Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YTTM-1NaSQ5CmLOJQiuIL8DSVdQ.roa
File:                     YTTM-1NaSQ5CmLOJQiuIL8DSVdQ.roa (raw, json)
Hash identifier:          kBoUqpaF3HLDub+tFgtKhk7VtZyXbaN2sQNDuhmsT6U=
Subject key identifier:   61:34:CC:FB:53:5A:49:0E:42:98:B3:89:42:2B:88:2F:C0:D2:55:D4
Certificate issuer:       /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial:       01903E238912576416F657619E5050D1FB28
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YTTM-1NaSQ5CmLOJQiuIL8DSVdQ.roa
Signing time:             Sat 22 Jun 2024 04:10:34 +0000
ROA not before:           Sat 22 Jun 2024 04:10:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 22 Jun 2024 05:04:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3e:23:89:12:57:64:16:f6:57:61:9e:50:50:d1:fb:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
        Validity
            Not Before: Jun 22 04:10:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6134ccfb535a490e4298b389422b882fc0d255d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f0:4c:ba:68:30:60:22:31:b4:03:26:81:75:
                    28:b9:1c:5c:2b:64:dd:53:ab:fa:0a:5d:5b:eb:b7:
                    a1:a7:82:9c:11:1a:09:4a:17:46:1c:09:17:26:f1:
                    b6:0d:6a:03:5f:7a:55:c7:82:2f:fa:7d:c0:88:70:
                    a6:4f:13:9e:f0:6d:ac:9f:f6:82:a9:2d:40:41:70:
                    35:bf:64:7d:fc:be:35:ed:9a:29:b0:37:c9:b4:8a:
                    80:3a:a2:b1:74:d4:a7:a5:73:51:3a:1b:a5:b7:6f:
                    b6:1a:62:58:f8:00:8f:2c:1f:0d:3e:e4:99:27:ee:
                    9e:78:16:7c:93:7c:cf:3e:a4:f3:17:1f:b8:a1:c0:
                    e5:de:04:3c:b1:01:d8:0e:83:7b:d7:88:8b:15:63:
                    fa:f6:12:48:c8:4a:49:81:f9:d1:20:8b:85:b9:26:
                    bb:78:fc:b0:66:9b:84:d7:e8:65:12:84:41:d4:98:
                    dc:c5:ed:b0:8b:04:a4:36:70:2b:80:49:2f:10:d0:
                    66:4c:0c:9a:04:dc:80:c5:7c:81:a8:1b:f7:58:ef:
                    80:55:1a:99:06:d3:cc:00:d9:23:c8:5f:f4:c8:0f:
                    6e:0c:6f:a4:4d:c9:f7:ce:8c:91:5a:05:cc:36:17:
                    b1:7c:53:4a:4c:40:47:27:62:fe:d7:41:7d:89:12:
                    0e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:34:CC:FB:53:5A:49:0E:42:98:B3:89:42:2B:88:2F:C0:D2:55:D4
            X509v3 Authority Key Identifier:
                keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YTTM-1NaSQ5CmLOJQiuIL8DSVdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:bb:99:1a:24:74:f4:87:19:bb:5f:1a:63:50:c0:a9:b0:cb:
         ce:6e:30:68:b5:12:e1:df:b9:58:08:76:f3:35:93:70:e7:80:
         d7:53:5e:63:a2:d0:c5:6d:20:d9:9e:c3:2b:9f:21:4a:ea:b9:
         81:2e:a1:93:58:6e:ce:f5:47:6c:ad:ad:43:91:cb:24:85:82:
         5a:7d:95:06:0a:55:af:dd:b1:07:c1:0f:da:17:2a:f0:1c:69:
         5a:7a:73:ef:8f:d9:ce:92:45:68:1a:9f:20:bd:c6:76:06:ea:
         9c:cb:aa:12:0f:e6:d6:e7:44:23:97:9f:40:dc:1d:20:aa:2b:
         9b:d9:47:cb:70:0d:4a:37:81:25:43:c2:30:15:7f:ef:61:ab:
         e1:63:7c:fb:7a:8e:92:bb:98:41:da:b4:be:80:7e:40:cd:c0:
         70:39:e8:ce:bb:4c:d9:38:07:21:f6:c4:2d:62:c8:37:c0:47:
         f2:01:17:d5:98:86:7f:39:c3:8e:9c:10:8b:96:d0:8f:0b:70:
         39:7c:92:38:f2:cc:a6:b9:bf:59:63:93:cb:5e:2a:4a:18:d4:
         32:30:a2:44:ac:0c:4c:ff:af:f1:6e:fc:77:93:28:9a:dc:b0:
         df:93:6d:fe:5d:96:91:6b:e2:66:f4:b2:87:e0:69:42:ac:a9:
         13:e5:10:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA+I4kSV2QW9ldhnlBQ0fsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMDQxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTM0Y2NmYjUzNWE0OTBlNDI5OGIzODk0MjJiODgyZmMwZDI1NWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovBMumgwYCIxtAMmgXUouRxcK2Td
U6v6Cl1b67ehp4KcERoJShdGHAkXJvG2DWoDX3pVx4Iv+n3AiHCmTxOe8G2sn/aC
qS1AQXA1v2R9/L417ZopsDfJtIqAOqKxdNSnpXNROhult2+2GmJY+ACPLB8NPuSZ
J+6eeBZ8k3zPPqTzFx+4ocDl3gQ8sQHYDoN714iLFWP69hJIyEpJgfnRIIuFuSa7
ePywZpuE1+hlEoRB1Jjcxe2wiwSkNnArgEkvENBmTAyaBNyAxXyBqBv3WO+AVRqZ
BtPMANkjyF/0yA9uDG+kTcn3zoyRWgXMNhexfFNKTEBHJ2L+10F9iRIOsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGE0zPtTWkkOQpiziUIriC/A0lXUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWVRUTS0xTmFTUTVDbUxPSlFpdUlMOERTVmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAm7mRokdPSHGbtfGmNQ
wKmwy85uMGi1EuHfuVgIdvM1k3DngNdTXmOi0MVtINmewyufIUrquYEuoZNYbs71
R2ytrUORyySFglp9lQYKVa/dsQfBD9oXKvAcaVp6c++P2c6SRWganyC9xnYG6pzL
qhIP5tbnRCOXn0DcHSCqK5vZR8twDUo3gSVDwjAVf+9hq+FjfPt6jpK7mEHatL6A
fkDNwHA56M67TNk4ByH2xC1iyDfAR/IBF9WYhn85w46cEIuW0I8LcDl8kjjyzKa5
v1ljk8teKkoY1DIwokSsDEz/r/Fu/HeTKJrcsN+Tbf5dlpFr4mb0sofgaUKsqRPl
EHs=
Generated at Sat Jun 22 05:59:31 2024 by rpki-client on console-fra.rpki-client.org