Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/y-59T_iZ1QoGxeSW5957gxV8x-U.roa
File:                     y-59T_iZ1QoGxeSW5957gxV8x-U.roa (raw, json)
Hash identifier:          aKEuf6/00i+TGO6l2M++6clbqGDEfePRFwoiOjv5x6s=
Subject key identifier:   CB:EE:7D:4F:F8:99:D5:0A:06:C5:E4:96:E7:DE:7B:83:15:7C:C7:E5
Certificate issuer:       /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial:       018D1DFB18FF81D18A49EC5A0F26B788A2CA
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/y-59T_iZ1QoGxeSW5957gxV8x-U.roa
Signing time:             Thu 18 Jan 2024 19:10:11 +0000
ROA not before:           Thu 18 Jan 2024 19:10:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215733
IP address blocks:        185.97.236.0/22 maxlen: 22
                          185.152.72.0/22 maxlen: 22
                          2a01:ac::/32 maxlen: 32
                          2a01:ad::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 13:35:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:1d:fb:18:ff:81:d1:8a:49:ec:5a:0f:26:b7:88:a2:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
        Validity
            Not Before: Jan 18 19:10:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cbee7d4ff899d50a06c5e496e7de7b83157cc7e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:14:e7:bd:62:c0:14:33:1a:d2:72:35:41:a6:
                    ca:93:eb:6b:2b:30:66:19:a5:3c:51:ac:a4:38:f3:
                    d8:a4:83:2d:0d:8d:1e:d9:c2:10:c1:de:ba:3f:cd:
                    8c:2f:b7:85:e0:71:a9:eb:85:3b:b4:d8:ff:b6:24:
                    2f:fd:ad:2b:c6:98:b4:bf:11:bb:b7:7b:69:c5:a9:
                    57:e3:d6:6e:92:b6:b9:40:ea:5c:2a:47:dd:70:b7:
                    b2:cf:9e:78:74:ed:ba:8b:d2:ea:32:08:ce:98:5c:
                    f5:ce:d7:fa:18:97:64:c6:68:78:af:67:a4:c4:17:
                    ef:df:a7:bb:ab:0a:b3:ee:2f:8c:3d:5c:e5:79:3f:
                    3a:dc:17:ae:5d:a8:52:04:cd:ed:4a:66:1c:f1:97:
                    3b:2f:e7:c8:6d:5a:e8:0e:92:a9:4e:48:00:8d:ef:
                    dc:91:1c:f2:5f:ef:c3:d2:4b:56:cb:37:c2:89:fa:
                    72:8b:f7:80:49:96:7d:9c:d0:96:3f:07:67:e4:47:
                    e4:61:5f:ac:f4:35:a8:15:a6:bb:be:6d:dc:9c:76:
                    7f:d0:c3:2d:60:2d:cb:f5:0a:fc:3b:7b:c5:8a:62:
                    80:2b:c6:c4:81:56:f7:7e:6f:ed:a5:11:04:d5:f5:
                    7e:c8:46:60:0e:2c:31:28:1a:60:3e:8e:0f:fb:98:
                    2f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:EE:7D:4F:F8:99:D5:0A:06:C5:E4:96:E7:DE:7B:83:15:7C:C7:E5
            X509v3 Authority Key Identifier:
                keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/y-59T_iZ1QoGxeSW5957gxV8x-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.97.236.0/22
                  185.152.72.0/22
                IPv6:
                  2a01:ac::/31

    Signature Algorithm: sha256WithRSAEncryption
         51:40:43:5d:14:46:13:5c:28:f7:ee:90:b3:e4:d4:ce:1a:8e:
         ea:c9:d4:c1:5f:6f:5e:92:a6:e5:88:05:c9:82:13:04:e7:d0:
         47:7b:8a:dd:5b:0c:3e:e4:8a:11:be:7e:f8:b3:08:2f:f6:dd:
         15:3f:44:4e:ea:8c:60:dd:df:54:44:98:2f:3a:4e:65:19:3f:
         80:e0:bd:c8:3d:0f:4b:c4:41:d9:d9:c6:12:a6:0f:8f:32:6e:
         8e:ad:16:d2:f0:43:7f:be:5f:ad:b9:7a:06:0a:78:b9:44:c8:
         bd:62:99:b1:0c:f3:58:9e:ee:6d:17:ce:79:1c:21:6b:52:ae:
         85:c6:25:a9:68:2a:b7:9a:b3:79:1e:38:72:22:91:ef:e2:80:
         d1:52:f6:40:76:89:1d:6e:00:4c:d6:4c:e3:91:a3:94:88:32:
         51:31:77:f1:cd:b5:3e:6d:09:d5:0f:de:09:ec:f8:70:74:98:
         15:ca:da:90:4f:b9:5b:c1:4c:ef:1a:8a:37:58:67:ce:30:63:
         5f:c6:cf:20:90:59:b9:d5:ff:ea:1a:1e:62:5d:be:bf:ab:05:
         99:a9:ae:e9:c6:cc:a9:92:86:10:7b:fe:75:43:9e:6d:b8:c2:
         a6:00:b9:e9:b2:b4:d1:5b:5b:70:12:42:54:dd:45:49:42:6b:
         e8:0b:55:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0d+xj/gdGKSexaDya3iKLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTE4MTkxMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmVlN2Q0ZmY4OTlkNTBhMDZjNWU0OTZlN2RlN2I4MzE1N2NjN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxTnvWLAFDMa0nI1QabKk+trKzBm
GaU8UaykOPPYpIMtDY0e2cIQwd66P82ML7eF4HGp64U7tNj/tiQv/a0rxpi0vxG7
t3tpxalX49Zukra5QOpcKkfdcLeyz554dO26i9LqMgjOmFz1ztf6GJdkxmh4r2ek
xBfv36e7qwqz7i+MPVzleT863BeuXahSBM3tSmYc8Zc7L+fIbVroDpKpTkgAje/c
kRzyX+/D0ktWyzfCifpyi/eASZZ9nNCWPwdn5EfkYV+s9DWoFaa7vm3cnHZ/0MMt
YC3L9Qr8O3vFimKAK8bEgVb3fm/tpREE1fV+yEZgDiwxKBpgPo4P+5gvBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMvufU/4mdUKBsXklufee4MVfMflMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEveS01OVRfaVoxUW9HeGVTVzU5NTdneFY4eC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWHsAwQC
uZhIMA0EAgACMAcDBQEqAQCsMA0GCSqGSIb3DQEBCwUAA4IBAQBRQENdFEYTXCj3
7pCz5NTOGo7qydTBX29ekqbliAXJghME59BHe4rdWww+5IoRvn74swgv9t0VP0RO
6oxg3d9URJgvOk5lGT+A4L3IPQ9LxEHZ2cYSpg+PMm6OrRbS8EN/vl+tuXoGCni5
RMi9YpmxDPNYnu5tF855HCFrUq6FxiWpaCq3mrN5HjhyIpHv4oDRUvZAdokdbgBM
1kzjkaOUiDJRMXfxzbU+bQnVD94J7PhwdJgVytqQT7lbwUzvGoo3WGfOMGNfxs8g
kFm51f/qGh5iXb6/qwWZqa7pxsypkoYQe/51Q55tuMKmALnpsrTRW1twEkJU3UVJ
QmvoC1VC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org