Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yq_C-CzEl2cYioEsct3lF7DDnSs.roa
File:                     yq_C-CzEl2cYioEsct3lF7DDnSs.roa (raw, json)
Hash identifier:          Poup4PNIgbc9x+5IGAYtvTt3Lb2EUIFau1TahqiAAdE=
Subject key identifier:   CA:AF:C2:F8:2C:C4:97:67:18:8A:81:2C:72:DD:E5:17:B0:C3:9D:2B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AB87A9D3C63C0FF287184E0528F345221
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yq_C-CzEl2cYioEsct3lF7DDnSs.roa
Signing time:             Thu 21 Sep 2023 16:02:37 +0000
ROA not before:           Thu 21 Sep 2023 16:02:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397423
IP address blocks:        82.153.245.0/24 maxlen: 24
                          89.213.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Nov 2023 07:46:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b8:7a:9d:3c:63:c0:ff:28:71:84:e0:52:8f:34:52:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 21 16:02:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=caafc2f82cc49767188a812c72dde517b0c39d2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7d:9d:c3:c1:5d:11:2e:19:18:b4:f4:6f:53:
                    35:b3:f0:15:2c:9f:bb:da:31:6e:4a:02:ed:51:f0:
                    6e:56:c4:a3:6d:59:82:58:84:85:a9:7f:81:ba:74:
                    54:4a:44:4c:aa:1a:3d:9f:65:44:34:8b:d5:f2:91:
                    ec:6d:0a:f6:f1:3f:b5:9a:d2:60:9a:b6:27:fe:d6:
                    3f:50:8a:89:e6:5e:fc:27:8c:53:f5:2d:3e:a8:42:
                    58:1a:c7:47:72:e4:be:37:5c:46:3a:df:48:46:7a:
                    e7:10:df:8d:d5:45:bd:24:6a:50:c0:c0:a9:6c:9f:
                    49:99:c8:83:d3:63:95:99:8f:21:eb:30:02:99:fb:
                    c9:0c:a6:28:f3:ff:6d:c7:10:b1:c5:a1:92:0e:50:
                    a9:86:55:ff:4d:b0:88:5a:fa:38:23:d7:8b:4b:56:
                    b5:f0:94:3e:f7:3b:ba:a9:92:1d:66:4a:35:37:ba:
                    4f:9c:a6:f5:e6:56:2b:80:00:6f:dc:5d:6c:f2:02:
                    38:ce:5f:8d:3f:b2:cf:44:94:29:c1:3b:34:6a:c4:
                    a8:8c:f0:70:2b:a6:69:e3:c2:69:76:7c:e0:b1:f6:
                    df:78:03:c1:7e:bc:4f:42:ae:35:bf:30:ad:e1:c2:
                    31:90:cd:40:34:9f:03:cc:98:76:a0:b4:88:29:27:
                    34:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:AF:C2:F8:2C:C4:97:67:18:8A:81:2C:72:DD:E5:17:B0:C3:9D:2B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yq_C-CzEl2cYioEsct3lF7DDnSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.245.0/24
                  89.213.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:2b:fe:c5:3e:57:1c:9e:57:ac:5d:f2:bb:f1:3f:b7:86:3f:
         53:30:88:c1:dd:d7:6b:6b:c7:ed:4e:6f:c9:30:24:4b:7b:52:
         c3:2a:6f:9e:00:15:30:58:06:32:b1:c3:ae:52:ea:94:9a:de:
         b2:5b:61:aa:e4:b0:e3:ac:05:42:98:4a:2c:67:aa:d7:b8:6c:
         47:6a:b5:da:cc:eb:cd:24:8b:c7:2b:3c:db:ab:08:95:9c:ac:
         08:f4:f2:4b:86:be:d9:ba:4e:15:df:90:2c:7d:e5:e6:c6:0f:
         b4:f3:4f:73:8f:d4:1f:ba:52:36:2a:ee:87:b0:32:89:17:d5:
         44:d9:61:dc:53:82:8a:3c:30:5f:e0:1f:e9:5c:35:51:87:2f:
         22:d2:86:e0:7a:b1:1f:d8:da:93:5c:d5:c5:80:84:9d:36:ed:
         67:f7:da:13:02:92:21:00:c0:8f:f0:8e:f3:96:b1:06:22:de:
         24:ef:2a:e7:ec:92:3b:92:22:7f:eb:50:c7:db:e8:af:f2:4f:
         ea:2c:7c:be:a7:73:c3:39:bd:ac:6b:6a:12:98:24:fb:71:91:
         af:37:01:4b:e7:e3:3d:c5:40:dc:4b:97:9c:0d:f2:f7:b8:ee:
         2e:8f:ac:58:5e:6c:9e:49:a4:46:df:ff:20:0f:83:b0:5d:9e:
         bb:be:a3:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYq4ep08Y8D/KHGE4FKPNFIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTIxMTYwMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFmYzJmODJjYzQ5NzY3MTg4YTgxMmM3MmRkZTUxN2IwYzM5ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw32dw8FdES4ZGLT0b1M1s/AVLJ+7
2jFuSgLtUfBuVsSjbVmCWISFqX+BunRUSkRMqho9n2VENIvV8pHsbQr28T+1mtJg
mrYn/tY/UIqJ5l78J4xT9S0+qEJYGsdHcuS+N1xGOt9IRnrnEN+N1UW9JGpQwMCp
bJ9JmciD02OVmY8h6zACmfvJDKYo8/9txxCxxaGSDlCphlX/TbCIWvo4I9eLS1a1
8JQ+9zu6qZIdZko1N7pPnKb15lYrgABv3F1s8gI4zl+NP7LPRJQpwTs0asSojPBw
K6Zp48JpdnzgsfbfeAPBfrxPQq41vzCt4cIxkM1ANJ8DzJh2oLSIKSc0sQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMqvwvgsxJdnGIqBLHLd5Reww50rMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveXFfQy1DekVsMmNZaW9Fc2N0M2xGN0REblNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpn1AwQA
WdWEMA0GCSqGSIb3DQEBCwUAA4IBAQAJK/7FPlccnlesXfK78T+3hj9TMIjB3ddr
a8ftTm/JMCRLe1LDKm+eABUwWAYyscOuUuqUmt6yW2Gq5LDjrAVCmEosZ6rXuGxH
arXazOvNJIvHKzzbqwiVnKwI9PJLhr7Zuk4V35AsfeXmxg+0809zj9QfulI2Ku6H
sDKJF9VE2WHcU4KKPDBf4B/pXDVRhy8i0obgerEf2NqTXNXFgISdNu1n99oTApIh
AMCP8I7zlrEGIt4k7yrn7JI7kiJ/61DH2+iv8k/qLHy+p3PDOb2sa2oSmCT7cZGv
NwFL5+M9xUDcS5ecDfL3uO4uj6xYXmyeSaRG3/8gD4OwXZ67vqOa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org