Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y2WADDLAHf66F1kPEzC3SDLM0GU.roa
File:                     Y2WADDLAHf66F1kPEzC3SDLM0GU.roa (raw, json)
Hash identifier:          9KxlB4ptYaZR7308dVLNm6Koq56OnauvgmHldYD8uT0=
Subject key identifier:   63:65:80:0C:32:C0:1D:FE:BA:17:59:0F:13:30:B7:48:32:CC:D0:65
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC34960D5F1C64124E22D017B13917E64
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y2WADDLAHf66F1kPEzC3SDLM0GU.roa
Signing time:             Mon 01 Jan 2024 04:30:15 +0000
ROA not before:           Mon 01 Jan 2024 04:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211061
IP address blocks:        185.49.127.0/24 maxlen: 24
                          185.49.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 04 Feb 2024 12:28:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:60:d5:f1:c6:41:24:e2:2d:01:7b:13:91:7e:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6365800c32c01dfeba17590f1330b74832ccd065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:28:56:a7:d4:66:c4:e1:15:d6:06:93:fc:5d:
                    f8:5e:40:c4:68:c4:3c:47:a8:e5:51:f1:51:86:66:
                    26:77:e8:2d:d6:70:7c:cb:72:cb:4d:9a:5a:a6:09:
                    cd:c7:b4:05:ae:54:0c:e6:20:3b:de:f9:ec:62:d6:
                    1a:6d:3d:37:86:e6:fb:3d:56:42:67:09:28:bd:5b:
                    81:b3:21:a5:ba:89:6a:08:cc:1f:79:ce:c3:2e:35:
                    eb:94:41:04:53:f7:8c:70:11:02:7e:e9:35:59:1a:
                    47:59:a7:dc:f2:80:bc:91:ab:f5:7d:5c:29:2e:39:
                    2d:2a:17:96:db:68:41:a9:22:4f:9d:dc:87:cf:49:
                    52:26:3e:c0:c9:1e:73:95:b6:5d:42:53:2a:c1:cc:
                    ef:58:25:42:38:fb:c3:df:91:1e:b8:f6:d1:1b:b5:
                    87:73:a1:c5:86:a1:73:cf:e8:e9:0a:91:27:8f:a2:
                    06:bd:30:c9:15:59:96:a9:26:de:a2:f0:ef:55:fd:
                    5c:11:30:86:e6:3a:aa:a8:3b:77:40:8e:eb:dc:40:
                    c7:25:7b:06:2d:da:86:ef:aa:4f:c0:5e:71:bc:b3:
                    eb:4e:f8:18:e8:10:5f:32:95:19:cb:5f:1f:6b:9a:
                    7f:2b:8c:4b:b0:97:bc:e6:bc:80:a3:76:a7:73:a9:
                    55:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:65:80:0C:32:C0:1D:FE:BA:17:59:0F:13:30:B7:48:32:CC:D0:65
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y2WADDLAHf66F1kPEzC3SDLM0GU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:53:73:53:52:0d:d8:27:f2:3c:62:42:cc:f3:2e:7c:c3:37:
         bd:f5:0a:2f:f7:33:77:10:dd:f5:9e:63:28:da:7c:8a:87:42:
         b2:3d:fc:8d:57:0b:19:36:73:d3:52:33:26:cf:ea:08:df:38:
         b8:59:f3:e3:60:f8:4c:3c:5a:38:a9:e2:5e:9f:02:48:cd:11:
         dd:6f:98:ec:87:14:bd:d8:a2:c0:68:d8:65:51:6c:ec:c2:95:
         1c:7f:84:d7:df:6e:52:c6:86:bb:09:43:9a:2b:eb:e5:f5:0f:
         76:8b:a7:91:31:64:57:2c:9a:60:11:e4:60:ca:01:92:ce:12:
         3b:a4:57:7a:b7:76:39:82:76:e2:c4:f1:af:7f:59:a1:df:bd:
         e0:0d:8f:3c:92:1c:d3:9e:e1:01:b4:e8:c0:ee:fa:af:3a:22:
         99:87:7d:0f:8e:5a:f9:1d:f3:41:e6:90:b2:6f:aa:0c:ec:7c:
         9f:34:65:38:a9:63:9e:7f:a2:cf:7f:fd:a7:95:78:b2:f5:b6:
         fc:7b:de:29:96:dc:b8:44:87:c6:fb:aa:b3:5a:b2:3f:4e:0f:
         8c:da:48:ff:a8:bb:39:be:78:92:5d:c8:14:ab:67:80:df:62:
         26:83:b7:50:0b:54:49:39:91:c2:d2:0d:46:fb:d6:fd:92:4b:
         f3:5b:bd:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWDV8cZBJOItAXsTkX5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY1ODAwYzMyYzAxZGZlYmExNzU5MGYxMzMwYjc0ODMyY2NkMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjihWp9RmxOEV1gaT/F34XkDEaMQ8
R6jlUfFRhmYmd+gt1nB8y3LLTZpapgnNx7QFrlQM5iA73vnsYtYabT03hub7PVZC
ZwkovVuBsyGluolqCMwfec7DLjXrlEEEU/eMcBECfuk1WRpHWafc8oC8kav1fVwp
LjktKheW22hBqSJPndyHz0lSJj7AyR5zlbZdQlMqwczvWCVCOPvD35EeuPbRG7WH
c6HFhqFzz+jpCpEnj6IGvTDJFVmWqSbeovDvVf1cETCG5jqqqDt3QI7r3EDHJXsG
LdqG76pPwF5xvLPrTvgY6BBfMpUZy18fa5p/K4xLsJe85ryAo3anc6lVVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNlgAwywB3+uhdZDxMwt0gyzNBlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWTJXQURETEFIZjY2RjFrUEV6QzNTRExNMEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTF+MA0G
CSqGSIb3DQEBCwUAA4IBAQChU3NTUg3YJ/I8YkLM8y58wze99Qov9zN3EN31nmMo
2nyKh0KyPfyNVwsZNnPTUjMmz+oI3zi4WfPjYPhMPFo4qeJenwJIzRHdb5jshxS9
2KLAaNhlUWzswpUcf4TX325Sxoa7CUOaK+vl9Q92i6eRMWRXLJpgEeRgygGSzhI7
pFd6t3Y5gnbixPGvf1mh373gDY88khzTnuEBtOjA7vqvOiKZh30Pjlr5HfNB5pCy
b6oM7HyfNGU4qWOef6LPf/2nlXiy9bb8e94plty4RIfG+6qzWrI/Tg+M2kj/qLs5
vniSXcgUq2eA32Img7dQC1RJOZHC0g1G+9b9kkvzW73S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org