Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/PYlwo86eSnb3RgSKO_tc6urNWBk.roa
File:                     PYlwo86eSnb3RgSKO_tc6urNWBk.roa (raw, json)
Hash identifier:          EPQ9V/T+2rK+7M/rqtQgsmehUEvCGWp+PQdOAmUd17E=
Subject key identifier:   3D:89:70:A3:CE:9E:4A:76:F7:46:04:8A:3B:FB:5C:EA:EA:CD:58:19
Certificate issuer:       /CN=c3fadf44e101e165c87bb4d0efccf94bd67e2a35
Certificate serial:       0185711E3BF32B6A03965F0495A0943F7F6A
Authority key identifier: C3:FA:DF:44:E1:01:E1:65:C8:7B:B4:D0:EF:CC:F9:4B:D6:7E:2A:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w_rfROEB4WXIe7TQ78z5S9Z-KjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/PYlwo86eSnb3RgSKO_tc6urNWBk.roa
Signing time:             Mon 02 Jan 2023 06:14:44 +0000
ROA not before:           Mon 02 Jan 2023 06:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43237
IP address blocks:        194.8.72.0/23 maxlen: 23
                          195.114.20.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:3b:f3:2b:6a:03:96:5f:04:95:a0:94:3f:7f:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3fadf44e101e165c87bb4d0efccf94bd67e2a35
        Validity
            Not Before: Jan  2 06:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d8970a3ce9e4a76f746048a3bfb5ceaeacd5819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fd:45:00:18:5a:58:e6:1b:4b:b5:50:26:e5:
                    3c:2d:a9:9e:7e:0d:21:ce:fd:e8:35:7a:85:8d:2d:
                    5b:8e:b8:e6:4a:45:aa:10:1c:39:d3:4b:80:a5:7d:
                    66:42:18:f7:f5:b0:fd:21:01:62:c3:93:9d:68:d7:
                    95:d5:87:6b:b7:1b:3c:df:24:53:cd:3b:7b:bc:ee:
                    ba:b5:f7:96:9b:5b:a8:4a:be:de:0c:9e:88:86:a0:
                    e1:d8:f4:44:8f:ca:1b:5b:0c:e5:81:fd:9a:10:10:
                    90:c0:37:6c:06:89:fa:16:27:c5:1e:96:8b:60:b7:
                    c0:34:3d:dc:a5:e4:cc:5b:6b:61:c2:da:3b:0f:d5:
                    04:a6:75:a8:66:0d:7a:f0:49:f6:28:b0:bd:be:7e:
                    6a:af:10:15:ac:d7:23:fa:04:69:00:83:b3:c9:4f:
                    36:ff:a7:fb:50:b8:09:ac:d9:96:b4:56:f7:35:30:
                    ac:e5:bf:a8:68:27:f1:d9:56:32:b4:4f:3f:bf:c9:
                    4f:81:b8:a7:1c:45:63:12:55:3e:14:6f:11:b5:40:
                    4f:b0:ea:26:e2:f3:4f:aa:8b:c6:d3:59:5f:c9:65:
                    23:56:bc:f7:7a:f2:35:28:26:3c:2f:4a:3f:a1:ae:
                    e2:00:db:cd:b8:4b:98:7e:f3:a7:f4:e2:a1:c3:0b:
                    2b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:89:70:A3:CE:9E:4A:76:F7:46:04:8A:3B:FB:5C:EA:EA:CD:58:19
            X509v3 Authority Key Identifier:
                keyid:C3:FA:DF:44:E1:01:E1:65:C8:7B:B4:D0:EF:CC:F9:4B:D6:7E:2A:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_rfROEB4WXIe7TQ78z5S9Z-KjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/PYlwo86eSnb3RgSKO_tc6urNWBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/w_rfROEB4WXIe7TQ78z5S9Z-KjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.8.72.0/23
