Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/45a04c-cb0d-4c0c-8bf1-48f39fde0eea/1/ydxyL2A3DmkpcweVp5uIFgJWmk0.roa
File:                     ydxyL2A3DmkpcweVp5uIFgJWmk0.roa (raw, json)
Hash identifier:          jP0mB9qGbZFWymHeTRFN2qzrCoSUWGa1ZVZ+SyMS6OI=
Subject key identifier:   C9:DC:72:2F:60:37:0E:69:29:73:07:95:A7:9B:88:16:02:56:9A:4D
Certificate issuer:       /CN=e980fb9530a36ff7b7430d50d44b8fb6d6dca937
Certificate serial:       01856B6E88B7EC50223660CCF2AF13B976D1
Authority key identifier: E9:80:FB:95:30:A3:6F:F7:B7:43:0D:50:D4:4B:8F:B6:D6:DC:A9:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6YD7lTCjb_e3Qw1Q1EuPttbcqTc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/45a04c-cb0d-4c0c-8bf1-48f39fde0eea/1/ydxyL2A3DmkpcweVp5uIFgJWmk0.roa
Signing time:             Sun 01 Jan 2023 03:44:44 +0000
ROA not before:           Sun 01 Jan 2023 03:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30790
IP address blocks:        194.54.185.0/24 maxlen: 24
                          194.54.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:6e:88:b7:ec:50:22:36:60:cc:f2:af:13:b9:76:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e980fb9530a36ff7b7430d50d44b8fb6d6dca937
        Validity
            Not Before: Jan  1 03:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9dc722f60370e6929730795a79b881602569a4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:5b:65:03:fd:35:4c:dc:66:ab:2e:9e:65:0b:
                    ba:a2:d8:41:9e:f1:52:17:43:24:f4:50:66:8d:d9:
                    8e:81:88:40:7c:91:65:69:f6:49:2b:de:69:88:fd:
                    ff:cf:07:bc:2a:47:d6:9f:fb:cb:b5:27:cf:06:1d:
                    8f:b2:69:b9:a7:26:bc:9b:3a:76:17:d3:1e:a5:bf:
                    18:34:3c:bb:a9:8f:e1:de:27:16:09:a5:b4:41:1a:
                    ab:b6:c7:67:a7:7a:d1:54:b7:17:34:a5:a8:b8:f2:
                    35:c2:2b:0f:97:79:09:bd:47:ac:42:d9:bf:87:f0:
                    95:b5:fb:59:95:c0:51:05:f5:51:18:5f:4f:ae:3e:
                    6b:3e:68:b2:05:81:f8:85:9b:40:17:96:28:13:b7:
                    5b:92:36:df:03:ef:de:a2:7b:a6:36:96:7d:8e:3b:
                    e7:55:91:02:47:4b:9f:85:7d:3e:57:bd:f9:f4:11:
                    2e:c1:15:47:9f:58:20:ee:ea:c1:14:b5:af:37:bc:
                    23:42:66:93:78:a6:3b:f1:8a:74:21:6c:cb:9a:71:
                    df:40:50:38:81:5d:ad:5e:52:36:1c:12:8d:9a:2e:
                    60:9d:ea:88:d1:12:02:df:90:21:77:1c:29:2a:86:
                    3c:fd:0a:05:6b:ce:bd:44:46:67:ee:a4:c6:d1:7e:
                    96:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:DC:72:2F:60:37:0E:69:29:73:07:95:A7:9B:88:16:02:56:9A:4D
            X509v3 Authority Key Identifier:
