Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9a297d-cee5-4c93-b258-cb4babe9dc8f/1/Yjm7TWKN00OQIHbkBirgGozadiA.roa
File:                     Yjm7TWKN00OQIHbkBirgGozadiA.roa (raw, json)
Hash identifier:          DEHP2qGzBhgH/KfIrNayeKj5zkGGkcuXbtPSuNHuvXE=
Subject key identifier:   62:39:BB:4D:62:8D:D3:43:90:20:76:E4:06:2A:E0:1A:8C:DA:76:20
Certificate issuer:       /CN=e168e36ba577ed47e6928729691991e4e7f235da
Certificate serial:       01856CEF47312972A69C4152355332CD4E6A
Authority key identifier: E1:68:E3:6B:A5:77:ED:47:E6:92:87:29:69:19:91:E4:E7:F2:35:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4Wjja6V37UfmkocpaRmR5OfyNdo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9a297d-cee5-4c93-b258-cb4babe9dc8f/1/Yjm7TWKN00OQIHbkBirgGozadiA.roa
Signing time:             Sun 01 Jan 2023 10:44:58 +0000
ROA not before:           Sun 01 Jan 2023 10:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205655
IP address blocks:        185.211.11.0/24 maxlen: 24
                          2a0b:60c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ef:47:31:29:72:a6:9c:41:52:35:53:32:cd:4e:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e168e36ba577ed47e6928729691991e4e7f235da
        Validity
            Not Before: Jan  1 10:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6239bb4d628dd343902076e4062ae01a8cda7620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:88:2d:ab:42:37:c1:41:11:2f:18:c9:8e:f6:
                    7e:6e:8d:3f:bb:67:c2:ea:c8:5b:cb:60:d0:94:63:
                    4a:bb:58:6d:0a:c8:ae:31:2a:6e:63:83:07:23:7e:
                    2c:c7:9e:bb:05:de:02:a4:22:cb:a9:ed:a1:2b:84:
                    11:a2:68:65:97:95:f6:30:ea:00:89:a0:77:b8:f3:
                    cb:99:19:13:98:5c:c6:fb:e3:47:1b:f9:56:63:01:
                    b5:c4:42:4a:da:74:82:e5:1c:b4:d3:71:c3:eb:0d:
                    0e:06:c1:2c:60:87:5b:f3:45:31:8c:f1:27:51:97:
                    3b:97:ec:21:a8:c8:c3:73:44:29:39:69:5c:36:71:
                    66:11:4b:c5:12:a3:3e:8f:a7:6c:d6:49:28:b4:09:
                    59:e4:bb:c0:75:95:3c:1e:dc:76:21:ca:99:c1:35:
                    12:36:51:e9:39:87:e9:cd:60:dc:05:4d:62:0e:df:
                    b0:10:c7:70:e9:5a:03:a3:61:3b:2f:35:b1:6b:5a:
                    08:5f:8c:8d:24:57:6f:54:ea:be:17:2c:19:b8:57:
                    8b:09:d3:8b:57:4c:2f:b6:5a:26:d3:d4:ef:80:ea:
                    15:26:d3:ca:2d:5c:0e:21:57:ec:5b:22:2d:a6:74:
                    8b:91:5b:c9:70:cf:eb:2f:51:bb:43:16:c9:bb:58:
                    2b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:39:BB:4D:62:8D:D3:43:90:20:76:E4:06:2A:E0:1A:8C:DA:76:20
            X509v3 Authority Key Identifier:
                keyid:E1:68:E3:6B:A5:77:ED:47:E6:92:87:29:69:19:91:E4:E7:F2:35:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Wjja6V37UfmkocpaRmR5OfyNdo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9a297d-cee5-4c93-b258-cb4babe9dc8f/1/Yjm7TWKN00OQIHbkBirgGozadiA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9a297d-cee5-4c93-b258-cb4babe9dc8f/1/4Wjja6V37UfmkocpaRmR5OfyNdo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.211.11.0/24
