Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/YOhvkmbsiowPjBi2_rtiaEoBeIo.roa
File:                     YOhvkmbsiowPjBi2_rtiaEoBeIo.roa (raw, json)
Hash identifier:          4Jmt+JgZ98RGwlA+pSe+6B/XnqCx79Ck3tOrkEVCGVA=
Subject key identifier:   60:E8:6F:92:66:EC:8A:8C:0F:8C:18:B6:FE:BB:62:68:4A:01:78:8A
Certificate issuer:       /CN=b1e8cf7386200dfda9b067db9c77d30660d74cda
Certificate serial:       01856FF98E0E015A0706DEE3235741DA7979
Authority key identifier: B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/YOhvkmbsiowPjBi2_rtiaEoBeIo.roa
Signing time:             Mon 02 Jan 2023 00:55:03 +0000
ROA not before:           Mon 02 Jan 2023 00:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12384
IP address blocks:        185.173.196.0/22 maxlen: 22
                          77.235.224.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:8e:0e:01:5a:07:06:de:e3:23:57:41:da:79:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1e8cf7386200dfda9b067db9c77d30660d74cda
        Validity
            Not Before: Jan  2 00:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60e86f9266ec8a8c0f8c18b6febb62684a01788a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:96:2c:38:6c:4d:95:4d:96:9b:4c:54:c7:b6:
                    a4:53:3a:24:3f:4d:a3:11:dc:87:f6:1e:74:6c:b1:
                    17:ab:7c:81:86:f0:ee:b1:7e:df:22:8e:62:d0:5e:
                    e9:47:0b:ed:97:2a:66:11:c5:d2:4e:2e:42:22:43:
                    11:07:2c:54:3b:16:24:49:ad:c3:26:74:30:18:ab:
                    b8:cb:90:b8:89:6b:16:df:f0:4e:78:c9:f7:59:dd:
                    57:6b:38:e5:b5:af:58:56:4f:ba:0d:29:c9:2e:8d:
                    3d:1b:37:16:0b:03:13:c6:bf:eb:7d:e4:1f:7c:be:
                    46:60:e6:f8:b0:da:53:cc:de:01:65:a8:4e:b4:33:
                    36:f5:08:c8:4b:da:7f:b8:a7:96:ca:8c:90:4a:a5:
                    57:4d:60:df:d9:c8:c3:f4:6b:0e:7c:04:16:a6:81:
                    86:cc:60:06:2a:a0:00:9a:63:70:4a:52:db:2f:70:
                    da:33:5e:86:4a:b3:8c:72:4f:04:40:33:01:ba:bf:
                    15:3a:87:a5:14:ad:e4:07:0f:b7:8d:95:80:26:93:
                    dd:f1:e7:f1:c1:80:0f:31:c9:69:a2:b2:c5:3b:cf:
                    a3:73:31:8d:5c:1d:7d:e8:c5:2f:1a:74:fd:fc:c4:
                    e2:b1:3e:da:b5:ad:ac:ee:18:2d:db:da:62:67:35:
                    5f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:E8:6F:92:66:EC:8A:8C:0F:8C:18:B6:FE:BB:62:68:4A:01:78:8A
            X509v3 Authority Key Identifier:
                keyid:B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/YOhvkmbsiowPjBi2_rtiaEoBeIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/sejPc4YgDf2psGfbnHfTBmDXTNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.235.224.0/19
                  185.173.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:ce:2f:5e:57:d6:83:29:61:ec:b7:8b:10:2b:84:49:e2:16:
         4d:75:52:78:4c:39:5b:63:25:bb:94:a8:35:53:4b:15:c6:d0:
         50:ba:0c:05:a7:14:06:63:88:d2:bf:19:24:08:13:2b:36:11:
         fd:7b:e0:13:cc:a0:0a:b0:60:ed:76:fd:05:a1:2a:64:09:36:
         16:ef:0d:da:ed:89:d2:c3:d0:f8:6a:8e:64:23:ef:ce:b0:76:
         b3:67:d7:08:8e:b4:25:ee:08:1b:b6:01:a4:97:2b:a6:3b:2a:
         76:64:94:a8:22:5d:12:d7:a1:9e:22:28:17:9d:a7:f8:b3:73:
         05:6c:41:a8:f5:0d:fb:a6:94:13:11:e5:2b:99:d4:cd:d4:60:
         66:2f:de:6c:0f:f4:e2:eb:19:70:77:c4:9d:85:51:46:ec:17:
         29:56:9f:8b:62:c0:15:78:da:dd:2d:ce:5e:5d:9d:6b:17:e5:
         38:c5:e5:a6:a9:3e:ff:6a:65:d1:e7:b2:08:39:24:49:b2:fe:
         39:46:7d:13:b1:f1:a6:13:f8:5a:92:47:c6:a1:1e:f1:a2:2c:
         b5:83:73:12:e5:02:7a:60:af:86:2d:cf:bf:fe:23:f1:fe:a5:
         cd:2e:ee:99:63:67:2d:e1:e8:60:03:0d:83:bb:a3:23:94:e2:
         dd:13:f2:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+Y4OAVoHBt7jI1dB2nl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZThjZjczODYyMDBkZmRhOWIwNjdkYjljNzdkMzA2NjBk
NzRjZGEwHhcNMjMwMTAyMDA1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU4NmY5MjY2ZWM4YThjMGY4YzE4YjZmZWJiNjI2ODRhMDE3ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZYsOGxNlU2Wm0xUx7akUzokP02j
EdyH9h50bLEXq3yBhvDusX7fIo5i0F7pRwvtlypmEcXSTi5CIkMRByxUOxYkSa3D
JnQwGKu4y5C4iWsW3/BOeMn3Wd1Xazjlta9YVk+6DSnJLo09GzcWCwMTxr/rfeQf
fL5GYOb4sNpTzN4BZahOtDM29QjIS9p/uKeWyoyQSqVXTWDf2cjD9GsOfAQWpoGG
zGAGKqAAmmNwSlLbL3DaM16GSrOMck8EQDMBur8VOoelFK3kBw+3jZWAJpPd8efx
wYAPMclporLFO8+jczGNXB196MUvGnT9/MTisT7ata2s7hgt29piZzVfgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGDob5Jm7IqMD4wYtv67YmhKAXiKMB8GA1UdIwQY
MBaAFLHoz3OGIA39qbBn25x30wZg10zaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTct
NGE3OTA0ZmZjOGUxLzEvWU9odmttYnNpb3dQakJpMl9ydGlhRW9CZUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTctNGE3OTA0ZmZjOGUx
LzEvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTevgAwQC
ua3EMA0GCSqGSIb3DQEBCwUAA4IBAQCPzi9eV9aDKWHst4sQK4RJ4hZNdVJ4TDlb
YyW7lKg1U0sVxtBQugwFpxQGY4jSvxkkCBMrNhH9e+ATzKAKsGDtdv0FoSpkCTYW
7w3a7YnSw9D4ao5kI+/OsHazZ9cIjrQl7ggbtgGklyumOyp2ZJSoIl0S16GeIigX
naf4s3MFbEGo9Q37ppQTEeUrmdTN1GBmL95sD/Ti6xlwd8SdhVFG7BcpVp+LYsAV
eNrdLc5eXZ1rF+U4xeWmqT7/amXR57IIOSRJsv45Rn0TsfGmE/hakkfGoR7xoiy1
g3MS5QJ6YK+GLc+//iPx/qXNLu6ZY2ct4ehgAw2Du6MjlOLdE/Id
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org