Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YOP26b8wiijGVmsTRRSTROtxPaY.roa
File:                     YOP26b8wiijGVmsTRRSTROtxPaY.roa (raw, json)
Hash identifier:          qJ+GwuiQ/WP4Hlep8Se+L6nsyOgYUjeZI2QmqtUWp1M=
Subject key identifier:   60:E3:F6:E9:BF:30:8A:28:C6:56:6B:13:45:14:93:44:EB:71:3D:A6
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0187C74A3550E061AFFE494D89FCF6DF84B4
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YOP26b8wiijGVmsTRRSTROtxPaY.roa
Signing time:             Fri 28 Apr 2023 09:55:41 +0000
ROA not before:           Fri 28 Apr 2023 09:55:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209408
IP address blocks:        45.66.224.0/22 maxlen: 22
                          2a09:6c40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 05 May 2023 08:54:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c7:4a:35:50:e0:61:af:fe:49:4d:89:fc:f6:df:84:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Apr 28 09:55:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60e3f6e9bf308a28c6566b1345149344eb713da6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2b:c4:d5:ba:4b:f8:03:d8:2d:49:15:a7:7c:
                    eb:41:36:48:ef:5b:86:8c:cc:ab:0c:7d:f1:c3:d0:
                    12:40:f5:ca:b3:91:00:e9:f2:b1:4e:f0:ea:53:28:
                    71:76:ad:8a:b9:19:7e:4f:b6:52:fd:48:72:da:e0:
                    07:c9:04:42:ce:65:65:19:eb:f3:fb:67:07:93:e7:
                    f2:e4:fe:12:83:13:08:9c:dc:fd:04:69:df:c9:db:
                    ca:b3:90:4a:ee:c9:ba:fe:22:62:2d:68:a5:3d:23:
                    91:19:d1:5c:5c:82:ff:e3:91:fb:2c:51:13:ab:42:
                    e2:f1:30:97:17:3b:da:f9:20:09:fa:ef:4b:48:ea:
                    2d:f0:09:57:36:5b:87:f8:ec:39:26:77:a2:e7:31:
                    d9:c2:f7:bb:f2:46:96:5a:2f:c9:25:a4:a2:e5:c2:
                    4a:7f:f9:7a:92:98:5f:6f:ed:91:86:2f:f7:72:1c:
                    e3:61:90:5a:e9:bc:69:92:5a:1b:97:15:de:fa:e3:
                    1a:45:ae:3b:46:32:35:2b:6e:22:e1:29:d0:bd:d5:
                    57:e5:aa:86:61:1b:c1:9f:01:cc:91:41:e9:d8:87:
                    a6:fe:dd:fd:41:02:5f:ce:02:c2:be:b0:d5:f5:ea:
                    2c:6e:a4:ae:e2:c8:c6:52:71:a5:4f:cb:ae:9b:07:
                    b2:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:E3:F6:E9:BF:30:8A:28:C6:56:6B:13:45:14:93:44:EB:71:3D:A6
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YOP26b8wiijGVmsTRRSTROtxPaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.224.0/22
                IPv6:
                  2a09:6c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:72:cc:4f:f0:d0:8b:04:18:22:16:73:5a:51:4b:fc:6a:bd:
         fd:eb:76:38:7f:8e:31:e3:74:53:53:41:a8:0e:fa:b1:ff:75:
         93:ac:ef:a3:81:d9:c5:93:b1:60:a4:22:00:b0:2c:8a:7f:5e:
         9d:78:41:7d:22:c6:52:d4:a5:d6:f6:8a:64:18:30:3a:79:58:
         f7:82:a8:91:c5:80:06:d5:e9:c4:ed:2b:01:03:22:c0:c1:bf:
         60:5f:d1:71:f1:f6:2d:5a:58:d1:0c:b5:9c:a3:8f:e7:c3:22:
         d1:2c:62:44:70:9f:05:a7:00:5d:a3:ac:8d:0c:94:3b:b7:18:
         ad:f8:71:00:7a:48:3a:cd:11:ec:9d:8a:16:e6:73:6b:00:37:
         35:51:c3:8f:66:4a:72:fb:43:06:b6:66:46:90:98:58:a0:3a:
         aa:02:7c:f1:3a:75:86:aa:95:84:1e:59:a1:be:91:1a:60:59:
         c8:4f:12:1c:95:bc:11:14:2f:f9:8f:54:59:91:4f:e2:7d:ff:
         b4:43:73:d8:6c:cd:7d:89:bc:55:0d:8e:2f:cc:5f:a0:0c:25:
         b3:b8:e7:35:09:0c:b0:dd:17:00:26:9d:20:a4:9e:4f:1d:68:
         7a:57:e1:b4:4f:10:f6:09:4f:8d:2a:e7:db:95:91:0f:9c:42:
         23:3e:f3:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfHSjVQ4GGv/klNifz234S0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDI4MDk1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUzZjZlOWJmMzA4YTI4YzY1NjZiMTM0NTE0OTM0NGViNzEzZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyvE1bpL+APYLUkVp3zrQTZI71uG
jMyrDH3xw9ASQPXKs5EA6fKxTvDqUyhxdq2KuRl+T7ZS/Uhy2uAHyQRCzmVlGevz
+2cHk+fy5P4SgxMInNz9BGnfydvKs5BK7sm6/iJiLWilPSORGdFcXIL/45H7LFET
q0Li8TCXFzva+SAJ+u9LSOot8AlXNluH+Ow5Jnei5zHZwve78kaWWi/JJaSi5cJK
f/l6kphfb+2Rhi/3chzjYZBa6bxpkloblxXe+uMaRa47RjI1K24i4SnQvdVX5aqG
YRvBnwHMkUHp2Iem/t39QQJfzgLCvrDV9eosbqSu4sjGUnGlT8uumwey5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDj9um/MIooxlZrE0UUk0TrcT2mMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWU9QMjZiOHdpaWpHVm1zVFJSU1RST3R4UGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLULgMA0E
AgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQBfcsxP8NCLBBgiFnNaUUv8
ar3963Y4f44x43RTU0GoDvqx/3WTrO+jgdnFk7FgpCIAsCyKf16deEF9IsZS1KXW
9opkGDA6eVj3gqiRxYAG1enE7SsBAyLAwb9gX9Fx8fYtWljRDLWco4/nwyLRLGJE
cJ8FpwBdo6yNDJQ7txit+HEAekg6zRHsnYoW5nNrADc1UcOPZkpy+0MGtmZGkJhY
oDqqAnzxOnWGqpWEHlmhvpEaYFnITxIclbwRFC/5j1RZkU/iff+0Q3PYbM19ibxV
DY4vzF+gDCWzuOc1CQyw3RcAJp0gpJ5PHWh6V+G0TxD2CU+NKufblZEPnEIjPvOb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org