Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d525f8-d549-4909-b8c0-ff014900be8a/1/YDdtJWFsq4KflvZNWwpK7X-p5PE.roa
File:                     YDdtJWFsq4KflvZNWwpK7X-p5PE.roa (raw, json)
Hash identifier:          f+lln5iUVCvARqMXVIGD/iT5MgNkQOhjlM7W9TUXZ94=
Subject key identifier:   60:37:6D:25:61:6C:AB:82:9F:96:F6:4D:5B:0A:4A:ED:7F:A9:E4:F1
Certificate issuer:       /CN=d533b09430b048f0526ef6a937774e7f06203731
Certificate serial:       018ADBEA68E77D179E9D4C147BB9E31B5F3D
Authority key identifier: D5:33:B0:94:30:B0:48:F0:52:6E:F6:A9:37:77:4E:7F:06:20:37:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1TOwlDCwSPBSbvapN3dOfwYgNzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/d525f8-d549-4909-b8c0-ff014900be8a/1/YDdtJWFsq4KflvZNWwpK7X-p5PE.roa
Signing time:             Thu 28 Sep 2023 13:11:27 +0000
ROA not before:           Thu 28 Sep 2023 13:11:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209242
IP address blocks:        185.135.44.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:db:ea:68:e7:7d:17:9e:9d:4c:14:7b:b9:e3:1b:5f:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d533b09430b048f0526ef6a937774e7f06203731
        Validity
            Not Before: Sep 28 13:11:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60376d25616cab829f96f64d5b0a4aed7fa9e4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:32:89:5a:44:30:44:cd:f9:84:d6:68:6b:8b:
                    84:37:71:59:d6:32:32:f1:4f:95:27:17:ac:e3:d5:
                    7f:8c:27:4c:89:b8:37:a8:ab:30:05:69:83:69:c2:
                    d8:88:97:82:3a:68:03:96:7c:57:7a:b7:05:4d:c1:
                    49:1b:85:a4:16:b5:30:50:d5:0c:99:4e:89:28:07:
                    1e:85:5b:91:34:83:57:57:e3:9a:4e:4f:9b:ac:d5:
                    b2:6e:38:7b:18:f3:76:1d:81:42:58:f3:33:8e:e7:
                    f6:39:22:29:93:0b:c1:fd:df:71:14:e5:5e:fe:71:
                    9f:79:f5:2a:07:5e:5b:ee:7c:0d:70:d4:86:7c:88:
                    81:c0:9b:78:fc:34:43:a2:db:a1:f6:af:4e:0b:3d:
                    d6:10:a3:4a:ca:06:90:95:a8:82:1c:34:6d:46:c5:
                    90:42:5e:af:b0:9d:d2:95:3e:ff:92:6d:87:5f:f5:
                    91:66:2a:10:5a:8f:5b:07:05:3e:33:05:80:05:c0:
                    79:9b:15:ee:ae:10:4c:1d:64:77:3c:f6:3c:69:83:
                    20:ee:9d:37:27:2b:f6:cd:41:e4:fe:3d:86:0a:cd:
                    9f:80:d4:f4:f2:29:9d:ee:56:4f:7d:8f:af:fd:1c:
                    84:41:46:fb:e5:9e:76:22:84:7d:3e:b9:a1:3c:75:
                    14:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:37:6D:25:61:6C:AB:82:9F:96:F6:4D:5B:0A:4A:ED:7F:A9:E4:F1
            X509v3 Authority Key Identifier:
                keyid:D5:33:B0:94:30:B0:48:F0:52:6E:F6:A9:37:77:4E:7F:06:20:37:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TOwlDCwSPBSbvapN3dOfwYgNzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d525f8-d549-4909-b8c0-ff014900be8a/1/YDdtJWFsq4KflvZNWwpK7X-p5PE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d525f8-d549-4909-b8c0-ff014900be8a/1/1TOwlDCwSPBSbvapN3dOfwYgNzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.135.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:8e:b2:26:49:60:10:b9:9b:45:16:f4:6d:66:db:ca:28:ed:
         0a:ab:c6:1b:6e:ee:3f:dc:da:f0:06:a7:5b:dc:28:b5:96:7d:
         14:48:8f:65:6a:31:b4:db:1c:fb:27:58:b3:49:93:48:3c:2a:
         b2:aa:33:15:99:a9:27:8c:35:c2:69:fe:97:c5:a1:1a:ca:76:
         67:0b:d3:e1:ba:05:74:63:22:79:cc:4f:0d:8d:63:3f:83:5a:
         68:cc:7a:2b:2c:62:80:a4:9f:0b:ad:06:12:22:80:b2:05:86:
         d8:f3:60:39:c7:7b:f6:6f:4b:5e:37:e8:d5:06:65:79:5b:2f:
         04:13:ce:b4:f0:2b:82:fb:5a:62:f6:33:e2:8e:6b:89:12:62:
         28:c8:f5:d8:65:3d:6c:60:87:a2:38:ca:95:c3:4c:dd:31:ce:
         6d:19:da:e8:25:08:f8:6d:f9:e4:35:de:bf:7a:13:26:a4:4e:
         45:05:c8:bf:cf:ec:34:32:7d:d8:80:48:e2:63:d1:03:5a:4e:
         c1:75:91:77:86:b5:c8:7a:55:8f:2a:fd:db:5d:87:9b:87:02:
         1c:fb:09:90:83:c6:f9:34:26:8e:9f:31:3b:40:a6:16:23:95:
         34:63:d6:c6:34:41:00:dd:d4:e4:29:65:c2:6b:e5:4a:f9:3f:
         ce:20:cc:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrb6mjnfReenUwUe7njG189MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzNiMDk0MzBiMDQ4ZjA1MjZlZjZhOTM3Nzc0ZTdmMDYy
MDM3MzEwHhcNMjMwOTI4MTMxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDM3NmQyNTYxNmNhYjgyOWY5NmY2NGQ1YjBhNGFlZDdmYTllNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjKJWkQwRM35hNZoa4uEN3FZ1jIy
8U+VJxes49V/jCdMibg3qKswBWmDacLYiJeCOmgDlnxXercFTcFJG4WkFrUwUNUM
mU6JKAcehVuRNINXV+OaTk+brNWybjh7GPN2HYFCWPMzjuf2OSIpkwvB/d9xFOVe
/nGfefUqB15b7nwNcNSGfIiBwJt4/DRDotuh9q9OCz3WEKNKygaQlaiCHDRtRsWQ
Ql6vsJ3SlT7/km2HX/WRZioQWo9bBwU+MwWABcB5mxXurhBMHWR3PPY8aYMg7p03
Jyv2zUHk/j2GCs2fgNT08imd7lZPfY+v/RyEQUb75Z52IoR9PrmhPHUU5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGA3bSVhbKuCn5b2TVsKSu1/qeTxMB8GA1UdIwQY
MBaAFNUzsJQwsEjwUm72qTd3Tn8GIDcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRPd2xEQ3dTUEJTYnZhcE4zZE9md1lnTnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kNTI1ZjgtZDU0OS00OTA5LWI4YzAt
ZmYwMTQ5MDBiZThhLzEvWURkdEpXRnNxNEtmbHZaTld3cEs3WC1wNVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kNTI1ZjgtZDU0OS00OTA5LWI4YzAtZmYwMTQ5MDBiZThh
LzEvMVRPd2xEQ3dTUEJTYnZhcE4zZE9md1lnTnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYcsMA0G
CSqGSIb3DQEBCwUAA4IBAQAojrImSWAQuZtFFvRtZtvKKO0Kq8Ybbu4/3NrwBqdb
3Ci1ln0USI9lajG02xz7J1izSZNIPCqyqjMVmaknjDXCaf6XxaEaynZnC9PhugV0
YyJ5zE8NjWM/g1pozHorLGKApJ8LrQYSIoCyBYbY82A5x3v2b0teN+jVBmV5Wy8E
E8608CuC+1pi9jPijmuJEmIoyPXYZT1sYIeiOMqVw0zdMc5tGdroJQj4bfnkNd6/
ehMmpE5FBci/z+w0Mn3YgEjiY9EDWk7BdZF3hrXIelWPKv3bXYebhwIc+wmQg8b5
NCaOnzE7QKYWI5U0Y9bGNEEA3dTkKWXCa+VK+T/OIMyd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:36 2024 by rpki-client on console-fra.rpki-client.org