                  195.114.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:83:10:67:5b:12:89:47:6f:e6:86:9c:28:2e:75:c2:bb:9e:
         16:c2:7f:c0:de:8b:37:ec:3f:a8:ac:16:fb:13:63:44:4d:a2:
         88:3b:86:8c:8d:9b:c4:81:e8:e1:44:6e:e9:0a:05:9f:5e:30:
         99:e0:6b:9a:b5:de:20:58:ac:1f:47:d1:d5:05:06:f2:3b:73:
         73:a2:f9:c2:ef:ce:64:ca:84:aa:c5:63:8b:7d:6b:ef:78:7d:
         9b:0a:24:dd:54:d8:45:72:17:02:eb:8d:5b:3a:e0:f5:23:22:
         3b:26:01:77:50:4d:77:d3:58:59:49:58:96:14:03:ee:6a:b0:
         ef:7f:6e:29:b5:0b:43:b0:52:ac:86:3c:3b:8e:08:48:97:26:
         fc:be:78:99:ab:e4:f2:4a:d4:2a:28:8e:98:ac:1f:f6:e7:50:
         55:f5:d8:b6:f7:49:24:a3:3d:bb:96:c4:52:8c:c1:08:8e:14:
         ce:b3:71:dc:3f:bd:90:84:c3:8e:4a:f3:7c:77:63:f8:f1:96:
         3d:53:9c:5b:f1:2d:b0:d5:8a:5b:38:98:04:37:14:5c:e1:bf:
         ba:1d:a9:f6:23:c9:59:b4:6c:6c:f6:7e:fd:4f:43:04:ee:f6:
         1e:79:68:fe:97:0d:c7:5f:bd:79:4f:11:72:7c:16:9f:f8:38:
         db:64:53:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxHjvzK2oDll8ElaCUP39qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmFkZjQ0ZTEwMWUxNjVjODdiYjRkMGVmY2NmOTRiZDY3
ZTJhMzUwHhcNMjMwMTAyMDYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg5NzBhM2NlOWU0YTc2Zjc0NjA0OGEzYmZiNWNlYWVhY2Q1ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv1FABhaWOYbS7VQJuU8Lamefg0h
zv3oNXqFjS1bjrjmSkWqEBw500uApX1mQhj39bD9IQFiw5OdaNeV1Ydrtxs83yRT
zTt7vO66tfeWm1uoSr7eDJ6IhqDh2PREj8obWwzlgf2aEBCQwDdsBon6FifFHpaL
YLfAND3cpeTMW2thwto7D9UEpnWoZg168En2KLC9vn5qrxAVrNcj+gRpAIOzyU82
/6f7ULgJrNmWtFb3NTCs5b+oaCfx2VYytE8/v8lPgbinHEVjElU+FG8RtUBPsOom
4vNPqovG01lfyWUjVrz3evI1KCY8L0o/oa7iANvNuEuYfvOn9OKhwwsrDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2JcKPOnkp290YEijv7XOrqzVgZMB8GA1UdIwQY
MBaAFMP630ThAeFlyHu00O/M+UvWfio1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd19yZlJPRUI0V1hJZTdUUTc4ejVTOVotS2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzRkYzUtZjNiYy00YmZiLTg5Zjct
ZDk3YmQzMzAzMjhjLzEvUFlsd284NmVTbmIzUmdTS09fdGM2dXJOV0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNzRkYzUtZjNiYy00YmZiLTg5ZjctZDk3YmQzMzAzMjhj
LzEvd19yZlJPRUI0V1hJZTdUUTc4ejVTOVotS2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwghIAwQB
w3IUMA0GCSqGSIb3DQEBCwUAA4IBAQBNgxBnWxKJR2/mhpwoLnXCu54Wwn/A3os3
7D+orBb7E2NETaKIO4aMjZvEgejhRG7pCgWfXjCZ4Guatd4gWKwfR9HVBQbyO3Nz
ovnC785kyoSqxWOLfWvveH2bCiTdVNhFchcC641bOuD1IyI7JgF3UE1301hZSViW
FAPuarDvf24ptQtDsFKshjw7jghIlyb8vniZq+TyStQqKI6YrB/251BV9di290kk
oz27lsRSjMEIjhTOs3HcP72QhMOOSvN8d2P48ZY9U5xb8S2w1YpbOJgENxRc4b+6
Han2I8lZtGxs9n79T0ME7vYeeWj+lw3HX715TxFyfBaf+DjbZFNq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org