Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa
File:                     NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa (raw, json)
Hash identifier:          WyDkBGNdqW1JhEvq6Gv/CrWPAA3oZuLtAiWA9ur1ctU=
Subject key identifier:   35:81:00:48:7C:EF:01:0C:6E:08:68:18:CB:B0:63:78:35:59:C7:76
Certificate issuer:       /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial:       018EA2DEF8107C5C4C932ABCDD3F48289CE8
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa
Signing time:             Wed 03 Apr 2024 07:31:45 +0000
ROA not before:           Wed 03 Apr 2024 07:31:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198013
IP address blocks:        94.185.96.0/19 maxlen: 19
                          94.185.97.0/24 maxlen: 24
                          94.185.98.0/24 maxlen: 24
                          94.185.99.0/24 maxlen: 24
                          94.185.100.0/24 maxlen: 24
                          94.185.101.0/24 maxlen: 24
                          94.185.102.0/24 maxlen: 24
                          94.185.103.0/24 maxlen: 24
                          94.185.104.0/22 maxlen: 22
                          94.185.105.0/24 maxlen: 24
                          94.185.106.0/24 maxlen: 24
                          94.185.108.0/24 maxlen: 24
                          94.185.109.0/24 maxlen: 24
                          94.185.110.0/24 maxlen: 24
                          94.185.112.0/24 maxlen: 24
                          94.185.113.0/24 maxlen: 24
                          94.185.123.0/24 maxlen: 24
                          2a03:4580::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 15:40:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a2:de:f8:10:7c:5c:4c:93:2a:bc:dd:3f:48:28:9c:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
        Validity
            Not Before: Apr  3 07:31:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=358100487cef010c6e086818cbb063783559c776
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:59:fb:b8:c0:67:51:85:12:85:6f:c0:7f:99:
                    bf:e7:a9:fb:8c:d7:07:b7:5a:31:aa:fb:77:d8:7a:
                    bb:22:57:33:bb:7f:8f:fc:21:99:a2:f3:cd:00:d0:
                    fe:f2:f3:24:f9:41:5a:0d:73:a6:fe:f3:1b:9f:cf:
                    29:e7:52:45:25:1c:be:f2:e1:54:5f:2c:4f:8c:37:
                    6c:30:9f:e5:5d:5c:7c:eb:11:53:d9:32:a8:18:6c:
                    cc:81:70:2a:5e:13:bf:e1:1c:e3:f9:47:f0:0f:5e:
                    4b:f4:50:3f:e5:74:f3:40:2e:33:99:7c:7b:8f:cf:
                    76:4b:a3:f7:39:c3:5d:26:03:f6:94:44:11:d8:3a:
                    1e:9d:46:af:63:b0:5e:9b:b2:62:cc:14:30:67:3c:
                    47:66:20:b3:21:72:41:3d:a1:58:48:da:45:70:8f:
                    e6:03:df:ed:f0:b4:17:74:36:85:53:fa:ca:30:03:
                    6e:69:b8:c8:ed:40:a6:0c:e7:97:f6:5c:ed:87:52:
                    39:53:c7:97:d0:8a:04:be:4b:ad:21:6d:df:93:53:
                    f6:5e:cd:cf:76:15:14:f7:26:08:4d:b7:b8:d8:39:
                    b7:99:51:60:f8:28:b1:56:4f:5e:8d:b0:26:68:a8:
                    89:3c:56:6b:8c:f8:2f:70:43:96:f5:b8:ab:53:87:
                    7d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:81:00:48:7C:EF:01:0C:6E:08:68:18:CB:B0:63:78:35:59:C7:76
            X509v3 Authority Key Identifier:
                keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.185.96.0/19
                IPv6:
                  2a03:4580::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:be:eb:a7:7d:70:af:2b:53:e9:55:14:d3:39:e5:d9:b8:f7:
         5e:12:36:18:85:cb:c8:cc:0a:e2:d8:78:f2:d3:8b:80:9a:7d:
         27:3f:80:3f:23:89:b7:44:33:96:a5:89:b9:b5:05:a2:87:6e:
         1b:8a:f2:af:1e:40:fe:a7:00:6d:66:1f:1a:bf:89:f2:8e:1f:
         3d:6f:13:35:ed:f0:c1:45:6c:d7:07:19:cc:90:ff:e6:d1:db:
         2e:9a:89:b4:84:69:9c:35:72:cc:50:69:45:05:64:1e:f5:93:
         db:30:aa:c3:66:c3:8a:5f:0e:21:4b:8b:cc:d9:65:e8:3c:e1:
         95:8a:82:3d:19:48:c6:02:75:31:03:f0:d0:4d:e6:44:61:97:
         35:d7:37:53:d8:e7:95:57:93:d3:f4:55:61:8d:87:29:67:78:
         1b:32:c1:69:4f:f4:cb:81:e5:4f:76:e6:20:49:84:f7:4f:36:
         b6:28:e8:1a:0c:a5:64:a1:db:56:8a:b4:2b:7b:37:ad:97:d0:
         c2:c8:ca:20:8a:ff:7c:8c:46:1b:53:77:de:c8:40:31:1f:31:
         07:59:a1:a9:d0:de:80:5e:3a:56:96:84:9b:ea:95:ac:1a:bc:
         81:53:a5:1a:fc:a3:ac:b7:ed:6e:3f:f1:a9:44:34:1e:c4:3c:
         e0:e4:ca:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6i3vgQfFxMkyq83T9IKJzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjQwNDAzMDczMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTgxMDA0ODdjZWYwMTBjNmUwODY4MThjYmIwNjM3ODM1NTljNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVn7uMBnUYUShW/Af5m/56n7jNcH
t1oxqvt32Hq7Ilczu3+P/CGZovPNAND+8vMk+UFaDXOm/vMbn88p51JFJRy+8uFU
XyxPjDdsMJ/lXVx86xFT2TKoGGzMgXAqXhO/4Rzj+UfwD15L9FA/5XTzQC4zmXx7
j892S6P3OcNdJgP2lEQR2DoenUavY7Bem7JizBQwZzxHZiCzIXJBPaFYSNpFcI/m
A9/t8LQXdDaFU/rKMANuabjI7UCmDOeX9lzth1I5U8eX0IoEvkutIW3fk1P2Xs3P
dhUU9yYITbe42Dm3mVFg+CixVk9ejbAmaKiJPFZrjPgvcEOW9birU4d9uQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDWBAEh87wEMbghoGMuwY3g1Wcd2MB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvTllFQVNIenZBUXh1Q0dnWXk3QmplRFZaeDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFXrlgMA0E
AgACMAcDBQAqA0WAMA0GCSqGSIb3DQEBCwUAA4IBAQCqvuunfXCvK1PpVRTTOeXZ
uPdeEjYYhcvIzAri2Hjy04uAmn0nP4A/I4m3RDOWpYm5tQWih24bivKvHkD+pwBt
Zh8av4nyjh89bxM17fDBRWzXBxnMkP/m0dsumom0hGmcNXLMUGlFBWQe9ZPbMKrD
ZsOKXw4hS4vM2WXoPOGVioI9GUjGAnUxA/DQTeZEYZc11zdT2OeVV5PT9FVhjYcp
Z3gbMsFpT/TLgeVPduYgSYT3Tza2KOgaDKVkodtWirQrezetl9DCyMogiv98jEYb
U3feyEAxHzEHWaGp0N6AXjpWloSb6pWsGryBU6Ua/KOst+1uP/GpRDQexDzg5Mp6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:20 2024 by rpki-client on console-ams.rpki-client.org