Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/yY4X33BoBg26Gt2IVyL87vuF2gM.roa
File:                     yY4X33BoBg26Gt2IVyL87vuF2gM.roa (raw, json)
Hash identifier:          aypbjWrqZrDHTz/Mc9Px3vSDX6q96W/vMZ4CbNOGCGE=
Subject key identifier:   C9:8E:17:DF:70:68:06:0D:BA:1A:DD:88:57:22:FC:EE:FB:85:DA:03
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01892268A46C96665661950D45974A777EC3
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/yY4X33BoBg26Gt2IVyL87vuF2gM.roa
Signing time:             Tue 04 Jul 2023 19:37:10 +0000
ROA not before:           Tue 04 Jul 2023 19:37:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396362
IP address blocks:        46.8.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:22:68:a4:6c:96:66:56:61:95:0d:45:97:4a:77:7e:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jul  4 19:37:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c98e17df7068060dba1add885722fceefb85da03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9a:02:44:0d:3c:56:b4:4c:8c:f1:4e:78:61:
                    0b:e1:78:37:fe:e9:3a:0a:52:33:d0:7c:37:79:9b:
                    25:37:64:26:e9:8e:c3:46:f8:4f:ab:7a:73:3d:58:
                    55:e3:65:1f:04:ca:7c:f2:31:d5:be:f2:ad:36:9b:
                    d9:fa:92:d3:76:dc:af:03:3a:4a:16:32:b4:b0:e4:
                    51:fd:be:f2:3a:08:fd:17:45:a8:d2:6e:49:91:0f:
                    0f:20:df:b2:f2:93:d9:c1:8c:90:eb:97:95:55:ff:
                    f6:a4:55:23:4f:ff:af:42:41:10:f6:58:0b:85:47:
                    60:e2:bc:41:6a:ee:ea:5c:d8:74:79:0c:fa:6d:31:
                    c0:36:a4:bd:10:81:50:22:00:04:8c:9b:da:04:ab:
                    6d:94:e8:ad:ce:4e:ab:ed:6a:cd:99:33:67:fb:32:
                    e2:2a:24:d8:17:ce:4e:65:57:ba:4c:ae:6c:1a:09:
                    12:89:55:08:96:e7:87:26:17:d1:4b:be:d5:35:ea:
                    1a:f0:9f:c7:b7:26:b9:17:1f:1c:b3:41:b4:70:4d:
                    31:6f:6b:cc:14:e9:0a:96:3e:01:f6:4d:63:14:e2:
                    cf:3f:74:b6:20:de:bc:bf:4c:11:e6:44:06:87:c9:
                    30:13:c3:6e:62:cb:f3:70:1e:dc:00:46:fd:a4:4e:
                    0c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:8E:17:DF:70:68:06:0D:BA:1A:DD:88:57:22:FC:EE:FB:85:DA:03
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/yY4X33BoBg26Gt2IVyL87vuF2gM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.8.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:d0:11:f3:45:41:cd:2e:45:f5:da:51:0f:36:72:98:4a:cb:
         ee:b6:72:f7:09:f0:97:e0:d3:67:ee:2a:a3:9d:94:f8:02:e4:
         98:50:95:3b:81:81:75:51:46:e0:7c:14:67:9f:fc:80:12:55:
         95:f4:66:bd:b1:83:91:7f:34:68:73:5d:e7:c9:a9:e6:3e:09:
         b7:47:44:52:32:b4:41:1e:5b:75:22:42:d4:9f:2a:c6:54:4b:
         2f:76:eb:6b:11:c2:e1:c7:ca:0c:63:e7:31:e4:b9:84:54:5d:
         fc:33:2f:33:bf:09:a7:ee:b4:eb:db:f2:8f:b6:83:a2:60:50:
         07:65:fb:4f:c7:c2:c8:88:d4:1a:27:f1:fb:a9:f3:e9:cd:3d:
         5c:61:77:f5:f7:20:e9:dc:f5:e5:2b:c5:86:ea:db:ad:52:34:
         72:53:a8:75:c0:3a:5a:d3:c4:22:f0:d1:ca:43:2e:af:3b:10:
         4b:01:5f:2f:2e:44:01:21:d9:6f:1a:14:c8:67:f5:72:c5:78:
         1c:f0:f8:94:a5:63:fa:46:6e:74:26:ce:b8:7b:f8:d1:66:5a:
         0b:22:18:ff:34:e0:cd:04:23:af:19:2f:22:53:89:77:74:2c:
         90:35:50:06:43:07:6c:07:55:4f:f9:1e:d8:bd:0f:30:03:86:
         09:73:28:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkiaKRslmZWYZUNRZdKd37DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNzA0MTkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThlMTdkZjcwNjgwNjBkYmExYWRkODg1NzIyZmNlZWZiODVkYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZoCRA08VrRMjPFOeGEL4Xg3/uk6
ClIz0Hw3eZslN2Qm6Y7DRvhPq3pzPVhV42UfBMp88jHVvvKtNpvZ+pLTdtyvAzpK
FjK0sORR/b7yOgj9F0Wo0m5JkQ8PIN+y8pPZwYyQ65eVVf/2pFUjT/+vQkEQ9lgL
hUdg4rxBau7qXNh0eQz6bTHANqS9EIFQIgAEjJvaBKttlOitzk6r7WrNmTNn+zLi
KiTYF85OZVe6TK5sGgkSiVUIlueHJhfRS77VNeoa8J/Htya5Fx8cs0G0cE0xb2vM
FOkKlj4B9k1jFOLPP3S2IN68v0wR5kQGh8kwE8NuYsvzcB7cAEb9pE4M/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmOF99waAYNuhrdiFci/O77hdoDMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEveVk0WDMzQm9CZzI2R3QySVZ5TDg3dnVGMmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgi/MA0G
CSqGSIb3DQEBCwUAA4IBAQAw0BHzRUHNLkX12lEPNnKYSsvutnL3CfCX4NNn7iqj
nZT4AuSYUJU7gYF1UUbgfBRnn/yAElWV9Ga9sYORfzRoc13nyanmPgm3R0RSMrRB
Hlt1IkLUnyrGVEsvdutrEcLhx8oMY+cx5LmEVF38My8zvwmn7rTr2/KPtoOiYFAH
ZftPx8LIiNQaJ/H7qfPpzT1cYXf19yDp3PXlK8WG6tutUjRyU6h1wDpa08Qi8NHK
Qy6vOxBLAV8vLkQBIdlvGhTIZ/VyxXgc8PiUpWP6Rm50Js64e/jRZloLIhj/NODN
BCOvGS8iU4l3dCyQNVAGQwdsB1VP+R7YvQ8wA4YJcyjB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org