Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YOk4xteHf3Y83H_Pa9X3U-cij-g.roa
File:                     YOk4xteHf3Y83H_Pa9X3U-cij-g.roa (raw, json)
Hash identifier:          yVKfBOA73C8X1sStJ+eXCIjNPSl5qK5C+31d9TPB5nw=
Subject key identifier:   60:E9:38:C6:D7:87:7F:76:3C:DC:7F:CF:6B:D5:F7:53:E7:22:8F:E8
Certificate issuer:       /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial:       0187C21276A481771D956983444DD31A55C8
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YOk4xteHf3Y83H_Pa9X3U-cij-g.roa
Signing time:             Thu 27 Apr 2023 09:36:42 +0000
ROA not before:           Thu 27 Apr 2023 09:36:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        194.35.38.0/23 maxlen: 23
                          95.100.147.0/24 maxlen: 24
                          93.191.173.0/24 maxlen: 24
                          2a02:2370:fe::/47 maxlen: 48
                          2a0b:35c0::/29 maxlen: 31

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c2:12:76:a4:81:77:1d:95:69:83:44:4d:d3:1a:55:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
        Validity
            Not Before: Apr 27 09:36:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60e938c6d7877f763cdc7fcf6bd5f753e7228fe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:69:56:6a:a0:2e:37:17:95:92:bc:c4:f1:bd:
                    d2:22:3e:a8:8a:45:ab:57:93:27:3f:de:b9:82:2c:
                    d2:c6:bc:09:27:66:e0:7c:13:1d:ce:a4:f7:a4:94:
                    70:4a:0a:e0:f0:28:20:ae:dc:8a:a1:36:5d:be:de:
                    90:f4:9b:9d:77:73:ca:a4:bc:5c:8d:2f:1d:b2:dd:
                    de:1d:0d:37:d1:9a:b9:75:be:9c:14:c3:d5:c0:c9:
                    27:69:e5:fd:9d:83:8a:f3:3c:87:28:a9:e6:8f:91:
                    70:f5:93:10:e9:92:10:1b:c5:4c:a6:dd:80:41:a9:
                    34:e6:50:32:17:b7:a6:6c:88:3b:53:1f:ab:3d:f9:
                    d2:1a:75:c1:73:54:83:9d:ee:30:2d:0f:ec:d5:7e:
                    12:16:e9:93:99:9a:e9:33:d1:4e:2a:27:32:08:c3:
                    50:4e:b6:41:98:e2:38:1d:6d:8a:80:5d:dd:35:d8:
                    04:db:16:b5:77:b6:df:4c:d1:83:79:89:f3:b3:95:
                    88:dd:c1:15:b5:c3:d5:20:94:1b:d8:63:64:48:a2:
                    e6:2c:67:9d:7d:01:01:f0:73:0d:9d:83:d1:51:d2:
                    7e:75:57:fa:ca:65:fd:c5:c7:e8:b3:35:c7:e6:e3:
                    b2:ae:4b:aa:5a:17:7e:7e:ab:a3:56:25:29:c8:03:
                    c0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:E9:38:C6:D7:87:7F:76:3C:DC:7F:CF:6B:D5:F7:53:E7:22:8F:E8
            X509v3 Authority Key Identifier:
                keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YOk4xteHf3Y83H_Pa9X3U-cij-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.191.173.0/24
                  95.100.147.0/24
                  194.35.38.0/23
                IPv6:
                  2a02:2370:fe::/47
                  2a0b:35c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4d:00:b4:83:35:fd:0f:a9:76:e8:0f:bf:49:15:98:78:ec:12:
         74:93:71:4c:3f:68:ba:09:2e:2a:0e:11:23:6b:a9:2d:65:d3:
         c8:9a:c3:ec:72:35:26:96:61:3c:f1:4d:f0:09:91:c6:39:db:
         3e:d2:8d:d6:30:b0:8c:49:8e:f5:46:4d:f3:8b:10:35:c5:24:
         ed:6c:7c:f8:d3:c9:ce:32:ac:3a:48:7e:bc:ca:c9:a2:60:95:
         f0:c7:3b:11:6c:8e:1f:e3:cb:46:f6:b6:34:bc:2a:6f:98:12:
         4a:dd:1a:46:33:c4:a2:85:39:29:5f:15:37:b8:0b:37:ad:22:
         2a:f4:a2:17:0c:9a:c8:98:cf:9a:9f:4b:3f:c3:9f:4a:42:24:
         5f:aa:6a:a4:34:51:0d:14:4c:26:24:2d:c8:d5:08:9d:30:81:
         ee:20:01:67:64:17:34:ca:94:7a:a1:c4:aa:31:77:b9:1d:70:
         c5:fe:4e:17:b3:83:72:c7:e7:0d:a1:d5:ad:b0:3a:03:7a:9c:
         a9:cb:94:88:84:f4:ad:16:2a:98:39:1f:e5:39:7a:32:67:4c:
         e5:68:3d:12:5d:a2:a8:e9:35:d3:8e:3a:4a:00:2f:73:e9:7d:
         6e:af:b0:18:fa:b1:b5:d0:63:2d:90:aa:20:38:25:51:5d:25:
         f7:d0:1d:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYfCEnakgXcdlWmDRE3TGlXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwNDI3MDkzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU5MzhjNmQ3ODc3Zjc2M2NkYzdmY2Y2YmQ1Zjc1M2U3MjI4ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGlWaqAuNxeVkrzE8b3SIj6oikWr
V5MnP965gizSxrwJJ2bgfBMdzqT3pJRwSgrg8CggrtyKoTZdvt6Q9Judd3PKpLxc
jS8dst3eHQ030Zq5db6cFMPVwMknaeX9nYOK8zyHKKnmj5Fw9ZMQ6ZIQG8VMpt2A
Qak05lAyF7embIg7Ux+rPfnSGnXBc1SDne4wLQ/s1X4SFumTmZrpM9FOKicyCMNQ
TrZBmOI4HW2KgF3dNdgE2xa1d7bfTNGDeYnzs5WI3cEVtcPVIJQb2GNkSKLmLGed
fQEB8HMNnYPRUdJ+dVf6ymX9xcfoszXH5uOyrkuqWhd+fqujViUpyAPAWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGDpOMbXh392PNx/z2vV91PnIo/oMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvWU9rNHh0ZUhmM1k4M0hfUGE5WDNVLWNpai1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQAXb+tAwQA
X2STAwQBwiMmMBYEAgACMBADBwEqAiNwAP4DBQMqCzXAMA0GCSqGSIb3DQEBCwUA
A4IBAQBNALSDNf0PqXboD79JFZh47BJ0k3FMP2i6CS4qDhEja6ktZdPImsPscjUm
lmE88U3wCZHGOds+0o3WMLCMSY71Rk3zixA1xSTtbHz408nOMqw6SH68ysmiYJXw
xzsRbI4f48tG9rY0vCpvmBJK3RpGM8SihTkpXxU3uAs3rSIq9KIXDJrImM+an0s/
w59KQiRfqmqkNFENFEwmJC3I1QidMIHuIAFnZBc0ypR6ocSqMXe5HXDF/k4Xs4Ny
x+cNodWtsDoDepypy5SIhPStFiqYOR/lOXoyZ0zlaD0SXaKo6TXTjjpKAC9z6X1u
r7AY+rG10GMtkKogOCVRXSX30B14
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:32 2024 by rpki-client on console-fra.rpki-client.org