Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/SYRS6LaNRjWbay8rVDKxQgfFStU.roa
File:                     SYRS6LaNRjWbay8rVDKxQgfFStU.roa (raw, json)
Hash identifier:          CV917zlyrMJtuztUkAhX0+uUBc7WeWeQYkOrFzj1v8Y=
Subject key identifier:   49:84:52:E8:B6:8D:46:35:9B:6B:2F:2B:54:32:B1:42:07:C5:4A:D5
Certificate issuer:       /CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Certificate serial:       01856FF9492ECCE39558EF41A824EC04EF0A
Authority key identifier: 8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/SYRS6LaNRjWbay8rVDKxQgfFStU.roa
Signing time:             Mon 02 Jan 2023 00:54:46 +0000
ROA not before:           Mon 02 Jan 2023 00:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     10599
IP address blocks:        194.37.84.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Mar 2023 06:59:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:49:2e:cc:e3:95:58:ef:41:a8:24:ec:04:ef:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
        Validity
            Not Before: Jan  2 00:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=498452e8b68d46359b6b2f2b5432b14207c54ad5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:bd:bc:54:b4:44:3e:32:4c:6d:11:a1:63:18:
                    00:f4:f8:a9:ab:55:58:63:69:ce:ab:16:b8:97:aa:
                    32:52:2a:8d:61:50:22:fa:a8:dd:82:08:39:5c:7e:
                    c7:c1:27:74:5e:6b:54:14:2d:10:3e:83:e0:f4:07:
                    f7:ed:78:d2:da:3c:2b:ae:f3:00:eb:7a:c2:78:15:
                    51:a7:03:f1:c5:24:1e:ee:a6:71:bf:5c:76:b4:5f:
                    cc:3f:0a:37:12:5a:5d:34:f6:64:0a:4f:7b:2b:d9:
                    e8:03:f7:eb:4d:92:fc:65:7d:ac:ab:2b:c3:32:4c:
                    74:49:9d:37:49:6e:7d:85:ae:64:a1:74:9c:04:81:
                    85:3b:b2:72:9b:0d:fb:dd:30:25:3b:5f:5d:e2:90:
                    e9:d0:b6:d3:c6:b5:08:56:da:88:ca:84:3a:00:1e:
                    ad:e8:14:f0:b5:ab:47:d7:98:ff:a4:09:b8:8b:69:
                    56:51:a8:c8:66:ef:af:19:dc:e3:f0:b9:e1:b4:ad:
                    27:04:90:ae:b3:f5:99:44:72:25:57:d7:d5:95:72:
                    d9:3f:fc:8c:be:38:7c:87:c5:45:53:65:dd:78:0e:
                    14:54:8e:19:5f:a3:95:a2:93:3d:01:c4:8f:6b:66:
                    9b:43:72:6e:d1:6d:68:e8:63:fc:3b:a9:f3:1c:1d:
                    73:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:84:52:E8:B6:8D:46:35:9B:6B:2F:2B:54:32:B1:42:07:C5:4A:D5
            X509v3 Authority Key Identifier:
                keyid:8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/SYRS6LaNRjWbay8rVDKxQgfFStU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/jxNyAMnqFWCj9C_X4QDtKEEUFrw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.37.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:28:43:3c:c5:05:61:cd:2c:65:a5:b9:b1:a7:b6:8a:68:e4:
         78:5f:1d:b6:e1:89:5d:bd:aa:ac:a6:48:66:9a:2d:e9:6a:a4:
         2b:8f:95:70:c9:d9:3d:95:1e:df:d5:e9:cb:a5:15:7b:1c:94:
         37:ea:ad:c5:20:fd:3e:c0:46:e5:0c:56:1a:84:9a:5b:33:91:
         25:58:0e:6b:69:bb:e4:1a:a3:73:76:df:e4:73:4c:3f:84:86:
         8e:2b:f0:15:e0:1d:27:39:f4:6a:82:90:cc:4e:00:d3:d7:fa:
         2c:99:e5:ae:40:d6:b6:eb:a6:92:ff:c7:7b:88:57:ac:31:14:
         4a:18:12:25:36:17:d7:91:33:12:0e:69:71:eb:3b:e2:59:64:
         a2:b7:a6:e2:7d:e3:12:2c:c1:68:47:2d:1a:34:54:d3:7c:6d:
         d4:81:74:f6:a7:b6:20:62:ca:82:28:61:27:11:88:c0:23:6c:
         e7:ec:9c:8c:eb:e3:b9:f6:32:44:aa:e5:4c:6e:99:70:3c:fa:
         8d:95:53:57:04:4b:05:a4:d7:eb:8c:68:6f:87:58:d8:ce:64:
         3a:1c:3e:d9:35:e1:91:00:ce:13:50:94:17:d6:ea:80:c8:01:
         f2:f5:d7:77:36:3f:09:00:ab:d7:d9:de:ad:94:c9:24:1d:9e:
         7d:fb:32:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+UkuzOOVWO9BqCTsBO8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTM3MjAwYzllYTE1NjBhM2Y0MmZkN2UxMDBlZDI4NDEx
NDE2YmMwHhcNMjMwMTAyMDA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg0NTJlOGI2OGQ0NjM1OWI2YjJmMmI1NDMyYjE0MjA3YzU0YWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt728VLREPjJMbRGhYxgA9Pipq1VY
Y2nOqxa4l6oyUiqNYVAi+qjdggg5XH7HwSd0XmtUFC0QPoPg9Af37XjS2jwrrvMA
63rCeBVRpwPxxSQe7qZxv1x2tF/MPwo3ElpdNPZkCk97K9noA/frTZL8ZX2sqyvD
Mkx0SZ03SW59ha5koXScBIGFO7Jymw373TAlO19d4pDp0LbTxrUIVtqIyoQ6AB6t
6BTwtatH15j/pAm4i2lWUajIZu+vGdzj8LnhtK0nBJCus/WZRHIlV9fVlXLZP/yM
vjh8h8VFU2XdeA4UVI4ZX6OVopM9AcSPa2abQ3Ju0W1o6GP8O6nzHB1zbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmEUui2jUY1m2svK1QysUIHxUrVMB8GA1UdIwQY
MBaAFI8TcgDJ6hVgo/Qv1+EA7ShBFBa8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTct
ZWI4MDIyMWU1MzhkLzEvU1lSUzZMYU5SaldiYXk4clZES3hRZ2ZGU3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTctZWI4MDIyMWU1Mzhk
LzEvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiVUMA0G
CSqGSIb3DQEBCwUAA4IBAQA8KEM8xQVhzSxlpbmxp7aKaOR4Xx224Yldvaqspkhm
mi3paqQrj5Vwydk9lR7f1enLpRV7HJQ36q3FIP0+wEblDFYahJpbM5ElWA5rabvk
GqNzdt/kc0w/hIaOK/AV4B0nOfRqgpDMTgDT1/osmeWuQNa266aS/8d7iFesMRRK
GBIlNhfXkTMSDmlx6zviWWSit6bifeMSLMFoRy0aNFTTfG3UgXT2p7YgYsqCKGEn
EYjAI2zn7JyM6+O59jJEquVMbplwPPqNlVNXBEsFpNfrjGhvh1jYzmQ6HD7ZNeGR
AM4TUJQX1uqAyAHy9dd3Nj8JAKvX2d6tlMkkHZ59+zLN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:58 2024 by rpki-client on console-fra.rpki-client.org