Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/YVJaFG5FkZGg7juIBDpRaBL25Gc.roa
File:                     YVJaFG5FkZGg7juIBDpRaBL25Gc.roa (raw, json)
Hash identifier:          h0CY6ye4czPBtSicgCr3GAoqaLfcoTBRJugZcEOZABo=
Subject key identifier:   61:52:5A:14:6E:45:91:91:A0:EE:3B:88:04:3A:51:68:12:F6:E4:67
Certificate issuer:       /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial:       01856C53B01BB58492A353CC93F6A2B439DB
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/YVJaFG5FkZGg7juIBDpRaBL25Gc.roa
Signing time:             Sun 01 Jan 2023 07:55:01 +0000
ROA not before:           Sun 01 Jan 2023 07:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45794
IP address blocks:        134.97.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:b0:1b:b5:84:92:a3:53:cc:93:f6:a2:b4:39:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
        Validity
            Not Before: Jan  1 07:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61525a146e459191a0ee3b88043a516812f6e467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:64:e8:35:d7:7d:61:d3:57:b5:0e:c4:3b:6f:
                    0f:2e:9c:3b:37:b2:20:3b:e8:2a:1a:bf:cb:3b:ec:
                    b4:92:f5:9d:ed:38:28:a8:bd:ba:bd:69:1c:de:08:
                    96:30:20:1e:25:c2:5a:f2:f2:b2:45:60:1f:e3:ef:
                    5f:3f:f1:1f:c0:68:2f:bd:0e:6c:37:6b:95:c5:59:
                    d5:c0:32:fa:43:a4:cb:93:52:f1:38:a9:3e:5a:6c:
                    14:a6:7f:00:12:2d:c8:f8:a0:ab:e7:5a:fe:22:2e:
                    1c:70:e0:76:52:fc:b2:fc:eb:f4:e1:87:97:db:bf:
                    c2:0f:23:1f:3d:8d:b0:11:ae:b0:8f:c5:92:81:0d:
                    c7:d9:af:3b:14:99:3a:48:fe:52:a2:af:f7:b2:7c:
                    b3:85:e3:0b:a2:07:27:e2:f7:10:f8:e6:22:40:cd:
                    28:fb:84:45:78:b6:84:77:b9:b7:9f:92:e5:3b:93:
                    8f:39:06:b8:42:63:05:a1:a4:ae:5d:9f:03:f5:bf:
                    06:b9:89:fc:c2:eb:c6:c7:7a:1f:64:4b:81:ad:54:
                    3d:bf:d1:df:00:f4:77:96:19:8a:ce:c3:f2:9e:35:
                    18:15:45:22:2b:0c:93:48:12:c3:19:98:2e:77:ec:
                    a3:b3:fa:75:68:89:c6:b8:8d:a3:77:e2:35:73:46:
                    ce:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:52:5A:14:6E:45:91:91:A0:EE:3B:88:04:3A:51:68:12:F6:E4:67
            X509v3 Authority Key Identifier:
                keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/YVJaFG5FkZGg7juIBDpRaBL25Gc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.97.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:59:d1:55:23:31:64:97:3c:1f:32:ce:df:38:ec:6b:2b:51:
         89:63:c9:95:e6:88:cc:58:7d:fd:86:ca:62:30:d5:03:74:82:
         47:44:5f:8a:f6:67:2c:ce:8d:76:c3:a6:cd:1d:25:31:e9:bc:
         e2:5b:a3:4d:75:1f:0a:8a:bc:51:5d:f8:59:cf:65:60:26:38:
         0b:9b:4a:c2:5c:32:68:5b:3e:8d:e2:be:e3:d9:29:f2:c0:ae:
         be:4f:de:4c:0f:f5:fc:14:27:b2:a9:d3:99:41:c4:27:7f:2d:
         54:c5:72:6c:ba:fe:ed:9b:4d:18:22:d1:00:25:6f:52:04:8f:
         5e:9e:26:ea:4f:09:3d:2c:9b:a7:b7:7b:af:58:bc:0e:4d:16:
         07:09:2b:99:77:ff:19:e6:48:bb:bb:ed:bd:6e:d6:5b:f3:cc:
         24:56:e0:32:5f:f1:c3:26:f2:b0:67:52:cf:50:e8:fb:61:d8:
         10:79:ec:dc:e7:99:f8:e8:63:f6:d0:38:79:7c:58:52:bd:bb:
         1c:9f:54:ed:ee:22:3a:f3:f5:26:48:9c:fc:b2:90:57:b5:b6:
         c2:d9:a9:12:7a:a2:87:83:a2:a9:3b:cc:63:d3:03:e6:bf:88:
         1b:8e:6b:c7:be:63:af:61:ef:b2:d8:ea:43:7a:c6:c3:c6:e8:
         e2:65:01:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU7AbtYSSo1PMk/aitDnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjMwMTAxMDc1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTUyNWExNDZlNDU5MTkxYTBlZTNiODgwNDNhNTE2ODEyZjZlNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2ToNdd9YdNXtQ7EO28PLpw7N7Ig
O+gqGr/LO+y0kvWd7TgoqL26vWkc3giWMCAeJcJa8vKyRWAf4+9fP/EfwGgvvQ5s
N2uVxVnVwDL6Q6TLk1LxOKk+WmwUpn8AEi3I+KCr51r+Ii4ccOB2Uvyy/Ov04YeX
27/CDyMfPY2wEa6wj8WSgQ3H2a87FJk6SP5Soq/3snyzheMLogcn4vcQ+OYiQM0o
+4RFeLaEd7m3n5LlO5OPOQa4QmMFoaSuXZ8D9b8GuYn8wuvGx3ofZEuBrVQ9v9Hf
APR3lhmKzsPynjUYFUUiKwyTSBLDGZgud+yjs/p1aInGuI2jd+I1c0bOzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGFSWhRuRZGRoO47iAQ6UWgS9uRnMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvWVZKYUZHNUZrWkdnN2p1SUJEcFJhQkwyNUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhmESMA0G
CSqGSIb3DQEBCwUAA4IBAQB2WdFVIzFklzwfMs7fOOxrK1GJY8mV5ojMWH39hspi
MNUDdIJHRF+K9mcszo12w6bNHSUx6bziW6NNdR8KirxRXfhZz2VgJjgLm0rCXDJo
Wz6N4r7j2SnywK6+T95MD/X8FCeyqdOZQcQnfy1UxXJsuv7tm00YItEAJW9SBI9e
nibqTwk9LJunt3uvWLwOTRYHCSuZd/8Z5ki7u+29btZb88wkVuAyX/HDJvKwZ1LP
UOj7YdgQeezc55n46GP20Dh5fFhSvbscn1Tt7iI68/UmSJz8spBXtbbC2akSeqKH
g6KpO8xj0wPmv4gbjmvHvmOvYe+y2OpDesbDxujiZQGE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org