODNiNzVhMmFjNzNkNTg2MWZhMzI1MjU2YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvYK3t8ugaymbS+COsXuZLlEfiEk
WSHL1oceoXN3y/sz8zO1mRRAqjfvo3v9ogUnsEaVOqt+vCxVKzRaDG+Abg+fYPM9
7nPlV0qJLxYYc6ts8bxXm76B1KiFmdBbSBVE7OaZ9LxKo8tCHJ+Tvw4U4u30NuGa
+uMJJTnJY0/ig+Qteuuomz8Vcevw78zxgR5t2gNG9ARHnAyzZS6r2/m1OCw+cmDE
GSCPyQRZtlj65MNnDZWqWp4dDIH6TwLEoIZUnF6Dpv2dHGebfaiTim0EwWJgVU8p
ao2aY1LX42vIXIHQfjXMz85MkyyM/x9MusSIXATJ8fEWZQYcJyf15Y0dvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGFpLOo4n0g7daKsc9WGH6MlJWp8MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWVdrczZqaWZTRHQxb3F4ejFZWWZveVVsYW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSGHAwQA
wamvMA0GCSqGSIb3DQEBCwUAA4IBAQAbRMXf9bfejVnP2giZrlGl697Q1UT39vd5
voJ6uXyasvlw3KleOv9jIqPyekxhDxsb1ogTRsUyJ6mgTSg4oLeqnZq42qaLkrm+
Y3kuGdPjrKmxQJ0aadPxfp+tNwCjA0qVMLDSfetzyKcKWUVuO/wQubJv/TfZJP0j
B+RP1QXKHHl28JZBIS9lRcdy+ElYT8gM74fDgrAu4h7xqHW+l0zbNWt9+UG0NQlo
Vobw1nZH59DYESpJvfo/MO95r3qxoCVfWBJs27/taX+AEnfirpE+O5LEj9IuUT5B
pfpE6P2NeCq2jz+TCu0AZ6+XY9VxV2OBrsb5wT4tYaNIo6zUCIme
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org