Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/yDXMyaqiyeBnpzLj5k-V0VFDsgo.roa
File:                     yDXMyaqiyeBnpzLj5k-V0VFDsgo.roa (raw, json)
Hash identifier:          r7yk4tRL4yYPD5HL9MF228OCnxSJwFDWd7pY5QZKll4=
Subject key identifier:   C8:35:CC:C9:AA:A2:C9:E0:67:A7:32:E3:E6:4F:95:D1:51:43:B2:0A
Certificate issuer:       /CN=3bad9cd5034f81558f83d238eca406332bd7ba85
Certificate serial:       018ADBA215A0CEDF491615506A559C98266D
Authority key identifier: 3B:AD:9C:D5:03:4F:81:55:8F:83:D2:38:EC:A4:06:33:2B:D7:BA:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O62c1QNPgVWPg9I47KQGMyvXuoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/yDXMyaqiyeBnpzLj5k-V0VFDsgo.roa
Signing time:             Thu 28 Sep 2023 11:52:27 +0000
ROA not before:           Thu 28 Sep 2023 11:52:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        185.253.12.0/22 maxlen: 24
                          2a0c:3040::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:db:a2:15:a0:ce:df:49:16:15:50:6a:55:9c:98:26:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bad9cd5034f81558f83d238eca406332bd7ba85
        Validity
            Not Before: Sep 28 11:52:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c835ccc9aaa2c9e067a732e3e64f95d15143b20a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d6:98:a9:db:f5:4f:af:fc:35:1c:ee:a5:de:
                    c4:78:13:f5:c5:b2:5b:12:56:07:22:67:94:b7:fc:
                    1a:73:c0:13:ac:e4:26:92:3e:62:79:f8:c6:99:c7:
                    3f:87:84:0d:cb:70:b6:f6:a4:b8:8d:46:91:86:da:
                    8f:fa:a3:78:bb:98:6a:16:bb:3a:99:ed:c1:58:13:
                    e8:07:f0:52:86:92:1a:cb:3e:e9:fc:cf:95:c4:2d:
                    0d:54:41:4b:04:38:0f:21:4a:b1:9c:b0:1d:32:fd:
                    0d:de:bd:45:6d:77:50:18:f5:aa:e1:71:29:5c:35:
                    63:5a:9a:7c:50:8b:f5:2e:77:1b:7c:4a:41:fb:c9:
                    7b:bc:08:58:5a:b5:5e:93:b9:6c:58:ae:1a:56:a0:
                    f4:c2:c2:fd:32:da:c7:a4:b9:e2:d4:53:84:75:bd:
                    70:2b:53:19:02:d6:7e:ce:e1:67:95:9d:f8:69:b0:
                    a8:af:53:ee:62:37:b4:b7:69:58:de:ab:d8:14:14:
                    af:4b:2c:c3:6f:6c:7c:2f:93:65:97:2a:2c:44:0a:
                    19:e2:c9:3c:4c:b4:0e:c4:ef:24:c6:d0:94:93:e8:
                    37:21:8f:53:cc:08:68:4b:eb:46:d0:59:24:99:00:
                    ac:61:78:91:28:69:ba:80:7c:c9:e9:3c:b5:a8:09:
                    14:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:35:CC:C9:AA:A2:C9:E0:67:A7:32:E3:E6:4F:95:D1:51:43:B2:0A
            X509v3 Authority Key Identifier:
                keyid:3B:AD:9C:D5:03:4F:81:55:8F:83:D2:38:EC:A4:06:33:2B:D7:BA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O62c1QNPgVWPg9I47KQGMyvXuoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/yDXMyaqiyeBnpzLj5k-V0VFDsgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/O62c1QNPgVWPg9I47KQGMyvXuoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.12.0/22
