Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/yrTziyZ_oCzX7jdAEuce-KDuIKs.roa
File:                     yrTziyZ_oCzX7jdAEuce-KDuIKs.roa (raw, json)
Hash identifier:          Yw1HDdd/vMcwTo2IdqgEMhVMFfD9S8l+alW0XeR147Q=
Subject key identifier:   CA:B4:F3:8B:26:7F:A0:2C:D7:EE:37:40:12:E7:1E:F8:A0:EE:20:AB
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018BDCFC42C5F081850ACCEF0CED2870DECD
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/yrTziyZ_oCzX7jdAEuce-KDuIKs.roa
Signing time:             Fri 17 Nov 2023 11:13:21 +0000
ROA not before:           Fri 17 Nov 2023 11:13:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57523
IP address blocks:        87.247.158.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:dc:fc:42:c5:f0:81:85:0a:cc:ef:0c:ed:28:70:de:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Nov 17 11:13:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cab4f38b267fa02cd7ee374012e71ef8a0ee20ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:35:12:92:60:11:25:e3:ef:1a:24:6c:7e:0e:
                    3a:60:08:92:81:af:53:a7:b0:82:5f:b4:01:00:e0:
                    ee:6e:7f:02:09:60:f8:d4:b7:50:e8:63:4f:69:38:
                    a6:3b:ec:c5:e9:32:b3:e2:48:81:36:5d:ad:26:ad:
                    44:4b:06:16:21:1c:12:c5:9d:27:ba:87:bc:46:78:
                    0a:b9:71:78:95:fc:18:05:9e:38:8e:26:30:57:d3:
                    1e:4b:89:23:ce:8d:94:13:8e:03:d9:9f:5f:99:62:
                    cf:46:c7:de:5e:bc:d7:2f:74:c5:a7:86:39:e5:85:
                    69:d9:23:f5:1a:0e:4f:ca:f8:be:14:70:14:4d:8f:
                    b0:8a:cc:23:1b:64:d5:a6:90:b0:ab:d0:36:d1:62:
                    ed:fe:0b:f5:ba:05:d9:b6:7b:c0:0c:8d:de:ee:ec:
                    71:97:f5:74:4a:d6:69:2b:b4:43:8a:9e:b4:6e:21:
                    47:8f:79:53:5a:1f:00:bc:d3:7b:19:f7:54:d8:a6:
                    67:6e:b1:16:72:7f:a4:fd:a3:4f:0f:26:e3:3b:97:
                    aa:b0:40:f8:65:fb:5a:15:02:0f:96:7b:de:8b:e7:
                    4e:24:db:63:ba:6a:fa:d9:65:e5:e4:68:4e:cb:3a:
                    02:69:69:9a:3a:c1:19:a9:c6:55:f8:bd:81:94:64:
                    7b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:B4:F3:8B:26:7F:A0:2C:D7:EE:37:40:12:E7:1E:F8:A0:EE:20:AB
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/yrTziyZ_oCzX7jdAEuce-KDuIKs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.247.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:92:4f:a9:be:e3:42:f1:fd:17:c9:d0:6e:40:4e:a6:36:a6:
         ff:21:b8:d3:64:76:07:8a:7f:bc:ee:33:c0:6d:74:10:6e:3c:
         c1:0c:ca:9b:4b:ea:63:da:b3:06:ee:22:c3:8e:39:a5:7e:84:
         b4:0f:3b:db:7c:5b:e1:17:16:d0:7b:77:2f:87:8e:34:bc:52:
         a8:6a:c2:28:70:fa:4a:6d:72:c4:a6:da:3b:b3:1e:b4:56:da:
         82:f5:f8:6e:f7:7a:3d:8b:4e:5b:7c:98:88:29:dd:82:a4:aa:
         4e:ae:9e:8f:ab:f3:1c:a0:7b:17:6c:68:e8:e1:68:81:85:78:
         65:e1:43:56:e4:a7:a0:89:c1:f1:bd:41:7b:9d:78:9d:e7:e6:
         43:5e:9f:f4:7a:48:0b:2f:05:e3:c4:7a:c5:47:8d:87:6e:c2:
         0a:f7:d1:fb:39:d8:b6:cf:2a:b6:24:b8:ee:0d:c3:bb:47:20:
         be:72:24:46:6b:d4:c6:29:fe:61:c9:03:33:c9:1e:44:76:9b:
         4b:e7:f3:89:e3:73:69:ee:92:a8:04:43:ca:d8:06:14:41:28:
         4b:2b:c4:33:17:53:82:67:00:3a:2c:6b:e3:d6:62:9f:b4:7d:
         a1:70:2d:18:c8:1a:eb:7e:a1:75:e2:8e:99:02:84:fa:2a:39:
         13:6c:22:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvc/ELF8IGFCszvDO0ocN7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMxMTE3MTExMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI0ZjM4YjI2N2ZhMDJjZDdlZTM3NDAxMmU3MWVmOGEwZWUyMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTUSkmARJePvGiRsfg46YAiSga9T
p7CCX7QBAODubn8CCWD41LdQ6GNPaTimO+zF6TKz4kiBNl2tJq1ESwYWIRwSxZ0n
uoe8RngKuXF4lfwYBZ44jiYwV9MeS4kjzo2UE44D2Z9fmWLPRsfeXrzXL3TFp4Y5
5YVp2SP1Gg5Pyvi+FHAUTY+wiswjG2TVppCwq9A20WLt/gv1ugXZtnvADI3e7uxx
l/V0StZpK7RDip60biFHj3lTWh8AvNN7GfdU2KZnbrEWcn+k/aNPDybjO5eqsED4
ZftaFQIPlnvei+dOJNtjumr62WXl5GhOyzoCaWmaOsEZqcZV+L2BlGR7swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMq084smf6As1+43QBLnHvig7iCrMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEveXJUeml5Wl9vQ3pYN2pkQUV1Y2UtS0R1SUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV/eeMA0G
CSqGSIb3DQEBCwUAA4IBAQAYkk+pvuNC8f0XydBuQE6mNqb/IbjTZHYHin+87jPA
bXQQbjzBDMqbS+pj2rMG7iLDjjmlfoS0DzvbfFvhFxbQe3cvh440vFKoasIocPpK
bXLEpto7sx60VtqC9fhu93o9i05bfJiIKd2CpKpOrp6Pq/McoHsXbGjo4WiBhXhl
4UNW5KegicHxvUF7nXid5+ZDXp/0ekgLLwXjxHrFR42HbsIK99H7Odi2zyq2JLju
DcO7RyC+ciRGa9TGKf5hyQMzyR5EdptL5/OJ43Np7pKoBEPK2AYUQShLK8QzF1OC
ZwA6LGvj1mKftH2hcC0YyBrrfqF14o6ZAoT6KjkTbCIm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org