                keyid:E9:80:FB:95:30:A3:6F:F7:B7:43:0D:50:D4:4B:8F:B6:D6:DC:A9:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6YD7lTCjb_e3Qw1Q1EuPttbcqTc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/45a04c-cb0d-4c0c-8bf1-48f39fde0eea/1/ydxyL2A3DmkpcweVp5uIFgJWmk0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/45a04c-cb0d-4c0c-8bf1-48f39fde0eea/1/6YD7lTCjb_e3Qw1Q1EuPttbcqTc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.54.184.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a0:0d:0a:bb:96:4d:72:46:ff:23:7a:dd:a3:6d:66:db:1f:3b:
         79:2c:bd:0e:17:eb:c5:c1:5c:6e:1a:4b:9f:0b:b1:d0:3c:8d:
         42:c3:23:83:78:72:d2:13:4d:0d:e0:a2:15:37:4e:d7:7d:07:
         fb:83:73:7f:61:d8:3b:45:b9:fd:9e:61:de:93:e4:25:6d:41:
         8e:42:0c:ab:21:a3:46:fa:e1:0f:be:2b:e7:5d:e1:22:17:7f:
         a2:0f:b5:eb:47:68:a5:00:94:f2:7c:d5:35:ac:dc:28:cd:54:
         a5:c6:e9:40:8e:85:a7:00:c0:f4:c7:6e:58:b1:25:f7:dd:38:
         8d:7d:f4:13:2e:b5:1a:a9:8c:72:e6:a0:57:a5:c2:f0:71:b3:
         02:92:24:46:e2:9f:ad:ca:cd:72:a7:71:3f:c6:35:6f:94:00:
         20:24:46:eb:8c:c4:f7:fa:4c:11:78:a3:d4:bf:95:53:b9:7c:
         21:43:97:0f:de:1d:00:06:23:72:7f:01:c7:03:2f:d3:b1:8b:
         6d:55:d3:58:8c:17:d3:c3:95:6e:ac:66:8d:52:2d:2d:7e:b7:
         42:81:a0:7d:c5:7c:c7:b4:6f:2e:88:60:48:47:79:85:39:85:
         e2:d3:e1:9f:be:fb:a7:41:ba:f3:4c:d6:ca:58:e3:b5:ad:3a:
         7a:47:11:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrboi37FAiNmDM8q8TuXbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ODBmYjk1MzBhMzZmZjdiNzQzMGQ1MGQ0NGI4ZmI2ZDZk
Y2E5MzcwHhcNMjMwMTAxMDM0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRjNzIyZjYwMzcwZTY5Mjk3MzA3OTVhNzliODgxNjAyNTY5YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVtlA/01TNxmqy6eZQu6othBnvFS
F0Mk9FBmjdmOgYhAfJFlafZJK95piP3/zwe8KkfWn/vLtSfPBh2Psmm5pya8mzp2
F9Mepb8YNDy7qY/h3icWCaW0QRqrtsdnp3rRVLcXNKWouPI1wisPl3kJvUesQtm/
h/CVtftZlcBRBfVRGF9Prj5rPmiyBYH4hZtAF5YoE7dbkjbfA+/eonumNpZ9jjvn
VZECR0ufhX0+V7359BEuwRVHn1gg7urBFLWvN7wjQmaTeKY78Yp0IWzLmnHfQFA4
gV2tXlI2HBKNmi5gneqI0RIC35AhdxwpKoY8/QoFa869REZn7qTG0X6WGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMncci9gNw5pKXMHlaebiBYCVppNMB8GA1UdIwQY
MBaAFOmA+5Uwo2/3t0MNUNRLj7bW3Kk3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNllEN2xUQ2piX2UzUXcxUTFFdVB0dGJjcVRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80NWEwNGMtY2IwZC00YzBjLThiZjEt
NDhmMzlmZGUwZWVhLzEveWR4eUwyQTNEbWtwY3dlVnA1dUlGZ0pXbWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80NWEwNGMtY2IwZC00YzBjLThiZjEtNDhmMzlmZGUwZWVh
LzEvNllEN2xUQ2piX2UzUXcxUTFFdVB0dGJjcVRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwja4MA0G
CSqGSIb3DQEBCwUAA4IBAQCgDQq7lk1yRv8jet2jbWbbHzt5LL0OF+vFwVxuGkuf
C7HQPI1CwyODeHLSE00N4KIVN07XfQf7g3N/Ydg7Rbn9nmHek+QlbUGOQgyrIaNG
+uEPvivnXeEiF3+iD7XrR2ilAJTyfNU1rNwozVSlxulAjoWnAMD0x25YsSX33TiN
ffQTLrUaqYxy5qBXpcLwcbMCkiRG4p+tys1yp3E/xjVvlAAgJEbrjMT3+kwReKPU
v5VTuXwhQ5cP3h0ABiNyfwHHAy/TsYttVdNYjBfTw5VurGaNUi0tfrdCgaB9xXzH
tG8uiGBIR3mFOYXi0+GfvvunQbrzTNbKWOO1rTp6RxH2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:23 2024 by rpki-client on console-ams.rpki-client.org