Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/9ea369-a28c-4c7e-9a15-c4292fac9be8/1/8YGO74_iJDpJ3TdCBY_J51XNdYY.roa
File:                     8YGO74_iJDpJ3TdCBY_J51XNdYY.roa (raw, json)
Hash identifier:          Up2Ww16dyR6H5+AtrTT5daE8IojY8av5LyAH+DLp9p4=
Subject key identifier:   F1:81:8E:EF:8F:E2:24:3A:49:DD:37:42:05:8F:C9:E7:55:CD:75:86
Certificate issuer:       /CN=447f9143ea55358fbd62fa5644547460172e1afd
Certificate serial:       0190FE840BB3612EC9C56A5F7AF4A3837CF2
Authority key identifier: 44:7F:91:43:EA:55:35:8F:BD:62:FA:56:44:54:74:60:17:2E:1A:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RH-RQ-pVNY-9YvpWRFR0YBcuGv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/9ea369-a28c-4c7e-9a15-c4292fac9be8/1/8YGO74_iJDpJ3TdCBY_J51XNdYY.roa
Signing time:             Mon 29 Jul 2024 12:43:04 +0000
ROA not before:           Mon 29 Jul 2024 12:43:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57419
IP address blocks:        185.207.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 15:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:fe:84:0b:b3:61:2e:c9:c5:6a:5f:7a:f4:a3:83:7c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447f9143ea55358fbd62fa5644547460172e1afd
        Validity
            Not Before: Jul 29 12:43:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f1818eef8fe2243a49dd3742058fc9e755cd7586
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:00:d9:9f:f6:f8:ed:94:d8:1a:f5:9f:db:a3:
                    b0:fa:67:84:fb:be:dd:15:7d:43:7c:8b:c4:32:d2:
                    86:e9:bb:1f:56:c8:a8:04:e9:c2:c3:21:5f:f4:30:
                    28:bf:ca:7a:68:e8:df:d2:a5:2c:af:86:a5:c9:9b:
                    d4:d5:8a:5c:88:53:1d:c7:32:91:95:e0:46:44:f1:
                    5d:e8:2d:9d:a2:12:27:83:f1:61:d6:a2:7a:c4:d1:
                    68:70:56:a2:bb:b8:e5:1b:67:5c:32:9e:ad:a3:98:
                    d8:6e:a5:c0:fd:b6:9a:a6:c1:84:ea:fb:c2:49:23:
                    ba:f4:50:95:31:0a:05:9b:ba:f6:26:44:c9:8a:68:
                    92:77:9a:a7:75:af:2f:84:73:63:76:23:91:90:86:
                    82:5e:75:9c:68:18:f7:23:e7:ca:51:12:6c:ec:89:
                    ac:f7:c6:68:d8:a6:d3:99:e4:d3:9b:80:46:31:fd:
                    64:25:89:50:41:62:ab:16:d3:b0:2a:72:7f:b1:b6:
                    d0:93:50:19:1f:97:27:3b:3c:2c:7e:82:1b:65:9f:
                    99:38:56:c4:07:04:1c:88:ad:8d:3f:be:62:8f:53:
                    bc:e4:ae:b5:b9:ca:47:24:e6:ef:f7:3b:ce:6d:e4:
                    58:b7:6c:d3:67:93:d9:a4:4c:92:1b:99:70:00:32:
                    02:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:81:8E:EF:8F:E2:24:3A:49:DD:37:42:05:8F:C9:E7:55:CD:75:86
            X509v3 Authority Key Identifier:
