Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Y361AejWLVeX4tqIuqsbiMeY6sc.roa
File:                     Y361AejWLVeX4tqIuqsbiMeY6sc.roa (raw, json)
Hash identifier:          oDfNNE45mxWwInvzKr9czQwcclcY7aocMgBdCOkUNkU=
Subject key identifier:   63:7E:B5:01:E8:D6:2D:57:97:E2:DA:88:BA:AB:1B:88:C7:98:EA:C7
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018D6A1B14EDD3810470C72EC486B7B3C2B9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Y361AejWLVeX4tqIuqsbiMeY6sc.roa
Signing time:             Fri 02 Feb 2024 13:56:16 +0000
ROA not before:           Fri 02 Feb 2024 13:56:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197706
IP address blocks:        213.209.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 21:51:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6a:1b:14:ed:d3:81:04:70:c7:2e:c4:86:b7:b3:c2:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Feb  2 13:56:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=637eb501e8d62d5797e2da88baab1b88c798eac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:45:26:7f:b6:b6:e6:dc:5d:a9:0b:dc:0e:fe:
                    b0:a4:e1:54:96:65:95:cf:af:8c:35:d6:26:46:15:
                    87:f1:a0:dc:a1:64:0c:0e:26:02:6e:ec:e0:16:fa:
                    23:c5:a6:2b:cf:de:67:dc:94:34:8a:4a:33:ea:fe:
                    e1:1a:48:7a:fc:52:d5:15:bd:9f:09:f3:87:f5:ce:
                    19:4f:de:0a:b0:70:9c:9e:00:cf:33:b4:bf:ed:88:
                    43:66:49:66:3d:9f:14:2d:34:78:a6:24:c5:6d:a4:
                    5f:29:36:38:35:4e:37:ff:da:9f:6b:13:c3:4b:07:
                    2d:79:14:4f:ad:d8:12:7c:80:b8:b4:58:36:b6:dd:
                    3e:92:33:ea:7c:87:25:03:ab:67:0a:7b:a2:de:85:
                    df:fb:13:3d:3d:67:e7:22:7d:f9:26:c5:e5:b8:0e:
                    df:0d:26:83:74:5d:95:da:c7:75:be:dd:69:73:5d:
                    66:81:17:d2:16:aa:9e:a1:fa:1d:84:63:c5:89:02:
                    11:67:5d:17:74:e0:e6:f2:f0:4f:cc:f2:07:ff:89:
                    87:b8:de:f9:6f:a1:32:ac:19:d8:28:0e:19:eb:75:
                    9f:16:5e:b9:03:24:4a:ba:4f:d8:f9:62:46:ee:bb:
                    aa:6a:18:91:e9:5a:4c:f7:9d:2b:a9:57:07:de:1c:
                    86:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:7E:B5:01:E8:D6:2D:57:97:E2:DA:88:BA:AB:1B:88:C7:98:EA:C7
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Y361AejWLVeX4tqIuqsbiMeY6sc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:f8:a4:9e:11:4e:2d:51:97:34:1b:84:63:87:66:a6:c6:f4:
         90:9a:41:d6:32:c0:5e:d6:d3:48:ca:21:4c:88:d7:15:c2:d5:
         d8:a6:3d:51:97:66:04:af:22:67:dc:5b:ef:d4:75:06:51:dc:
         62:9b:cd:8b:f3:ee:21:de:99:46:4c:d0:c6:78:56:a2:7c:6d:
         f8:c1:22:da:10:da:a9:6c:64:58:b7:f2:1d:4a:23:5a:99:17:
         7f:66:8b:d3:c8:01:07:36:e2:14:59:d4:6b:87:b7:e3:10:bc:
         5c:85:85:02:e0:9a:07:73:90:67:38:73:c4:a8:31:b4:a1:8d:
         4c:fe:5e:2e:9c:dc:08:04:94:b6:4c:56:31:46:95:14:e5:59:
         b2:80:75:2f:3d:ea:1b:32:58:50:45:1a:76:fd:a6:b4:74:16:
         3b:98:23:ad:e1:fc:cf:4c:f5:4e:6c:e8:3c:34:c0:3f:97:13:
         b7:36:1e:bf:37:bf:7b:f0:ac:7d:1d:c8:2e:ac:8b:40:48:46:
         96:f9:c0:da:3d:4d:96:50:85:c1:2d:fd:9d:c3:ea:10:3d:48:
         ba:f2:c4:5e:de:fe:ee:6b:a4:14:eb:99:78:ad:58:e3:36:29:
         d0:e1:11:09:87:f0:37:b0:92:a4:91:f0:41:26:98:bf:02:7f:
         7d:c7:92:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1qGxTt04EEcMcuxIa3s8K5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMjAyMTM1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdlYjUwMWU4ZDYyZDU3OTdlMmRhODhiYWFiMWI4OGM3OThlYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kUmf7a25txdqQvcDv6wpOFUlmWV
z6+MNdYmRhWH8aDcoWQMDiYCbuzgFvojxaYrz95n3JQ0ikoz6v7hGkh6/FLVFb2f
CfOH9c4ZT94KsHCcngDPM7S/7YhDZklmPZ8ULTR4piTFbaRfKTY4NU43/9qfaxPD
SwcteRRPrdgSfIC4tFg2tt0+kjPqfIclA6tnCnui3oXf+xM9PWfnIn35JsXluA7f
DSaDdF2V2sd1vt1pc11mgRfSFqqeofodhGPFiQIRZ10XdODm8vBPzPIH/4mHuN75
b6EyrBnYKA4Z63WfFl65AyRKuk/Y+WJG7ruqahiR6VpM950rqVcH3hyGfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGN+tQHo1i1Xl+LaiLqrG4jHmOrHMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWTM2MUFlaldMVmVYNHRxSXVxc2JpTWVZNnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGdMA0G
CSqGSIb3DQEBCwUAA4IBAQCb+KSeEU4tUZc0G4Rjh2amxvSQmkHWMsBe1tNIyiFM
iNcVwtXYpj1Rl2YEryJn3Fvv1HUGUdxim82L8+4h3plGTNDGeFaifG34wSLaENqp
bGRYt/IdSiNamRd/ZovTyAEHNuIUWdRrh7fjELxchYUC4JoHc5BnOHPEqDG0oY1M
/l4unNwIBJS2TFYxRpUU5VmygHUvPeobMlhQRRp2/aa0dBY7mCOt4fzPTPVObOg8
NMA/lxO3Nh6/N7978Kx9HcgurItASEaW+cDaPU2WUIXBLf2dw+oQPUi68sRe3v7u
a6QU65l4rVjjNinQ4REJh/A3sJKkkfBBJpi/An99x5Ku
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org