                IPv6:
                  2a0c:3040::/29

    Signature Algorithm: sha256WithRSAEncryption
         74:fa:2a:a8:0d:58:2d:7c:95:00:db:82:a0:bb:d5:a4:a6:5c:
         25:29:f2:62:b5:aa:2c:41:08:51:c6:60:dd:ca:03:34:c0:43:
         d0:b1:b7:5a:57:3c:2f:5c:31:a6:6b:3a:99:d0:70:84:c5:ba:
         91:4f:25:57:3f:7c:e3:a3:73:cb:46:e8:34:72:b5:86:33:8a:
         4d:64:51:27:00:0e:8d:c9:67:b2:a3:b0:ad:7c:7b:c2:26:b0:
         0a:e1:b0:ed:12:40:47:1e:80:f1:75:e2:85:a3:be:fc:fa:a7:
         c8:6c:32:b7:57:19:26:db:d8:79:c9:94:87:d7:db:6f:26:fc:
         30:32:22:1b:7a:e6:2f:d9:ea:49:ae:4a:6c:4a:2f:7e:d3:01:
         5d:f4:e6:8e:8d:1a:9a:40:26:88:dd:d6:66:60:ae:17:87:e4:
         38:ee:06:e7:16:ca:fa:82:9f:0b:78:cb:cf:50:36:52:b7:94:
         c7:0b:ad:34:71:3e:38:0f:e9:f3:71:02:73:d4:e8:d3:59:68:
         c3:85:14:e9:37:64:78:72:36:f8:15:b5:2d:a5:8d:c1:a3:bf:
         a5:59:37:8a:85:61:56:84:1a:5f:ba:a4:dd:da:bb:62:f9:ad:
         74:0f:33:5f:96:e0:da:cf:fd:ea:e6:d7:fd:98:b5:d6:dd:6f:
         11:d4:06:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrbohWgzt9JFhVQalWcmCZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWQ5Y2Q1MDM0ZjgxNTU4ZjgzZDIzOGVjYTQwNjMzMmJk
N2JhODUwHhcNMjMwOTI4MTE1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM1Y2NjOWFhYTJjOWUwNjdhNzMyZTNlNjRmOTVkMTUxNDNiMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtaYqdv1T6/8NRzupd7EeBP1xbJb
ElYHImeUt/wac8ATrOQmkj5iefjGmcc/h4QNy3C29qS4jUaRhtqP+qN4u5hqFrs6
me3BWBPoB/BShpIayz7p/M+VxC0NVEFLBDgPIUqxnLAdMv0N3r1FbXdQGPWq4XEp
XDVjWpp8UIv1LncbfEpB+8l7vAhYWrVek7lsWK4aVqD0wsL9MtrHpLni1FOEdb1w
K1MZAtZ+zuFnlZ34abCor1PuYje0t2lY3qvYFBSvSyzDb2x8L5NllyosRAoZ4sk8
TLQOxO8kxtCUk+g3IY9TzAhoS+tG0FkkmQCsYXiRKGm6gHzJ6Ty1qAkUmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMg1zMmqosngZ6cy4+ZPldFRQ7IKMB8GA1UdIwQY
MBaAFDutnNUDT4FVj4PSOOykBjMr17qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYyYzFRTlBnVldQZzlJNDdLUUdNeXZYdW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80MTZiYzctY2U4Ny00MmI2LThjNjgt
NGJhNWYyMDZmNjVhLzEveURYTXlhcWl5ZUJucHpMajVrLVYwVkZEc2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80MTZiYzctY2U4Ny00MmI2LThjNjgtNGJhNWYyMDZmNjVh
LzEvTzYyYzFRTlBnVldQZzlJNDdLUUdNeXZYdW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf0MMA0E
AgACMAcDBQMqDDBAMA0GCSqGSIb3DQEBCwUAA4IBAQB0+iqoDVgtfJUA24Kgu9Wk
plwlKfJitaosQQhRxmDdygM0wEPQsbdaVzwvXDGmazqZ0HCExbqRTyVXP3zjo3PL
Rug0crWGM4pNZFEnAA6NyWeyo7CtfHvCJrAK4bDtEkBHHoDxdeKFo778+qfIbDK3
Vxkm29h5yZSH19tvJvwwMiIbeuYv2epJrkpsSi9+0wFd9OaOjRqaQCaI3dZmYK4X
h+Q47gbnFsr6gp8LeMvPUDZSt5THC600cT44D+nzcQJz1OjTWWjDhRTpN2R4cjb4
FbUtpY3Bo7+lWTeKhWFWhBpfuqTd2rti+a10DzNfluDaz/3q5tf9mLXW3W8R1Abs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-fra.rpki-client.org