Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/yu7c0wayeWFSG-NzAPEyjvA8Vek.roa
File:                     yu7c0wayeWFSG-NzAPEyjvA8Vek.roa (raw, json)
Hash identifier:          /OBqZ8gREq+JPnB4OAMhQFeXZSG9/OszsG2TGuLvwTY=
Subject key identifier:   CA:EE:DC:D3:06:B2:79:61:52:1B:E3:73:00:F1:32:8E:F0:3C:55:E9
Certificate issuer:       /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Certificate serial:       0185734CDC5B70931E2EC31388BFC3DA801C
Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/yu7c0wayeWFSG-NzAPEyjvA8Vek.roa
Signing time:             Mon 02 Jan 2023 16:24:55 +0000
ROA not before:           Mon 02 Jan 2023 16:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209631
IP address blocks:        194.116.112.0/24 maxlen: 24
                          194.116.116.0/24 maxlen: 24
                          194.116.118.0/24 maxlen: 24
                          194.116.113.0/24 maxlen: 24
                          194.116.112.0/21 maxlen: 24
                          194.116.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:34:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:dc:5b:70:93:1e:2e:c3:13:88:bf:c3:da:80:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
        Validity
            Not Before: Jan  2 16:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=caeedcd306b27961521be37300f1328ef03c55e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c2:9a:ab:5e:d5:3c:a0:75:1e:00:42:be:8e:
                    0e:d3:3c:d6:9e:f9:0a:c5:0e:9d:fa:64:d8:c9:e1:
                    cf:fc:9f:01:51:22:a5:1c:a5:16:63:3b:c9:b1:c8:
                    3e:0e:f3:57:a4:d8:44:10:f8:4b:72:f7:19:09:74:
                    6d:00:06:8b:86:f5:3b:62:1f:c3:26:52:0e:01:2a:
                    e4:80:22:5c:e6:2d:fe:db:f0:07:b8:7c:cd:c1:3c:
                    ef:58:84:50:31:59:b9:36:e9:ad:80:3d:cf:89:24:
                    03:c6:c0:87:eb:15:b4:75:75:ba:15:56:22:43:ab:
                    de:45:64:b7:e5:ca:03:6f:e4:19:70:8c:de:b6:4f:
                    00:5d:2d:0c:17:8c:c9:44:7f:77:4e:6c:cb:4c:0f:
                    8b:19:a1:9d:5e:d4:a7:71:b3:75:45:e5:3e:f9:76:
                    98:f0:d3:35:76:e3:c6:19:f2:24:e8:c4:4b:3d:b3:
                    f5:99:d4:e9:7b:ea:98:f0:0b:dc:57:a3:e6:9d:1b:
                    e9:40:77:87:ed:10:ef:ba:13:43:52:23:2b:4b:2f:
                    6f:32:c5:64:be:5a:b3:a4:03:b8:5f:ab:8c:d6:88:
                    56:9f:c4:75:63:72:7d:6d:d2:88:bd:63:3a:8f:77:
                    5d:46:30:18:e6:50:7f:fd:26:b4:44:7c:ad:79:7e:
                    aa:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:EE:DC:D3:06:B2:79:61:52:1B:E3:73:00:F1:32:8E:F0:3C:55:E9
            X509v3 Authority Key Identifier:
                keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/yu7c0wayeWFSG-NzAPEyjvA8Vek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.116.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0c:e3:15:ce:21:b7:9b:0d:e5:07:5f:81:a9:25:20:c9:61:05:
         dd:9c:83:8b:9a:42:e3:01:7c:e2:34:23:d2:90:da:15:26:40:
         cd:99:c2:a2:d0:29:13:d9:11:de:66:d6:66:de:0d:83:9c:ba:
         84:7d:8f:3c:d9:bf:84:34:62:7a:4c:f2:11:42:5c:bb:fe:fa:
         54:28:97:7d:ec:cb:d9:6b:19:db:bd:da:17:0e:29:25:53:ed:
         65:54:f7:a0:c5:11:78:85:74:75:85:36:2f:b8:5d:81:41:23:
         ec:20:74:f2:15:6a:5b:f3:45:89:5a:4f:80:af:fe:30:00:dc:
         d5:a5:82:f9:0b:57:85:13:4a:7f:f5:5a:69:fb:dd:eb:33:35:
         d7:df:19:9b:fa:50:60:be:7d:5c:3d:29:26:e9:2e:48:84:94:
         1c:d9:c5:ae:7f:ef:24:93:d3:73:c0:29:c5:30:21:6a:d6:4e:
         51:2d:a1:fc:94:aa:31:ab:ee:73:92:0d:9f:1c:ab:ba:d7:d9:
         fb:11:c6:91:a3:d3:5e:a2:84:5f:be:42:27:2d:47:ed:82:08:
         b7:ed:a9:06:9a:37:09:53:f0:91:d9:8b:8f:36:98:60:a3:f0:
         88:21:f6:dc:1f:e7:7e:26:53:be:a0:a3:d2:09:44:6e:61:6d:
         e2:45:57:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTNxbcJMeLsMTiL/D2oAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi
ZmU1YzEwHhcNMjMwMTAyMTYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWVlZGNkMzA2YjI3OTYxNTIxYmUzNzMwMGYxMzI4ZWYwM2M1NWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8Kaq17VPKB1HgBCvo4O0zzWnvkK
xQ6d+mTYyeHP/J8BUSKlHKUWYzvJscg+DvNXpNhEEPhLcvcZCXRtAAaLhvU7Yh/D
JlIOASrkgCJc5i3+2/AHuHzNwTzvWIRQMVm5NumtgD3PiSQDxsCH6xW0dXW6FVYi
Q6veRWS35coDb+QZcIzetk8AXS0MF4zJRH93TmzLTA+LGaGdXtSncbN1ReU++XaY
8NM1duPGGfIk6MRLPbP1mdTpe+qY8AvcV6PmnRvpQHeH7RDvuhNDUiMrSy9vMsVk
vlqzpAO4X6uM1ohWn8R1Y3J9bdKIvWM6j3ddRjAY5lB//Sa0RHyteX6qqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMru3NMGsnlhUhvjcwDxMo7wPFXpMB8GA1UdIwQY
MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt
YzAyOGQ5MWViYzljLzEveXU3YzB3YXllV0ZTRy1OekFQRXlqdkE4VmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj
LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwnRwMA0G
CSqGSIb3DQEBCwUAA4IBAQAM4xXOIbebDeUHX4GpJSDJYQXdnIOLmkLjAXziNCPS
kNoVJkDNmcKi0CkT2RHeZtZm3g2DnLqEfY882b+ENGJ6TPIRQly7/vpUKJd97MvZ
axnbvdoXDiklU+1lVPegxRF4hXR1hTYvuF2BQSPsIHTyFWpb80WJWk+Ar/4wANzV
pYL5C1eFE0p/9Vpp+93rMzXX3xmb+lBgvn1cPSkm6S5IhJQc2cWuf+8kk9NzwCnF
MCFq1k5RLaH8lKoxq+5zkg2fHKu619n7EcaRo9NeooRfvkInLUftggi37akGmjcJ
U/CR2YuPNphgo/CIIfbcH+d+JlO+oKPSCURuYW3iRVec
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org