                keyid:44:7F:91:43:EA:55:35:8F:BD:62:FA:56:44:54:74:60:17:2E:1A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RH-RQ-pVNY-9YvpWRFR0YBcuGv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/9ea369-a28c-4c7e-9a15-c4292fac9be8/1/8YGO74_iJDpJ3TdCBY_J51XNdYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/9ea369-a28c-4c7e-9a15-c4292fac9be8/1/RH-RQ-pVNY-9YvpWRFR0YBcuGv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:a6:a7:f4:80:4a:0e:b1:f9:a6:a9:a0:81:f8:18:62:87:c6:
         ba:75:51:69:ac:70:ee:3d:21:d1:63:ed:76:f0:48:69:6f:d3:
         fd:b4:a4:df:c9:22:f9:3e:7f:80:de:77:7b:1b:02:ae:ea:bc:
         7e:69:c0:37:73:c9:56:7c:e8:69:56:e7:03:1a:88:76:9b:a8:
         85:16:7d:4e:74:a3:b9:5f:56:61:11:36:8f:3f:7f:dc:47:a8:
         b9:a8:7d:9e:e5:20:34:b1:02:c4:6c:41:9f:38:2b:dd:77:0e:
         ab:ec:4e:a2:13:6f:77:1f:1e:c5:b5:c5:55:ae:a2:12:38:9b:
         40:2d:5e:67:42:58:11:52:ea:c2:1a:e8:61:76:21:cd:95:70:
         99:72:95:75:1c:79:5b:a0:fb:07:6e:2a:bd:94:69:44:c9:6f:
         fd:c2:1e:2f:c9:7f:51:15:2a:37:6b:5b:ed:1d:0d:9d:14:3e:
         9b:26:2e:bf:e4:ff:da:d9:96:2f:82:2e:80:31:e5:f2:2a:30:
         fb:99:1d:55:c7:aa:1f:14:3c:48:13:b3:0b:d0:9f:99:07:52:
         09:f6:03:09:aa:e0:1c:e2:1c:b7:2a:41:26:4b:4d:82:f0:e3:
         3e:f9:29:b0:85:7a:6c:d0:4a:83:53:56:ea:b5:20:69:b3:cb:
         ee:ef:34:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZD+hAuzYS7JxWpfevSjg3zyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2Y5MTQzZWE1NTM1OGZiZDYyZmE1NjQ0NTQ3NDYwMTcy
ZTFhZmQwHhcNMjQwNzI5MTI0MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgxOGVlZjhmZTIyNDNhNDlkZDM3NDIwNThmYzllNzU1Y2Q3NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ADZn/b47ZTYGvWf26Ow+meE+77d
FX1DfIvEMtKG6bsfVsioBOnCwyFf9DAov8p6aOjf0qUsr4alyZvU1YpciFMdxzKR
leBGRPFd6C2dohIng/Fh1qJ6xNFocFaiu7jlG2dcMp6to5jYbqXA/baapsGE6vvC
SSO69FCVMQoFm7r2JkTJimiSd5qnda8vhHNjdiORkIaCXnWcaBj3I+fKURJs7Ims
98Zo2KbTmeTTm4BGMf1kJYlQQWKrFtOwKnJ/sbbQk1AZH5cnOzwsfoIbZZ+ZOFbE
BwQciK2NP75ij1O85K61ucpHJObv9zvObeRYt2zTZ5PZpEySG5lwADIC4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGBju+P4iQ6Sd03QgWPyedVzXWGMB8GA1UdIwQY
MBaAFER/kUPqVTWPvWL6VkRUdGAXLhr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkgtUlEtcFZOWS05WXZwV1JGUjBZQmN1R3YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS85ZWEzNjktYTI4Yy00YzdlLTlhMTUt
YzQyOTJmYWM5YmU4LzEvOFlHTzc0X2lKRHBKM1RkQ0JZX0o1MVhOZFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS85ZWEzNjktYTI4Yy00YzdlLTlhMTUtYzQyOTJmYWM5YmU4
LzEvUkgtUlEtcFZOWS05WXZwV1JGUjBZQmN1R3YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc8DMA0G
CSqGSIb3DQEBCwUAA4IBAQA0pqf0gEoOsfmmqaCB+Bhih8a6dVFprHDuPSHRY+12
8Ehpb9P9tKTfySL5Pn+A3nd7GwKu6rx+acA3c8lWfOhpVucDGoh2m6iFFn1OdKO5
X1ZhETaPP3/cR6i5qH2e5SA0sQLEbEGfOCvddw6r7E6iE293Hx7FtcVVrqISOJtA
LV5nQlgRUurCGuhhdiHNlXCZcpV1HHlboPsHbiq9lGlEyW/9wh4vyX9RFSo3a1vt
HQ2dFD6bJi6/5P/a2ZYvgi6AMeXyKjD7mR1Vx6ofFDxIE7ML0J+ZB1IJ9gMJquAc
4hy3KkEmS02C8OM++SmwhXps0EqDU1bqtSBps8vu7zTJ
-----END CERTIFICATE-----
Generated at Thu Sep 12 18:15:30 2024 by rpki-client on console-fra.rpki-client.org