Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/BKYmTQt6JPsriSrM_LzpUWiAQII.roa
File:                     BKYmTQt6JPsriSrM_LzpUWiAQII.roa (raw, json)
Hash identifier:          FqMX6+T1yHUwH0tGC8ptBfWjsyNAjYhGliBl9EIbBVg=
Subject key identifier:   04:A6:26:4D:0B:7A:24:FB:2B:89:2A:CC:FC:BC:E9:51:68:80:40:82
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018E65C7EDF94DF8E70C1B19F8539ACE31B8
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/BKYmTQt6JPsriSrM_LzpUWiAQII.roa
Signing time:             Fri 22 Mar 2024 10:49:45 +0000
ROA not before:           Fri 22 Mar 2024 10:49:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        216.173.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Mar 2024 11:31:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:65:c7:ed:f9:4d:f8:e7:0c:1b:19:f8:53:9a:ce:31:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Mar 22 10:49:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=04a6264d0b7a24fb2b892accfcbce95168804082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:88:52:f2:d5:63:7a:60:ab:e1:06:00:12:e3:
                    38:1f:6c:3b:54:6e:2a:4b:40:97:ee:35:9e:e5:3e:
                    b6:e9:7a:37:16:20:b0:f5:e6:93:fe:70:aa:5f:f3:
                    fc:79:f3:15:3b:7e:d8:ad:64:d9:38:6d:ef:b4:3e:
                    58:e1:aa:c3:5f:f7:b7:fa:c5:93:5b:7a:34:49:0e:
                    d5:56:6b:cb:a5:83:ef:59:de:46:86:ac:69:6f:19:
                    8f:0a:3a:e6:b0:33:e9:df:65:34:af:23:ea:01:68:
                    28:35:d9:82:48:d0:03:3d:54:5d:84:34:d8:f6:54:
                    63:3e:24:ef:f8:0b:ea:f2:5c:a2:11:bb:e9:79:56:
                    09:02:64:5e:e9:82:e4:ff:2d:fa:82:db:5f:c8:fd:
                    d6:04:7a:78:b8:51:77:0e:0c:96:20:b7:9b:82:1d:
                    0b:12:e5:f7:9c:aa:45:7a:a3:d1:9d:66:03:87:ac:
                    ec:f6:10:fc:8b:d4:41:70:eb:95:bd:56:8e:9a:03:
                    84:3f:92:99:d4:13:13:0b:b8:ff:01:d7:c0:90:ea:
                    e7:1e:3d:af:79:8e:28:5d:e2:68:96:49:db:e9:fd:
                    eb:54:90:93:7f:fc:e5:d3:32:c5:a3:4e:ba:e7:db:
                    88:ab:40:35:46:58:09:6a:6d:07:97:06:e3:24:56:
                    4d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:A6:26:4D:0B:7A:24:FB:2B:89:2A:CC:FC:BC:E9:51:68:80:40:82
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/BKYmTQt6JPsriSrM_LzpUWiAQII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.173.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:ce:ea:ff:25:86:25:a5:46:ce:11:d5:b9:29:92:50:b6:17:
         53:d6:21:43:44:d9:a4:b4:98:04:55:53:45:4a:45:bc:9b:51:
         2c:0a:59:e1:8c:2f:ca:ea:3b:b4:5d:00:fd:e5:4c:1c:3f:b2:
         e0:92:06:67:60:84:71:09:f5:08:d7:9c:a0:f2:6d:92:2c:c6:
         ea:e5:fb:d7:44:3e:64:a3:e3:c0:3d:96:99:06:6d:2f:68:7c:
         a7:83:e2:11:19:3c:ea:c9:e8:c2:9f:b3:2b:eb:9e:81:3c:e3:
         8b:0e:f6:86:c8:7a:f3:9a:dd:a4:50:5f:23:22:72:35:2c:e0:
         34:de:16:4e:fd:66:ab:8d:c5:5e:f4:25:d2:95:16:4c:de:d5:
         80:29:79:84:15:7f:2c:26:61:02:f3:e5:d4:64:99:57:84:29:
         3d:8c:cd:88:5d:89:36:ee:1b:ae:d9:a3:00:54:05:9d:d8:26:
         49:f9:34:41:86:03:f7:a5:28:6b:93:9f:da:91:82:86:cb:c9:
         93:24:f7:92:4e:72:25:2c:92:cf:72:0c:1f:30:bf:63:ed:e0:
         e6:f3:57:10:6f:6b:a0:48:76:f8:01:37:a8:1e:8b:03:ec:7c:
         e4:09:57:c0:0e:62:68:bd:59:1f:06:9c:a8:3f:08:0c:58:71:
         e7:b4:55:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5lx+35TfjnDBsZ+FOazjG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMzIyMTA0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE2MjY0ZDBiN2EyNGZiMmI4OTJhY2NmY2JjZTk1MTY4ODA0MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4hS8tVjemCr4QYAEuM4H2w7VG4q
S0CX7jWe5T626Xo3FiCw9eaT/nCqX/P8efMVO37YrWTZOG3vtD5Y4arDX/e3+sWT
W3o0SQ7VVmvLpYPvWd5GhqxpbxmPCjrmsDPp32U0ryPqAWgoNdmCSNADPVRdhDTY
9lRjPiTv+Avq8lyiEbvpeVYJAmRe6YLk/y36gttfyP3WBHp4uFF3DgyWILebgh0L
EuX3nKpFeqPRnWYDh6zs9hD8i9RBcOuVvVaOmgOEP5KZ1BMTC7j/AdfAkOrnHj2v
eY4oXeJolknb6f3rVJCTf/zl0zLFo06659uIq0A1RlgJam0HlwbjJFZNswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASmJk0LeiT7K4kqzPy86VFogECCMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQktZbVRRdDZKUHNyaVNyTV9MenBVV2lBUUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2K1XMA0G
CSqGSIb3DQEBCwUAA4IBAQCOzur/JYYlpUbOEdW5KZJQthdT1iFDRNmktJgEVVNF
SkW8m1EsClnhjC/K6ju0XQD95UwcP7LgkgZnYIRxCfUI15yg8m2SLMbq5fvXRD5k
o+PAPZaZBm0vaHyng+IRGTzqyejCn7Mr656BPOOLDvaGyHrzmt2kUF8jInI1LOA0
3hZO/WarjcVe9CXSlRZM3tWAKXmEFX8sJmEC8+XUZJlXhCk9jM2IXYk27huu2aMA
VAWd2CZJ+TRBhgP3pShrk5/akYKGy8mTJPeSTnIlLJLPcgwfML9j7eDm81cQb2ug
SHb4ATeoHosD7HzkCVfADmJovVkfBpyoPwgMWHHntFVp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org