Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Y1dh3fzYdH_SBIh3CSdoamxKAy8.roa
File:                     Y1dh3fzYdH_SBIh3CSdoamxKAy8.roa (raw, json)
Hash identifier:          W6TK4YvNE6RekqwJk3owllkFhdqnWIBn/M93eFi7X8I=
Subject key identifier:   63:57:61:DD:FC:D8:74:7F:D2:04:88:77:09:27:68:6A:6C:4A:03:2F
Certificate issuer:       /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial:       01891EF180AE06EDDECD1DE4F963EACDAB0B
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Y1dh3fzYdH_SBIh3CSdoamxKAy8.roa
Signing time:             Tue 04 Jul 2023 03:28:10 +0000
ROA not before:           Tue 04 Jul 2023 03:28:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        188.66.24.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 08 Aug 2023 09:53:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1e:f1:80:ae:06:ed:de:cd:1d:e4:f9:63:ea:cd:ab:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
        Validity
            Not Before: Jul  4 03:28:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=635761ddfcd8747fd20488770927686a6c4a032f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:04:d9:74:7a:76:52:3e:6e:9b:8e:95:9c:60:
                    84:3d:71:1a:ca:72:f7:5b:9e:07:0d:e5:7c:76:8c:
                    b3:1a:90:8a:89:8a:53:79:0b:54:f1:fd:7a:e5:c3:
                    ee:2f:d5:5e:dc:13:11:f2:47:66:f6:3c:20:58:26:
                    9b:88:d1:eb:5a:67:c3:92:69:b7:76:b3:c5:69:90:
                    1e:92:cb:da:02:40:f0:8c:5a:b5:6b:64:63:47:e8:
                    fb:c6:11:d1:ec:6a:d3:60:9b:32:34:41:d5:2a:72:
                    54:d7:16:e8:4d:1c:c9:4c:ff:46:78:d6:78:0f:03:
                    b4:fb:32:f9:cd:c9:dc:21:47:ef:2f:c3:16:bd:d5:
                    3a:3d:b8:9c:85:83:5a:e0:06:5d:b0:a4:f1:ba:12:
                    56:d7:98:49:70:e7:d0:25:0b:ef:a4:a1:d1:22:e7:
                    a5:fd:26:36:92:12:81:7b:43:f2:0f:18:ee:47:0e:
                    94:de:3a:7a:5b:c8:da:07:0e:3f:13:20:8d:dd:d3:
                    2e:21:2c:cd:6b:42:91:61:69:06:ff:af:1a:a6:f7:
                    7c:a7:7c:4d:2d:74:06:61:80:b2:72:22:e6:93:a1:
                    3d:09:1a:04:74:dd:38:3a:0b:90:c5:8d:ae:01:1c:
                    77:31:3c:f4:68:03:9b:8c:56:ec:d6:99:c5:87:8b:
                    67:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:57:61:DD:FC:D8:74:7F:D2:04:88:77:09:27:68:6A:6C:4A:03:2F
            X509v3 Authority Key Identifier:
                keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Y1dh3fzYdH_SBIh3CSdoamxKAy8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.66.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:63:60:6f:82:6b:af:3a:ab:e7:9b:57:38:ee:f3:a0:76:13:
         be:b3:af:99:57:41:77:9f:cd:23:99:39:09:c1:e2:b0:77:c1:
         83:10:82:48:1d:0e:8e:c3:21:d0:40:98:2c:d2:c7:55:32:cc:
         f3:03:93:64:1e:83:25:f5:de:88:3b:8e:b2:b1:fe:31:42:6b:
         71:46:9b:64:94:3c:85:ea:e4:fd:53:20:b8:11:5f:a7:3b:c2:
         0f:c7:2d:d0:9f:40:fb:85:07:9d:6c:d7:6b:ef:69:5c:07:7f:
         1d:a4:08:03:c7:18:3f:f6:a9:89:52:3b:d7:00:16:fd:d1:13:
         53:58:26:6c:59:a7:b8:2a:08:77:13:48:87:3c:3f:62:f0:ca:
         6a:49:fc:65:6f:97:6d:05:03:38:a7:2b:8c:5f:12:b8:21:d1:
         e2:5c:5a:57:5f:9d:d8:ce:21:51:49:fe:da:71:f7:f8:ad:8f:
         d2:66:4b:a3:eb:87:c9:20:6e:6d:57:f8:c0:96:31:0f:51:fe:
         40:ff:79:b5:12:89:c1:36:cb:2d:a2:df:19:76:34:8d:19:94:
         e5:77:ae:dc:91:46:ab:ff:15:47:75:74:35:8a:37:83:68:2e:
         cb:bf:e3:17:2d:f0:f5:85:89:d0:c5:07:d8:aa:91:b5:c2:9f:
         e1:07:4e:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYke8YCuBu3ezR3k+WPqzasLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwNzA0MDMyODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU3NjFkZGZjZDg3NDdmZDIwNDg4NzcwOTI3Njg2YTZjNGEwMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQTZdHp2Uj5um46VnGCEPXEaynL3
W54HDeV8doyzGpCKiYpTeQtU8f165cPuL9Ve3BMR8kdm9jwgWCabiNHrWmfDkmm3
drPFaZAeksvaAkDwjFq1a2RjR+j7xhHR7GrTYJsyNEHVKnJU1xboTRzJTP9GeNZ4
DwO0+zL5zcncIUfvL8MWvdU6PbichYNa4AZdsKTxuhJW15hJcOfQJQvvpKHRIuel
/SY2khKBe0PyDxjuRw6U3jp6W8jaBw4/EyCN3dMuISzNa0KRYWkG/68apvd8p3xN
LXQGYYCyciLmk6E9CRoEdN04OguQxY2uARx3MTz0aAObjFbs1pnFh4tn6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNXYd382HR/0gSIdwknaGpsSgMvMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvWTFkaDNmellkSF9TQkloM0NTZG9hbXhLQXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAkY2BvgmuvOqvnm1c47vOgdhO+s6+ZV0F3n80jmTkJ
weKwd8GDEIJIHQ6OwyHQQJgs0sdVMszzA5NkHoMl9d6IO46ysf4xQmtxRptklDyF
6uT9UyC4EV+nO8IPxy3Qn0D7hQedbNdr72lcB38dpAgDxxg/9qmJUjvXABb90RNT
WCZsWae4Kgh3E0iHPD9i8MpqSfxlb5dtBQM4pyuMXxK4IdHiXFpXX53YziFRSf7a
cff4rY/SZkuj64fJIG5tV/jAljEPUf5A/3m1EonBNsstot8ZdjSNGZTld67ckUar
/xVHdXQ1ijeDaC7Lv+MXLfD1hYnQxQfYqpG1wp/hB05N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org