Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/yNC4f7CL4Z1BZWxO9Tg_nb7CHoM.roa
File:                     yNC4f7CL4Z1BZWxO9Tg_nb7CHoM.roa (raw, json)
Hash identifier:          727QAYZRhJkQCNrZLgBmOMhKqXEZ1WjSOqx9KRon858=
Subject key identifier:   C8:D0:B8:7F:B0:8B:E1:9D:41:65:6C:4E:F5:38:3F:9D:BE:C2:1E:83
Certificate issuer:       /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial:       01856EAFC56FDDEF851914FAEB9A9F51974F
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/yNC4f7CL4Z1BZWxO9Tg_nb7CHoM.roa
Signing time:             Sun 01 Jan 2023 18:54:51 +0000
ROA not before:           Sun 01 Jan 2023 18:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201128
IP address blocks:        85.153.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:af:c5:6f:dd:ef:85:19:14:fa:eb:9a:9f:51:97:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
        Validity
            Not Before: Jan  1 18:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c8d0b87fb08be19d41656c4ef5383f9dbec21e83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:dd:5b:3d:37:c0:68:28:3b:d7:22:5e:20:ae:
                    47:75:f5:cd:10:04:27:51:d4:01:c6:bb:17:7b:12:
                    95:4e:19:58:30:c9:be:e0:dd:a1:2d:f3:70:7c:7d:
                    9d:90:db:31:35:96:d2:1e:39:c5:f6:f5:c6:57:55:
                    f2:33:13:65:3e:1f:f2:c3:d4:7d:95:7b:5a:c5:9e:
                    e9:e2:3a:63:d8:41:9e:53:0f:3d:d3:71:73:ac:71:
                    50:d3:d5:76:28:a9:e9:f7:2f:4f:af:8f:5c:af:62:
                    14:3f:35:21:c2:49:e2:cc:7b:58:be:1f:e7:a7:60:
                    4f:9c:e7:87:b0:2e:04:14:23:81:a7:af:b6:ae:01:
                    3a:fc:1a:0a:e3:9f:c7:9a:9e:85:63:60:12:94:4a:
                    4e:7b:3e:c6:38:42:94:2d:41:3d:4d:07:eb:66:0e:
                    26:ef:05:c4:67:b7:18:48:94:61:19:cb:fd:ac:96:
                    c7:8f:46:b2:19:60:69:9c:f2:3c:a0:d4:7f:dc:49:
                    6c:5e:22:cf:ed:96:41:2a:3b:5b:79:7c:e4:7a:b5:
                    8f:ea:03:cc:d5:84:b2:d1:5e:d1:2e:7e:05:03:78:
                    e0:1d:bb:af:89:b5:a3:57:c9:4d:41:57:bf:6d:5f:
                    ef:45:9e:5d:34:8d:6e:1c:cf:17:93:6e:a8:a1:e6:
                    d8:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D0:B8:7F:B0:8B:E1:9D:41:65:6C:4E:F5:38:3F:9D:BE:C2:1E:83
            X509v3 Authority Key Identifier:
                keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/yNC4f7CL4Z1BZWxO9Tg_nb7CHoM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.153.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:81:18:65:ae:b1:6e:60:05:2a:8b:da:fd:c8:3d:e1:9a:84:
         d4:0a:e8:0e:22:05:6b:22:97:e3:27:ae:20:42:57:ee:32:4f:
         81:5a:dc:7c:ae:a2:7b:07:78:ac:b5:ea:ce:ae:8e:a8:96:a0:
         15:6a:d7:c4:46:41:9f:87:b8:a3:4f:41:bf:8a:eb:71:fd:63:
         2a:53:f5:25:ce:e5:29:cd:93:b4:89:dc:93:0b:af:9c:31:5a:
         1c:96:46:db:b5:48:14:45:b0:2e:19:9d:f7:1d:c1:b0:b7:8a:
         a9:08:3d:4f:0c:37:85:52:14:1b:e6:cb:a0:1b:77:3e:5f:fb:
         63:13:33:bc:7b:93:03:ff:3c:f6:b9:15:e3:b1:32:68:b6:f3:
         99:ae:4f:94:38:67:f2:29:ed:67:b9:8f:2e:48:ed:4e:30:21:
         a6:f2:ed:31:38:b2:a3:af:77:a8:6c:8a:f0:da:ac:27:66:e9:
         63:28:c1:bb:43:20:6b:20:af:b6:12:fb:ed:00:77:f6:dc:02:
         f7:aa:8f:db:00:1e:6a:c0:60:74:19:f0:95:1b:4c:c1:4a:ff:
         03:8a:3d:1f:a3:fb:06:a3:4e:b1:8a:85:29:76:5e:e9:41:6f:
         c1:d1:48:6b:8e:6a:36:7c:e1:aa:35:2f:51:14:3f:f1:43:9e:
         10:f3:42:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8Vv3e+FGRT665qfUZdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwMTAxMTg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQwYjg3ZmIwOGJlMTlkNDE2NTZjNGVmNTM4M2Y5ZGJlYzIxZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo91bPTfAaCg71yJeIK5HdfXNEAQn
UdQBxrsXexKVThlYMMm+4N2hLfNwfH2dkNsxNZbSHjnF9vXGV1XyMxNlPh/yw9R9
lXtaxZ7p4jpj2EGeUw8903FzrHFQ09V2KKnp9y9Pr49cr2IUPzUhwknizHtYvh/n
p2BPnOeHsC4EFCOBp6+2rgE6/BoK45/Hmp6FY2ASlEpOez7GOEKULUE9TQfrZg4m
7wXEZ7cYSJRhGcv9rJbHj0ayGWBpnPI8oNR/3ElsXiLP7ZZBKjtbeXzkerWP6gPM
1YSy0V7RLn4FA3jgHbuvibWjV8lNQVe/bV/vRZ5dNI1uHM8Xk26ooebYWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjQuH+wi+GdQWVsTvU4P52+wh6DMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEveU5DNGY3Q0w0WjFCWld4TzlUZ19uYjdDSG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZlAMA0G
CSqGSIb3DQEBCwUAA4IBAQA9gRhlrrFuYAUqi9r9yD3hmoTUCugOIgVrIpfjJ64g
QlfuMk+BWtx8rqJ7B3isterOro6olqAVatfERkGfh7ijT0G/iutx/WMqU/UlzuUp
zZO0idyTC6+cMVoclkbbtUgURbAuGZ33HcGwt4qpCD1PDDeFUhQb5sugG3c+X/tj
EzO8e5MD/zz2uRXjsTJotvOZrk+UOGfyKe1nuY8uSO1OMCGm8u0xOLKjr3eobIrw
2qwnZuljKMG7QyBrIK+2EvvtAHf23AL3qo/bAB5qwGB0GfCVG0zBSv8Dij0fo/sG
o06xioUpdl7pQW/B0Uhrjmo2fOGqNS9RFD/xQ54Q80L9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org