Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/aY8hBW0EsDzUu64VuecTCEzdSe4.roa
File:                     aY8hBW0EsDzUu64VuecTCEzdSe4.roa (raw, json)
Hash identifier:          wQqUvtMTudC7zGr38aGXrqQ/l4pQqFEhNDLRPJa7IIM=
Subject key identifier:   69:8F:21:05:6D:04:B0:3C:D4:BB:AE:15:B9:E7:13:08:4C:DD:49:EE
Certificate issuer:       /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial:       0185975EA1577841B514582952297196803C
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/aY8hBW0EsDzUu64VuecTCEzdSe4.roa
Signing time:             Mon 09 Jan 2023 16:30:39 +0000
ROA not before:           Mon 09 Jan 2023 16:30:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398465
IP address blocks:        185.193.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:97:5e:a1:57:78:41:b5:14:58:29:52:29:71:96:80:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
        Validity
            Not Before: Jan  9 16:30:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=698f21056d04b03cd4bbae15b9e713084cdd49ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b2:05:80:ce:d5:d6:bb:f5:74:4c:fa:d0:ad:
                    b2:44:31:4d:17:e2:7c:9a:8b:ee:96:c2:c6:61:a2:
                    cc:64:4b:23:17:3a:cc:5d:b5:6f:55:4b:e1:7d:d0:
                    6f:1a:11:4f:e9:81:91:55:69:1a:34:36:d8:91:c9:
                    b1:c6:f4:0d:a9:b2:3c:ca:1b:3f:18:de:41:33:3e:
                    09:49:7d:89:dd:65:0c:99:f2:a0:bf:69:5e:78:c5:
                    bf:6a:05:51:7b:c5:cb:5e:bd:88:d8:87:d4:b9:4e:
                    e6:a9:df:76:3d:90:5b:32:09:0f:48:56:b0:51:1a:
                    6d:b6:09:00:2e:a0:41:8e:0b:fc:f2:9c:c4:13:56:
                    06:b3:89:a4:c4:c2:db:7e:dd:3e:9b:cf:0d:a9:0e:
                    d9:34:26:bf:cc:56:e1:32:45:62:2f:d1:89:b7:a1:
                    de:e6:3c:3f:c5:ee:5a:a5:c8:02:f0:e8:73:f6:7e:
                    de:31:4f:23:31:32:52:d9:39:15:97:54:e5:83:ff:
                    ff:9b:0c:59:8a:c3:c6:78:d0:6f:eb:ae:dc:e6:fa:
                    68:51:15:e4:53:1d:9b:4a:81:d5:17:f3:02:ef:d4:
                    14:62:c4:5b:c7:ac:1e:ba:f9:76:73:b0:12:ba:0a:
                    f1:b2:d8:1b:da:7c:6f:64:fc:61:42:89:07:95:7b:
                    63:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:8F:21:05:6D:04:B0:3C:D4:BB:AE:15:B9:E7:13:08:4C:DD:49:EE
            X509v3 Authority Key Identifier:
                keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/aY8hBW0EsDzUu64VuecTCEzdSe4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:f2:25:3a:fd:5b:06:14:cb:79:26:6c:c5:34:d9:74:5c:da:
         d7:af:51:e2:81:f0:35:50:77:c4:d1:40:ba:72:5b:ba:ba:62:
         9a:73:76:97:72:a6:5c:f8:40:17:a9:f9:d2:cb:4f:44:aa:a0:
         2f:a6:c0:ae:d2:26:f5:f4:6e:27:81:f2:c1:9d:14:bd:e5:ae:
         59:fc:ea:42:61:4b:6b:a7:26:8d:a8:dd:5f:4c:c7:74:e8:a9:
         a7:ca:05:08:ba:b0:f1:32:cd:4f:75:03:cc:bf:67:33:a6:9e:
         d1:c0:28:41:db:8f:a4:a3:74:30:ba:ac:88:9f:9d:6f:92:56:
         ed:37:e6:f4:d0:f5:6c:bc:35:42:bc:90:04:54:3f:c1:1c:0f:
         7e:c3:11:a2:aa:67:08:52:20:c2:0e:3f:02:cb:7b:78:f5:19:
         c5:98:92:91:db:83:eb:fe:f9:79:fa:a9:8c:34:57:2c:8c:45:
         6a:56:10:57:47:18:ec:a3:e6:0a:d1:86:00:57:89:2f:da:8f:
         57:a5:a9:44:37:a3:b1:af:5a:18:2b:a8:b4:74:55:cd:10:9f:
         84:b8:eb:79:68:0e:fa:3d:9d:15:e3:cf:b6:ec:72:29:74:f9:
         48:1f:fd:fd:bf:55:4b:5c:f1:c0:a1:d3:7b:79:3e:82:f3:8b:
         e2:a9:bf:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWXXqFXeEG1FFgpUilxloA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjMwMTA5MTYzMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThmMjEwNTZkMDRiMDNjZDRiYmFlMTViOWU3MTMwODRjZGQ0OWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7IFgM7V1rv1dEz60K2yRDFNF+J8
movulsLGYaLMZEsjFzrMXbVvVUvhfdBvGhFP6YGRVWkaNDbYkcmxxvQNqbI8yhs/
GN5BMz4JSX2J3WUMmfKgv2leeMW/agVRe8XLXr2I2IfUuU7mqd92PZBbMgkPSFaw
URpttgkALqBBjgv88pzEE1YGs4mkxMLbft0+m88NqQ7ZNCa/zFbhMkViL9GJt6He
5jw/xe5apcgC8Ohz9n7eMU8jMTJS2TkVl1Tlg///mwxZisPGeNBv667c5vpoURXk
Ux2bSoHVF/MC79QUYsRbx6weuvl2c7ASugrxstgb2nxvZPxhQokHlXtjlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmPIQVtBLA81LuuFbnnEwhM3UnuMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEvYVk4aEJXMEVzRHpVdTY0VnVlY1RDRXpkU2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucGmMA0G
CSqGSIb3DQEBCwUAA4IBAQBR8iU6/VsGFMt5JmzFNNl0XNrXr1HigfA1UHfE0UC6
clu6umKac3aXcqZc+EAXqfnSy09EqqAvpsCu0ib19G4ngfLBnRS95a5Z/OpCYUtr
pyaNqN1fTMd06KmnygUIurDxMs1PdQPMv2czpp7RwChB24+ko3QwuqyIn51vklbt
N+b00PVsvDVCvJAEVD/BHA9+wxGiqmcIUiDCDj8Cy3t49RnFmJKR24Pr/vl5+qmM
NFcsjEVqVhBXRxjso+YK0YYAV4kv2o9XpalEN6Oxr1oYK6i0dFXNEJ+EuOt5aA76
PZ0V48+27HIpdPlIH/39v1VLXPHAodN7eT6C84viqb+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:41 2024 by rpki-client on console-ams.rpki-client.org