Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YipeVSqp6RrN0Cm3NG_uOGi1hZc.roa
File:                     YipeVSqp6RrN0Cm3NG_uOGi1hZc.roa (raw, json)
Hash identifier:          dyIwkZAAwi6BbFCWnBzIFDfxIJgsjHsXykprZT7OpJs=
Subject key identifier:   62:2A:5E:55:2A:A9:E9:1A:CD:D0:29:B7:34:6F:EE:38:68:B5:85:97
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       018EEB4EAE78E42DA1C54783203361BE7EC3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YipeVSqp6RrN0Cm3NG_uOGi1hZc.roa
Signing time:             Wed 17 Apr 2024 09:06:25 +0000
ROA not before:           Wed 17 Apr 2024 09:06:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211143
IP address blocks:        109.207.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 08:25:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:eb:4e:ae:78:e4:2d:a1:c5:47:83:20:33:61:be:7e:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Apr 17 09:06:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=622a5e552aa9e91acdd029b7346fee3868b58597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:9e:a1:95:d0:f5:4d:6c:0d:84:05:c4:f2:50:
                    02:3f:f4:08:6b:83:6a:b9:1a:0a:ef:ec:9e:a2:d9:
                    0e:a4:af:62:ac:bb:13:80:9c:8e:ae:88:a0:02:5f:
                    92:e4:7a:e1:ee:d0:b6:0c:d4:e7:cc:c2:45:b4:06:
                    f6:0e:7e:31:8c:80:13:3c:e3:72:a0:4b:5f:08:b8:
                    f1:93:de:1a:dc:a6:0a:00:1d:78:21:0c:15:11:13:
                    35:f1:4e:fb:b9:74:72:7f:54:19:3b:48:13:32:a2:
                    f1:d3:c1:87:df:13:03:b7:91:25:77:5f:3e:00:12:
                    94:c6:c3:2d:c8:01:19:eb:67:23:c5:8f:44:0e:c3:
                    ed:b9:29:ba:8a:c9:84:d0:67:6b:d1:ee:21:88:39:
                    bb:cf:42:28:0b:1d:5b:5d:3b:7c:12:cf:ed:a9:50:
                    c0:a9:dd:d1:69:22:f0:a4:14:0c:b3:9a:95:3b:5e:
                    79:b2:d4:86:e6:5d:e2:1c:88:dc:db:0a:9a:2d:3c:
                    cb:58:63:bc:2b:00:f0:d2:cf:51:ca:de:d5:6f:c7:
                    15:3d:ef:75:b8:19:35:f7:23:89:0c:b6:24:2a:65:
                    ff:b4:bb:8a:2b:6c:5c:45:90:ae:53:9d:ef:8a:1b:
                    eb:b0:1f:e3:f3:51:94:78:9b:27:8d:aa:6f:6f:b3:
                    53:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:2A:5E:55:2A:A9:E9:1A:CD:D0:29:B7:34:6F:EE:38:68:B5:85:97
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YipeVSqp6RrN0Cm3NG_uOGi1hZc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.207.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:29:7a:9c:1a:9c:79:29:db:7f:c9:51:70:be:b0:05:20:40:
         50:43:49:44:a2:08:58:2d:a6:97:a9:47:4e:9f:20:9d:27:5c:
         55:e5:15:cd:14:66:45:9e:74:67:0d:d1:b8:d0:8d:23:f4:ec:
         f1:9e:44:ce:d6:e4:8f:66:66:60:cf:e9:1c:fa:f1:a6:c7:c3:
         fa:67:d6:a4:e6:bf:6b:62:13:70:40:83:0d:b0:20:58:ac:35:
         31:2a:78:4c:61:dd:8c:ff:b8:c8:be:98:62:3a:e2:18:20:21:
         50:e4:07:16:74:f6:69:2c:89:e3:2d:d8:e1:45:53:65:13:30:
         f4:2f:bb:e0:05:53:f1:43:3e:9a:20:8b:ae:9b:3d:c8:d1:a8:
         12:d6:ac:5b:8d:0b:59:42:19:b1:fd:e0:83:0f:b1:48:74:f3:
         75:c8:40:d0:4c:f6:f6:6f:2a:89:a3:f5:ba:b0:27:93:c1:ef:
         f7:f6:e7:c3:28:01:42:ec:d4:49:27:89:10:58:9f:4a:fb:f4:
         94:49:a3:0c:26:a0:88:a1:3e:cc:81:93:cf:3a:cf:0d:9b:b3:
         6e:39:15:1e:d5:e1:2f:1d:cb:92:ab:c4:f7:33:ac:f6:36:3f:
         31:54:ab:ff:dd:f5:17:b1:89:78:f0:9f:4d:5d:58:53:02:b4:
         1c:1f:65:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7rTq545C2hxUeDIDNhvn7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwNDE3MDkwNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjJhNWU1NTJhYTllOTFhY2RkMDI5YjczNDZmZWUzODY4YjU4NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp6hldD1TWwNhAXE8lACP/QIa4Nq
uRoK7+yeotkOpK9irLsTgJyOroigAl+S5Hrh7tC2DNTnzMJFtAb2Dn4xjIATPONy
oEtfCLjxk94a3KYKAB14IQwVERM18U77uXRyf1QZO0gTMqLx08GH3xMDt5Eld18+
ABKUxsMtyAEZ62cjxY9EDsPtuSm6ismE0Gdr0e4hiDm7z0IoCx1bXTt8Es/tqVDA
qd3RaSLwpBQMs5qVO155stSG5l3iHIjc2wqaLTzLWGO8KwDw0s9Ryt7Vb8cVPe91
uBk19yOJDLYkKmX/tLuKK2xcRZCuU53vihvrsB/j81GUeJsnjapvb7NTfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIqXlUqqekazdAptzRv7jhotYWXMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWWlwZVZTcXA2UnJOMENtM05HX3VPR2kxaFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc+DMA0G
CSqGSIb3DQEBCwUAA4IBAQAsKXqcGpx5Kdt/yVFwvrAFIEBQQ0lEoghYLaaXqUdO
nyCdJ1xV5RXNFGZFnnRnDdG40I0j9OzxnkTO1uSPZmZgz+kc+vGmx8P6Z9ak5r9r
YhNwQIMNsCBYrDUxKnhMYd2M/7jIvphiOuIYICFQ5AcWdPZpLInjLdjhRVNlEzD0
L7vgBVPxQz6aIIuumz3I0agS1qxbjQtZQhmx/eCDD7FIdPN1yEDQTPb2byqJo/W6
sCeTwe/39ufDKAFC7NRJJ4kQWJ9K+/SUSaMMJqCIoT7MgZPPOs8Nm7NuORUe1eEv
HcuSq8T3M6z2Nj8xVKv/3fUXsYl48J9NXVhTArQcH2WH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org