                IPv6:
                  2a0b:60c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         d6:11:aa:fc:28:b7:aa:cd:ad:bf:06:b4:39:8c:e3:a2:ca:a0:
         98:da:6e:4a:40:e3:b8:0c:fd:e2:19:e8:c6:64:81:43:66:57:
         e8:c8:2a:cb:83:86:d0:3c:82:31:71:77:ef:d6:6a:97:f6:8d:
         71:de:76:4c:a5:0f:fe:a7:09:c5:ea:90:bb:82:dd:0c:1a:03:
         4d:23:67:6e:9a:9e:09:28:cd:22:c5:2a:cf:ac:46:c3:5a:5d:
         b8:65:6d:ca:28:74:99:00:fd:a6:c6:78:97:d1:91:80:c0:32:
         a9:b7:6f:bc:9e:9c:e5:cf:15:3f:62:e8:37:f8:c4:1c:1e:51:
         ed:d2:88:a5:b9:54:6c:99:1d:4f:bf:64:5c:db:a0:8b:f1:fd:
         7e:fe:ba:94:38:f7:7f:88:2e:88:a8:8d:a3:75:50:a3:6d:1a:
         60:54:3b:56:06:72:c2:37:40:0a:d2:d0:f0:6f:4d:1b:49:0c:
         a9:0e:bc:5b:48:c6:47:fc:be:86:59:4d:2f:01:82:68:30:98:
         21:64:53:28:51:51:89:ed:23:7a:5e:18:52:f8:e3:d1:9e:0d:
         98:b0:4a:9d:6b:0d:0d:24:28:d0:4b:f4:64:17:aa:ef:7a:06:
         70:75:e8:73:68:a8:ff:ae:ce:66:2c:63:c4:7f:28:7f:74:26:
         62:fe:61:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs70cxKXKmnEFSNVMyzU5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNjhlMzZiYTU3N2VkNDdlNjkyODcyOTY5MTk5MWU0ZTdm
MjM1ZGEwHhcNMjMwMTAxMTA0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjM5YmI0ZDYyOGRkMzQzOTAyMDc2ZTQwNjJhZTAxYThjZGE3NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhogtq0I3wUERLxjJjvZ+bo0/u2fC
6shby2DQlGNKu1htCsiuMSpuY4MHI34sx567Bd4CpCLLqe2hK4QRomhll5X2MOoA
iaB3uPPLmRkTmFzG++NHG/lWYwG1xEJK2nSC5Ry003HD6w0OBsEsYIdb80UxjPEn
UZc7l+whqMjDc0QpOWlcNnFmEUvFEqM+j6ds1kkotAlZ5LvAdZU8Htx2IcqZwTUS
NlHpOYfpzWDcBU1iDt+wEMdw6VoDo2E7LzWxa1oIX4yNJFdvVOq+FywZuFeLCdOL
V0wvtlom09TvgOoVJtPKLVwOIVfsWyItpnSLkVvJcM/rL1G7QxbJu1grwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGI5u01ijdNDkCB25AYq4BqM2nYgMB8GA1UdIwQY
MBaAFOFo42uld+1H5pKHKWkZkeTn8jXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFdqamE2VjM3VWZta29jcGFSbVI1T2Z5TmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85YTI5N2QtY2VlNS00YzkzLWIyNTgt
Y2I0YmFiZTlkYzhmLzEvWWptN1RXS04wME9RSUhia0JpcmdHb3phZGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85YTI5N2QtY2VlNS00YzkzLWIyNTgtY2I0YmFiZTlkYzhm
LzEvNFdqamE2VjM3VWZta29jcGFSbVI1T2Z5TmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudMLMA0E
AgACMAcDBQMqC2DAMA0GCSqGSIb3DQEBCwUAA4IBAQDWEar8KLeqza2/BrQ5jOOi
yqCY2m5KQOO4DP3iGejGZIFDZlfoyCrLg4bQPIIxcXfv1mqX9o1x3nZMpQ/+pwnF
6pC7gt0MGgNNI2dump4JKM0ixSrPrEbDWl24ZW3KKHSZAP2mxniX0ZGAwDKpt2+8
npzlzxU/Yug3+MQcHlHt0oiluVRsmR1Pv2Rc26CL8f1+/rqUOPd/iC6IqI2jdVCj
bRpgVDtWBnLCN0AK0tDwb00bSQypDrxbSMZH/L6GWU0vAYJoMJghZFMoUVGJ7SN6
XhhS+OPRng2YsEqdaw0NJCjQS/RkF6rvegZwdehzaKj/rs5mLGPEfyh/dCZi/mFv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:20 2024 by rpki-client on console-fra.rpki-client.org