Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/BYHwclye8h7zZpPkW9a45wHqAfU.roa
File:                     BYHwclye8h7zZpPkW9a45wHqAfU.roa (raw, json)
Hash identifier:          GmIKXL/qzXpAZMO6fJIQHgQWF9CjWID1huG4NhdFYOo=
Subject key identifier:   05:81:F0:72:5C:9E:F2:1E:F3:66:93:E4:5B:D6:B8:E7:01:EA:01:F5
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0189B5C4C3454E8E0BDCEC772929A1F344B3
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/BYHwclye8h7zZpPkW9a45wHqAfU.roa
Signing time:             Wed 02 Aug 2023 10:21:58 +0000
ROA not before:           Wed 02 Aug 2023 10:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211027
IP address blocks:        2a0f:cc81::/32 maxlen: 32
                          2a11:200:2000::/36 maxlen: 36
                          2a10:c340:7000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 18:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b5:c4:c3:45:4e:8e:0b:dc:ec:77:29:29:a1:f3:44:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug  2 10:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0581f0725c9ef21ef36693e45bd6b8e701ea01f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:44:11:1c:49:db:e2:ba:24:56:28:32:92:99:
                    18:f9:30:af:86:43:ee:4e:47:16:95:3d:76:86:82:
                    79:cc:4a:a5:41:57:c8:c6:bc:b4:38:da:ff:5c:ea:
                    67:bd:67:ee:74:e9:48:b1:88:ad:43:13:6a:e8:97:
                    03:8c:2d:36:9a:af:10:7f:59:8f:49:cc:37:15:fa:
                    4f:1d:b5:e4:f9:13:78:e7:10:77:43:00:e2:3a:d8:
                    fc:55:6c:67:3a:7b:a5:83:57:6c:9f:67:e8:7c:ae:
                    f1:47:33:dd:c6:e9:b7:af:a3:a1:71:d3:fa:a2:ed:
                    49:9b:ff:b9:b7:c2:e0:cc:6f:e2:4d:8b:84:9a:9c:
                    b1:66:92:c2:5e:28:e9:c4:ef:b1:bc:4d:46:22:0b:
                    58:10:ac:5a:85:0b:3a:55:cf:2c:0d:c0:78:93:10:
                    f9:96:6e:3e:bb:18:33:5b:ef:68:89:1f:32:9a:7e:
                    15:96:43:f1:78:58:9b:0f:be:55:6c:76:c9:86:6c:
                    5b:43:0e:89:d8:c4:98:fd:4e:90:23:0c:bb:96:39:
                    42:c6:8a:d4:60:36:d5:16:77:82:e6:e5:f4:b3:16:
                    29:8e:b1:5a:f9:ea:5e:5d:2d:90:e9:72:64:17:65:
                    e0:40:b3:e8:5a:2b:b1:f9:6a:81:a0:00:5d:90:51:
                    69:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:81:F0:72:5C:9E:F2:1E:F3:66:93:E4:5B:D6:B8:E7:01:EA:01:F5
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/BYHwclye8h7zZpPkW9a45wHqAfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:cc81::/32
                  2a10:c340:7000::/36
                  2a11:200:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         60:13:a2:61:89:da:df:e6:ed:4e:01:14:7d:b3:06:80:f2:91:
         e5:f2:0c:3b:e3:35:76:15:ff:71:32:75:0c:81:cd:a4:6e:b9:
         ce:07:d7:c6:9f:ec:1d:f0:28:9b:32:10:08:c8:01:b5:52:05:
         ce:08:6c:fe:62:5c:4f:d7:94:bc:a7:4c:44:d7:0c:43:6a:39:
         d4:e6:6b:12:41:b4:4b:4a:1f:4b:8c:17:f7:c4:01:b3:c0:a4:
         aa:5a:7f:62:f4:d5:cd:2e:1a:cf:61:da:b7:4f:db:ec:9e:24:
         78:4b:e7:7d:c0:82:c0:10:ba:28:86:63:17:28:7b:2a:18:65:
         57:93:01:01:02:ed:53:5b:b8:ed:c7:0b:f4:7d:96:99:76:3f:
         b1:ac:b3:9a:b1:d3:97:da:b4:09:28:bd:c0:45:2b:10:c3:8c:
         cd:1e:db:69:e9:db:d9:45:9b:0a:94:72:10:7c:9b:c1:d1:18:
         11:fd:4a:27:c1:06:86:8b:e2:f7:4a:5f:fa:41:e9:ac:ab:0c:
         2c:b6:b3:85:70:fc:70:5a:94:57:7c:a5:cd:fb:c8:8c:d4:2c:
         65:e9:d4:0e:46:02:42:14:2c:a6:f8:2f:ff:f9:50:bc:58:e1:
         a2:2d:60:f3:4c:ca:b0:cd:1a:64:43:1f:b5:56:1a:9a:8d:66:
         81:94:bc:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm1xMNFTo4L3Ox3KSmh80SzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODAyMTAyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTgxZjA3MjVjOWVmMjFlZjM2NjkzZTQ1YmQ2YjhlNzAxZWEwMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0QRHEnb4rokVigykpkY+TCvhkPu
TkcWlT12hoJ5zEqlQVfIxry0ONr/XOpnvWfudOlIsYitQxNq6JcDjC02mq8Qf1mP
Scw3FfpPHbXk+RN45xB3QwDiOtj8VWxnOnulg1dsn2fofK7xRzPdxum3r6OhcdP6
ou1Jm/+5t8LgzG/iTYuEmpyxZpLCXijpxO+xvE1GIgtYEKxahQs6Vc8sDcB4kxD5
lm4+uxgzW+9oiR8ymn4VlkPxeFibD75VbHbJhmxbQw6J2MSY/U6QIwy7ljlCxorU
YDbVFneC5uX0sxYpjrFa+epeXS2Q6XJkF2XgQLPoWiux+WqBoABdkFFpvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAWB8HJcnvIe82aT5FvWuOcB6gH1MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQllId2NseWU4aDd6WnBQa1c5YTQ1d0hxQWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg/MgQMG
BCoQw0BwAwYEKhECACAwDQYJKoZIhvcNAQELBQADggEBAGATomGJ2t/m7U4BFH2z
BoDykeXyDDvjNXYV/3EydQyBzaRuuc4H18af7B3wKJsyEAjIAbVSBc4IbP5iXE/X
lLynTETXDENqOdTmaxJBtEtKH0uMF/fEAbPApKpaf2L01c0uGs9h2rdP2+yeJHhL
533AgsAQuiiGYxcoeyoYZVeTAQEC7VNbuO3HC/R9lpl2P7Gss5qx05fatAkovcBF
KxDDjM0e22np29lFmwqUchB8m8HRGBH9SifBBoaL4vdKX/pB6ayrDCy2s4Vw/HBa
lFd8pc37yIzULGXp1A5GAkIULKb4L//5ULxY4aItYPNMyrDNGmRDH7VWGpqNZoGU
vNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org