Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/YfeZUvGguOpdOnkUHpG4L1G4qh8.roa
File:                     YfeZUvGguOpdOnkUHpG4L1G4qh8.roa (raw, json)
Hash identifier:          koZGHeT0LgGBHfgB5+Q9Pyy4Q/cpKn5CG8x+KrLEH7I=
Subject key identifier:   61:F7:99:52:F1:A0:B8:EA:5D:3A:79:14:1E:91:B8:2F:51:B8:AA:1F
Certificate issuer:       /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial:       018D46AA907B4FCAA53D0F63ECA9C1A2A025
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/YfeZUvGguOpdOnkUHpG4L1G4qh8.roa
Signing time:             Fri 26 Jan 2024 16:46:39 +0000
ROA not before:           Fri 26 Jan 2024 16:46:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39122
IP address blocks:        46.22.128.0/20 maxlen: 20
                          78.153.192.0/19 maxlen: 24
                          81.17.240.0/20 maxlen: 24
                          91.197.234.0/23 maxlen: 23
                          176.52.222.0/23 maxlen: 23
                          185.2.64.0/22 maxlen: 22
                          185.209.164.0/22 maxlen: 22
                          200.69.8.0/21 maxlen: 21
                          2a01:a8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 16:22:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:46:aa:90:7b:4f:ca:a5:3d:0f:63:ec:a9:c1:a2:a0:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
        Validity
            Not Before: Jan 26 16:46:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=61f79952f1a0b8ea5d3a79141e91b82f51b8aa1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0e:5b:d9:e1:dc:e6:e9:c3:20:b6:2d:07:4b:
                    a7:54:ec:fb:f4:53:58:2c:e2:8a:5b:c0:81:9b:c0:
                    16:e4:89:fb:8b:e2:2b:ea:ab:df:1b:54:0e:a2:09:
                    8f:f6:c1:14:4e:d1:f6:57:d6:2d:f1:f6:42:0d:1a:
                    b6:a2:0e:9f:48:61:9f:e6:5f:6f:f5:61:d7:12:e7:
                    fc:b7:7c:4d:c6:d7:b2:02:d0:c4:c2:0b:34:a1:17:
                    33:6a:0e:89:96:c3:f2:36:07:37:78:9d:af:0c:aa:
                    c5:45:ed:b4:24:db:13:15:56:37:f0:ed:fb:f8:2d:
                    95:65:5e:d8:2b:5d:3f:4c:22:d0:4d:1b:e5:12:87:
                    45:cb:e6:ce:71:1b:63:cf:bb:66:08:23:14:6c:12:
                    88:28:d3:32:58:19:ad:d3:27:59:85:63:e1:aa:66:
                    16:ff:df:1f:b5:a8:13:cd:f7:5d:e6:70:5f:eb:db:
                    b9:59:e8:c8:06:c8:cc:45:3c:06:9a:4a:16:f3:73:
                    1b:3f:4e:65:ba:8b:66:1a:15:2b:66:ee:45:a1:d2:
                    a8:4c:79:20:f3:47:56:cf:cb:12:27:50:85:99:55:
                    cd:df:6b:ad:30:21:9a:de:e9:3f:5f:4b:7d:ab:3a:
                    a6:77:d1:41:32:26:f6:e7:82:61:54:72:d9:ea:55:
                    67:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:F7:99:52:F1:A0:B8:EA:5D:3A:79:14:1E:91:B8:2F:51:B8:AA:1F
            X509v3 Authority Key Identifier:
                keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/YfeZUvGguOpdOnkUHpG4L1G4qh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.22.128.0/20
                  78.153.192.0/19
                  81.17.240.0/20
                  91.197.234.0/23
                  176.52.222.0/23
                  185.2.64.0/22
                  185.209.164.0/22
                  200.69.8.0/21
                IPv6:
                  2a01:a8::/32

    Signature Algorithm: sha256WithRSAEncryption
         99:d2:4d:31:fc:a7:e7:dd:ab:c1:25:e9:42:ac:0d:67:b5:bc:
         76:30:2c:8a:af:66:19:db:82:60:2f:8b:60:76:49:9c:33:5e:
         5a:be:08:0c:6e:39:b3:ae:45:bf:1a:40:3a:0f:1f:1a:fb:a3:
         43:61:77:9f:4e:70:d3:e4:17:7d:51:18:60:c2:73:a2:93:6c:
         6b:f6:6d:ad:3f:51:46:65:1e:26:e4:ee:74:b7:c7:11:16:c1:
         bc:c5:b7:fd:be:7a:9e:fd:2b:17:62:5f:c2:05:40:f4:4f:eb:
         58:f1:0c:fd:ca:d1:d3:1e:0f:28:06:cc:64:63:6e:a9:94:f0:
         ae:b8:7c:19:c9:63:85:71:15:cb:af:7c:4b:21:14:84:b1:7f:
         e3:5f:52:5c:90:b1:c8:84:9a:d8:16:b6:14:09:3d:f3:75:81:
         83:d9:6d:77:ab:3e:01:4a:4b:75:89:7a:3a:8f:47:00:b2:a8:
         39:67:ad:6a:93:1d:2c:4f:2a:69:a7:47:a9:a7:c7:8f:40:4d:
         58:b0:32:18:79:c7:1c:6d:50:5f:b3:0d:c6:33:1b:5d:c9:ed:
         37:92:36:89:3f:11:c0:19:d6:47:fa:75:64:48:16:75:47:82:
         ee:bb:e5:79:ec:07:6f:4c:9f:03:be:f7:88:8e:48:93:bb:db:
         cc:81:5c:59
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY1GqpB7T8qlPQ9j7KnBoqAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTI2MTY0NjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY3OTk1MmYxYTBiOGVhNWQzYTc5MTQxZTkxYjgyZjUxYjhhYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg5b2eHc5unDILYtB0unVOz79FNY
LOKKW8CBm8AW5In7i+Ir6qvfG1QOogmP9sEUTtH2V9Yt8fZCDRq2og6fSGGf5l9v
9WHXEuf8t3xNxteyAtDEwgs0oRczag6JlsPyNgc3eJ2vDKrFRe20JNsTFVY38O37
+C2VZV7YK10/TCLQTRvlEodFy+bOcRtjz7tmCCMUbBKIKNMyWBmt0ydZhWPhqmYW
/98ftagTzfdd5nBf69u5WejIBsjMRTwGmkoW83MbP05luotmGhUrZu5FodKoTHkg
80dWz8sSJ1CFmVXN32utMCGa3uk/X0t9qzqmd9FBMib254JhVHLZ6lVnhwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGH3mVLxoLjqXTp5FB6RuC9RuKofMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvWWZlWlV2R2d1T3BkT25rVUhwRzRMMUc0cWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQELhaAAwQF
TpnAAwQEURHwAwQBW8XqAwQBsDTeAwQCuQJAAwQCudGkAwQDyEUIMA0EAgACMAcD
BQAqAQCoMA0GCSqGSIb3DQEBCwUAA4IBAQCZ0k0x/Kfn3avBJelCrA1ntbx2MCyK
r2YZ24JgL4tgdkmcM15avggMbjmzrkW/GkA6Dx8a+6NDYXefTnDT5Bd9URhgwnOi
k2xr9m2tP1FGZR4m5O50t8cRFsG8xbf9vnqe/SsXYl/CBUD0T+tY8Qz9ytHTHg8o
BsxkY26plPCuuHwZyWOFcRXLr3xLIRSEsX/jX1JckLHIhJrYFrYUCT3zdYGD2W13
qz4BSkt1iXo6j0cAsqg5Z61qkx0sTyppp0epp8ePQE1YsDIYecccbVBfsw3GMxtd
ye03kjaJPxHAGdZH+nVkSBZ1R4Luu+V57AdvTJ8DvveIjkiTu9vMgVxZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org