Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa
File:                     yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa (raw, json)
Hash identifier:          wcSR4CYuKHKbcZt7JNqMyKVWwsabfNWbUtV+m0PKwHM=
Subject key identifier:   C8:69:CC:D2:21:32:58:87:49:AC:BF:2B:FA:8E:B1:02:18:50:89:7F
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018CC56E0F015A4A5E24C3E7E17AE2C8609A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa
Signing time:             Mon 01 Jan 2024 14:29:33 +0000
ROA not before:           Mon 01 Jan 2024 14:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39838
IP address blocks:        217.26.188.0/22 maxlen: 22
                          77.247.120.0/22 maxlen: 22
                          89.42.112.0/23 maxlen: 23
                          89.45.208.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 30 Oct 2024 10:21:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:0f:01:5a:4a:5e:24:c3:e7:e1:7a:e2:c8:60:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 14:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c869ccd22132588749acbf2bfa8eb1021850897f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:aa:a3:9a:cf:69:ea:5a:6a:85:ab:44:55:9a:
                    d3:94:1e:ba:24:b5:cd:1e:25:75:9b:fc:87:4f:0f:
                    cf:34:f0:f7:64:ff:c2:fa:63:28:46:90:5b:66:3b:
                    2b:19:ac:a9:a6:39:cd:8f:9b:c1:4b:b9:8e:9e:2e:
                    21:a8:3c:4f:3c:fa:02:27:47:95:c5:50:bb:99:c1:
                    46:b2:e2:3a:39:f5:c4:53:e9:45:7d:44:b6:28:94:
                    50:0b:75:af:51:4c:44:d5:46:93:cd:95:2c:01:62:
                    a7:29:9b:4d:f7:88:84:1a:10:ee:73:19:3e:4e:81:
                    7c:02:68:b0:7e:eb:5b:0c:1e:48:95:a0:c9:ca:fc:
                    65:5d:ff:7c:98:b6:f8:02:05:35:38:a6:76:ff:fc:
                    27:8b:b6:b9:78:b3:9c:54:62:40:42:89:b9:2e:65:
                    f1:45:a8:b0:b3:ae:c4:95:1f:3c:0a:54:8e:0c:76:
                    39:41:d0:ab:b3:f4:16:1e:d1:47:eb:3d:ee:ed:b0:
                    9a:a8:fb:e4:cf:dc:ea:08:e0:ae:15:fc:d1:84:8c:
                    5c:f9:28:dc:e6:f9:cc:85:15:2f:2a:45:1c:c5:44:
                    83:19:51:ee:a1:09:e9:a0:09:ba:2f:65:eb:0f:05:
                    13:6c:cc:7b:b0:08:96:83:ea:2c:da:d1:2c:3a:f2:
                    f3:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:69:CC:D2:21:32:58:87:49:AC:BF:2B:FA:8E:B1:02:18:50:89:7F
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.247.120.0/22
                  89.42.112.0/23
                  89.45.208.0/23
                  217.26.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:ec:0c:05:da:02:cb:d9:27:0a:a3:6e:fe:fc:ea:07:36:b3:
         9b:48:52:f4:c7:13:7f:38:1b:0f:c2:71:4f:60:6b:a0:28:9c:
         86:98:b2:4b:1e:ad:82:3c:0b:61:b4:6f:13:47:41:3d:e7:c7:
         ae:a3:40:c1:76:06:82:b2:ca:55:72:34:49:21:92:79:a3:f2:
         41:6b:67:9d:c8:81:76:17:31:2d:06:70:6d:30:ca:c0:99:88:
         ab:d4:79:fc:b1:92:2f:dd:01:ed:17:cb:d5:83:68:43:a1:ab:
         b5:b5:e1:77:3f:21:9a:7c:4d:f5:51:5d:8a:fe:77:72:b9:bd:
         a5:2c:a3:31:1e:9d:4f:a0:45:aa:67:b8:c7:37:08:f5:12:a8:
         1e:62:ac:7c:5c:27:2a:81:ce:55:e5:fc:d8:48:79:73:51:47:
         0a:b7:87:aa:ea:19:77:51:2f:bc:25:1e:50:4c:45:3d:48:9b:
         53:12:e6:19:07:df:0b:9b:77:41:62:9d:b3:53:1f:c0:0b:05:
         bc:88:9c:13:68:41:2c:48:6b:5f:7d:37:1c:27:0a:17:d7:ce:
         b4:d1:ca:88:8b:ee:8c:a4:cc:ab:c1:68:29:1a:40:04:3a:30:
         d9:79:07:3a:8b:c7:15:f8:86:30:c7:2a:b1:8c:93:ca:8b:1c:
         82:dd:8d:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbg8BWkpeJMPn4XriyGCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY5Y2NkMjIxMzI1ODg3NDlhY2JmMmJmYThlYjEwMjE4NTA4OTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKqjms9p6lpqhatEVZrTlB66JLXN
HiV1m/yHTw/PNPD3ZP/C+mMoRpBbZjsrGayppjnNj5vBS7mOni4hqDxPPPoCJ0eV
xVC7mcFGsuI6OfXEU+lFfUS2KJRQC3WvUUxE1UaTzZUsAWKnKZtN94iEGhDucxk+
ToF8AmiwfutbDB5IlaDJyvxlXf98mLb4AgU1OKZ2//wni7a5eLOcVGJAQom5LmXx
Raiws67ElR88ClSODHY5QdCrs/QWHtFH6z3u7bCaqPvkz9zqCOCuFfzRhIxc+Sjc
5vnMhRUvKkUcxUSDGVHuoQnpoAm6L2XrDwUTbMx7sAiWg+os2tEsOvLzjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMhpzNIhMliHSay/K/qOsQIYUIl/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEveUduTTBpRXlXSWRKckw4ci1vNnhBaGhRaVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTfd4AwQB
WSpwAwQBWS3QAwQC2Rq8MA0GCSqGSIb3DQEBCwUAA4IBAQBx7AwF2gLL2ScKo27+
/OoHNrObSFL0xxN/OBsPwnFPYGugKJyGmLJLHq2CPAthtG8TR0E958euo0DBdgaC
sspVcjRJIZJ5o/JBa2edyIF2FzEtBnBtMMrAmYir1Hn8sZIv3QHtF8vVg2hDoau1
teF3PyGafE31UV2K/ndyub2lLKMxHp1PoEWqZ7jHNwj1EqgeYqx8XCcqgc5V5fzY
SHlzUUcKt4eq6hl3US+8JR5QTEU9SJtTEuYZB98Lm3dBYp2zUx/ACwW8iJwTaEEs
SGtffTccJwoX18600cqIi+6MpMyrwWgpGkAEOjDZeQc6i8cV+IYwxyqxjJPKixyC
3Y3A
-----END CERTIFICATE-----
Generated at Wed Oct 30 12:04:29 2024 by rpki-client on console-fra.rpki-client.org