Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/YLOAl054BIoasjDeLH8rDonY0Ng.roa
File:                     YLOAl054BIoasjDeLH8rDonY0Ng.roa (raw, json)
Hash identifier:          zMWcPsV1oN0Z72gLoB/5msr9mAt1bRnqvcMvjoYGMJ4=
Subject key identifier:   60:B3:80:97:4E:78:04:8A:1A:B2:30:DE:2C:7F:2B:0E:89:D8:D0:D8
Certificate issuer:       /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial:       018997AD0A0721E681DBC795D0620BEB1554
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/YLOAl054BIoasjDeLH8rDonY0Ng.roa
Signing time:             Thu 27 Jul 2023 14:07:27 +0000
ROA not before:           Thu 27 Jul 2023 14:07:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212335
IP address blocks:        185.193.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:97:ad:0a:07:21:e6:81:db:c7:95:d0:62:0b:eb:15:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
        Validity
            Not Before: Jul 27 14:07:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60b380974e78048a1ab230de2c7f2b0e89d8d0d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f2:c8:62:7d:9e:9f:f2:e9:ea:e1:6a:65:98:
                    41:3b:7c:07:81:50:68:38:d7:a6:dd:6c:4c:f7:34:
                    1b:23:ce:8e:de:34:2e:aa:fd:b6:37:76:16:29:fc:
                    27:49:09:07:72:31:f8:44:f0:32:38:ab:96:18:b5:
                    65:e5:c5:e7:c0:ff:a5:45:0b:ad:82:21:2e:9f:2c:
                    be:ae:e7:bb:b0:b6:6d:e7:a2:68:d3:2f:41:07:c1:
                    65:fb:4e:26:8e:7a:17:ac:b9:da:50:6b:d1:59:a3:
                    be:18:a4:67:d0:f1:e0:37:b3:8c:f4:eb:f1:a0:73:
                    f4:34:99:7e:94:61:4a:2b:02:4f:a9:fd:19:15:0a:
                    e9:b9:f6:49:21:a3:0b:3b:32:7d:45:00:a9:70:e6:
                    ee:e1:5b:68:6b:ca:d6:18:7a:ba:73:a1:d0:2c:7d:
                    73:c6:32:69:3b:14:88:53:be:1c:23:86:a6:e6:5f:
                    30:f2:a4:22:4f:6f:8f:9d:75:dd:2b:fc:e0:7d:04:
                    b1:eb:25:7c:d7:b0:fd:24:85:4a:3d:0d:74:b7:33:
                    6e:da:b0:59:9b:15:2e:ad:1c:97:07:38:a6:7a:5c:
                    eb:a1:a4:90:62:97:3f:b1:aa:ff:fe:44:86:41:97:
                    78:d7:ca:8a:d6:f3:91:ee:e3:a0:7f:2d:8a:f0:66:
                    d7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:B3:80:97:4E:78:04:8A:1A:B2:30:DE:2C:7F:2B:0E:89:D8:D0:D8
            X509v3 Authority Key Identifier:
                keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/YLOAl054BIoasjDeLH8rDonY0Ng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e5:89:74:7c:63:62:73:82:70:98:6a:72:16:46:54:7b:2a:7c:
         6e:08:63:57:53:1d:f6:5c:07:3b:5e:a8:d1:01:f8:82:d6:a1:
         44:39:9c:dd:72:ca:cf:89:0c:ee:40:05:e3:47:f6:d1:c5:dd:
         88:ca:ca:dd:22:fd:74:fa:30:c6:08:71:fd:37:2e:fc:ea:8a:
         61:6e:69:b4:7f:66:1f:68:d9:08:d7:91:0e:f0:23:3b:9b:17:
         5b:00:e9:5f:fb:24:87:1e:81:44:8d:db:25:ab:f8:a2:40:fb:
         60:2c:a7:10:e6:bd:d8:04:6f:86:76:45:b1:93:cb:e7:50:86:
         13:71:3a:19:9c:7a:d0:10:51:78:cb:fc:9a:db:27:36:15:03:
         3f:e5:25:69:13:47:7d:60:ba:ea:5e:aa:33:9e:c7:34:8f:35:
         87:00:bb:ad:92:f0:fc:8b:95:60:be:2e:c2:6d:d2:12:ef:3c:
         46:24:22:b0:42:9d:7c:ac:b1:2d:ae:ce:da:59:ce:d3:ef:28:
         24:27:12:32:9b:dc:92:ea:49:b7:bf:0e:f8:00:79:7b:3f:11:
         87:cb:d3:09:21:bb:23:3c:0d:9e:18:f6:99:7f:78:10:1d:49:
         55:81:c2:a9:b2:4d:dc:00:ef:6e:55:02:d3:c2:92:6d:89:c3:
         c0:ab:0d:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmXrQoHIeaB28eV0GIL6xVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjMwNzI3MTQwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGIzODA5NzRlNzgwNDhhMWFiMjMwZGUyYzdmMmIwZTg5ZDhkMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPLIYn2en/Lp6uFqZZhBO3wHgVBo
ONem3WxM9zQbI86O3jQuqv22N3YWKfwnSQkHcjH4RPAyOKuWGLVl5cXnwP+lRQut
giEunyy+rue7sLZt56Jo0y9BB8Fl+04mjnoXrLnaUGvRWaO+GKRn0PHgN7OM9Ovx
oHP0NJl+lGFKKwJPqf0ZFQrpufZJIaMLOzJ9RQCpcObu4Vtoa8rWGHq6c6HQLH1z
xjJpOxSIU74cI4am5l8w8qQiT2+PnXXdK/zgfQSx6yV817D9JIVKPQ10tzNu2rBZ
mxUurRyXBzimelzroaSQYpc/sar//kSGQZd418qK1vOR7uOgfy2K8GbXTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCzgJdOeASKGrIw3ix/Kw6J2NDYMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEvWUxPQWwwNTRCSW9hc2pEZUxIOHJEb25ZME5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucGkMA0G
CSqGSIb3DQEBCwUAA4IBAQDliXR8Y2JzgnCYanIWRlR7KnxuCGNXUx32XAc7XqjR
AfiC1qFEOZzdcsrPiQzuQAXjR/bRxd2IysrdIv10+jDGCHH9Ny786ophbmm0f2Yf
aNkI15EO8CM7mxdbAOlf+ySHHoFEjdslq/iiQPtgLKcQ5r3YBG+GdkWxk8vnUIYT
cToZnHrQEFF4y/ya2yc2FQM/5SVpE0d9YLrqXqoznsc0jzWHALutkvD8i5Vgvi7C
bdIS7zxGJCKwQp18rLEtrs7aWc7T7ygkJxIym9yS6km3vw74AHl7PxGHy9MJIbsj
PA2eGPaZf3gQHUlVgcKpsk3cAO9uVQLTwpJticPAqw2e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:30 2024 by rpki-client on console-fra.rpki-client.org