Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/yS1BTkYT9nHSCnMufbt91YixSjY.roa
File:                     yS1BTkYT9nHSCnMufbt91YixSjY.roa (raw, json)
Hash identifier:          p/WdOeHPETz7BrEXdANfxmyTHxaCCbZXTswaY/d97q0=
Subject key identifier:   C9:2D:41:4E:46:13:F6:71:D2:0A:73:2E:7D:BB:7D:D5:88:B1:4A:36
Certificate issuer:       /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial:       0186EF1049C0F391D3393F7B2BCC13D7227D
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/yS1BTkYT9nHSCnMufbt91YixSjY.roa
Signing time:             Fri 17 Mar 2023 10:14:27 +0000
ROA not before:           Fri 17 Mar 2023 10:14:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50986
IP address blocks:        193.34.202.0/24 maxlen: 24
                          31.170.24.0/24 maxlen: 24
                          31.170.24.0/21 maxlen: 21
                          185.27.96.0/22 maxlen: 22
                          178.236.64.0/22 maxlen: 22
                          178.236.64.0/20 maxlen: 20
                          178.236.70.0/23 maxlen: 23
                          178.236.76.0/22 maxlen: 22
                          2a02:1610::/32 maxlen: 32
                          2a02:1610::/56 maxlen: 56
                          2a02:1610:1:1000::/56 maxlen: 56

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 14:02:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:10:49:c0:f3:91:d3:39:3f:7b:2b:cc:13:d7:22:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
        Validity
            Not Before: Mar 17 10:14:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c92d414e4613f671d20a732e7dbb7dd588b14a36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:97:f7:a6:0f:17:64:94:bd:eb:35:5c:e4:a8:
                    8b:d0:b4:2d:a7:ef:c1:3f:79:45:d1:ef:30:d4:19:
                    c5:a0:50:fe:33:d3:f2:a6:fc:14:6f:b0:27:d2:df:
                    0b:0d:7c:56:05:6d:e7:e5:df:ec:78:8a:5d:86:89:
                    70:a5:07:35:4a:32:75:b0:f9:92:ff:90:51:f0:42:
                    ad:df:6f:d3:66:ab:d3:17:bb:74:e4:9b:1d:30:1b:
                    cd:ee:78:50:53:fb:81:f7:90:b9:74:a7:a4:5a:4b:
                    fc:9b:89:f2:99:25:8c:fc:7d:cc:eb:fd:c4:60:e7:
                    e2:e1:59:e5:22:6f:15:b7:07:09:93:ff:ca:52:3d:
                    e6:6e:bf:54:bc:1c:2e:4a:1a:36:5b:35:47:74:d5:
                    b7:70:05:d3:50:c1:1f:95:52:d7:60:3a:d4:9d:17:
                    ce:b1:f9:ba:5a:36:3b:55:9e:80:42:46:77:fe:94:
                    be:b3:e1:99:8f:ba:f7:d0:4a:63:e3:40:f2:9d:2e:
                    08:f9:fe:52:f2:28:ab:51:b7:26:87:62:9d:e3:48:
                    90:88:3b:1f:18:b3:43:bd:66:6d:d4:57:03:83:24:
                    49:c2:89:e1:36:e5:73:f9:c5:2e:29:75:fc:39:6c:
                    cf:a3:5e:f0:61:40:87:f6:3e:24:c7:ad:ef:00:54:
                    19:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:2D:41:4E:46:13:F6:71:D2:0A:73:2E:7D:BB:7D:D5:88:B1:4A:36
            X509v3 Authority Key Identifier:
                keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/yS1BTkYT9nHSCnMufbt91YixSjY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.170.24.0/21
                  178.236.64.0/20
                  185.27.96.0/22
                  193.34.202.0/24
                IPv6:
                  2a02:1610::/32

    Signature Algorithm: sha256WithRSAEncryption
         a8:62:3e:23:8d:fe:8b:36:58:5f:e1:fe:55:37:65:81:36:bf:
         0c:4f:27:33:fc:83:ae:d7:08:f4:25:e7:1f:c0:4e:e9:eb:59:
         f7:4e:fd:bc:3f:e3:11:3b:2d:59:72:37:94:e9:12:6a:24:cb:
         7e:d2:09:4f:ff:e7:78:7a:b7:af:07:76:25:db:51:33:44:e4:
         e4:1a:05:c3:67:eb:f4:c5:54:d1:ec:8b:36:e6:27:a2:57:c5:
         83:69:66:e8:5d:c7:f5:6f:73:e4:e6:aa:5a:03:fd:1b:be:7f:
         d0:29:51:43:fe:4e:0d:a2:4e:d0:2f:66:4f:42:b1:8d:61:11:
         51:85:a2:8f:64:22:d2:24:9e:e5:c7:50:29:ac:a2:25:75:32:
         7a:a3:0a:e2:4b:d2:e5:9d:0a:c9:aa:ae:ee:56:09:fc:4d:de:
         4d:81:d3:0d:42:59:53:9e:30:68:c2:07:94:d7:c0:76:67:b5:
         09:f6:91:c1:35:57:e6:1f:76:3c:d3:36:30:aa:f4:c5:e7:1a:
         12:6a:b5:ed:89:30:e2:c5:8f:19:f5:bb:c9:b1:56:5b:82:da:
         2c:76:6c:92:76:97:b4:89:2e:fd:08:d8:18:56:24:6b:34:84:
         bc:42:f5:88:bc:08:46:09:64:a9:58:7b:01:dd:79:41:55:c2:
         1d:1e:04:75
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYbvEEnA85HTOT97K8wT1yJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwMzE3MTAxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkNDE0ZTQ2MTNmNjcxZDIwYTczMmU3ZGJiN2RkNTg4YjE0YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJf3pg8XZJS96zVc5KiL0LQtp+/B
P3lF0e8w1BnFoFD+M9PypvwUb7An0t8LDXxWBW3n5d/seIpdholwpQc1SjJ1sPmS
/5BR8EKt32/TZqvTF7t05JsdMBvN7nhQU/uB95C5dKekWkv8m4nymSWM/H3M6/3E
YOfi4VnlIm8VtwcJk//KUj3mbr9UvBwuSho2WzVHdNW3cAXTUMEflVLXYDrUnRfO
sfm6WjY7VZ6AQkZ3/pS+s+GZj7r30Epj40DynS4I+f5S8iirUbcmh2Kd40iQiDsf
GLNDvWZt1FcDgyRJwonhNuVz+cUuKXX8OWzPo17wYUCH9j4kx63vAFQZ9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMktQU5GE/Zx0gpzLn27fdWIsUo2MB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEveVMxQlRrWVQ5bkhTQ25NdWZidDkxWWl4U2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH6oYAwQE
suxAAwQCuRtgAwQAwSLKMA0EAgACMAcDBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCoYj4jjf6LNlhf4f5VN2WBNr8MTycz/IOu1wj0JecfwE7p61n3Tv28P+MROy1Z
cjeU6RJqJMt+0glP/+d4erevB3Yl21EzROTkGgXDZ+v0xVTR7Is25ieiV8WDaWbo
Xcf1b3Pk5qpaA/0bvn/QKVFD/k4Nok7QL2ZPQrGNYRFRhaKPZCLSJJ7lx1AprKIl
dTJ6owriS9LlnQrJqq7uVgn8Td5NgdMNQllTnjBowgeU18B2Z7UJ9pHBNVfmH3Y8
0zYwqvTF5xoSarXtiTDixY8Z9bvJsVZbgtosdmySdpe0iS79CNgYViRrNIS8QvWI
vAhGCWSpWHsB3XlBVcIdHgR1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org