Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/YI_QkyiB2iYQ5ZCsWGT-nOBM0Kg.roa
File:                     YI_QkyiB2iYQ5ZCsWGT-nOBM0Kg.roa (raw, json)
Hash identifier:          F7x6+9zBOcgahNf+RtbvNv9lU4EEiMk4wtRzEG6IzsQ=
Subject key identifier:   60:8F:D0:93:28:81:DA:26:10:E5:90:AC:58:64:FE:9C:E0:4C:D0:A8
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       0185720C48D34CC82D95064872396C6422C5
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/YI_QkyiB2iYQ5ZCsWGT-nOBM0Kg.roa
Signing time:             Mon 02 Jan 2023 10:34:45 +0000
ROA not before:           Mon 02 Jan 2023 10:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205847
IP address blocks:        193.41.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:48:d3:4c:c8:2d:95:06:48:72:39:6c:64:22:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Jan  2 10:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=608fd0932881da2610e590ac5864fe9ce04cd0a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:1d:73:ad:0e:13:a0:c0:9c:95:d7:e7:52:0c:
                    3b:97:0b:fd:73:fb:ae:f8:31:a3:1f:52:66:43:08:
                    47:56:5e:18:d7:50:1d:81:b9:4d:d8:2a:89:02:3b:
                    dd:dc:d9:e9:fe:d9:9d:58:61:96:29:16:05:d5:c5:
                    c3:9d:16:ea:fd:72:8c:3e:07:a8:a8:f6:5c:14:02:
                    bd:44:25:51:15:83:19:89:bc:26:c7:7b:28:0a:86:
                    85:0e:41:ed:de:a4:c2:86:20:99:85:fb:ce:a4:a0:
                    71:19:68:e6:1f:28:e5:1b:25:ec:a1:9f:97:0f:0b:
                    cf:7a:22:fe:45:e0:5e:ae:cb:99:72:73:f6:ee:16:
                    f9:26:a7:8c:e8:b1:9b:ab:e2:23:3f:dd:5b:97:a4:
                    da:d6:9a:df:2c:83:b0:bc:20:63:53:fc:99:57:dc:
                    12:03:82:a7:2e:dd:b8:04:72:66:72:94:fa:29:56:
                    9a:7f:c3:fa:ad:72:14:a4:b3:4f:f5:39:5a:34:72:
                    9f:29:03:ae:43:2d:a5:50:c0:e1:cc:90:fd:98:ee:
                    3b:b2:38:c5:00:5d:73:76:2c:72:2f:9a:43:72:33:
                    ca:12:84:4e:9f:2d:90:75:f7:12:eb:95:6b:15:18:
                    80:0b:e5:a3:e1:5e:61:5f:1f:75:aa:3b:33:bc:86:
                    3d:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:8F:D0:93:28:81:DA:26:10:E5:90:AC:58:64:FE:9C:E0:4C:D0:A8
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/YI_QkyiB2iYQ5ZCsWGT-nOBM0Kg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.41.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:24:bb:ba:e6:ee:48:4e:7f:4b:1a:3a:c5:43:8b:1d:cb:a8:
         5a:7c:c5:78:7e:8f:fe:cf:70:5b:2a:81:4c:8d:6d:32:37:ee:
         41:0c:41:ab:24:d2:e2:96:33:d7:4f:aa:45:4c:48:fc:82:40:
         a1:1e:7e:d1:ba:ff:ab:27:73:b5:c3:f3:c7:c6:4c:e7:cd:14:
         85:fb:9b:f7:2e:ae:54:3a:de:25:eb:6f:cb:be:0c:ad:62:a2:
         0c:75:81:c7:25:04:e6:36:57:34:fa:ab:ec:4f:f6:c8:f0:c9:
         0a:03:27:9d:1e:50:a1:e5:6c:a7:10:6c:01:68:2c:81:9e:7e:
         7a:f1:3f:89:33:5a:36:ed:3a:b8:9b:26:68:e5:fe:ff:c6:55:
         c5:b0:f2:66:9f:ba:4f:e8:45:0e:dc:27:ea:10:9c:94:82:f1:
         90:13:2d:a5:38:da:54:72:08:9f:e7:58:63:44:a5:66:18:49:
         c5:a8:0b:36:e7:4d:f3:79:17:53:34:ca:29:60:1e:31:f3:23:
         1c:98:4c:fd:bf:d3:01:12:ee:c3:f8:41:10:18:a1:54:5e:26:
         72:06:f1:ad:dd:a3:52:42:1f:1b:c8:e9:fb:4b:52:11:c2:db:
         82:f1:fe:e2:54:5c:da:8f:bc:da:34:0b:0a:0c:f9:67:d5:eb:
         a7:b6:65:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDEjTTMgtlQZIcjlsZCLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjMwMTAyMTAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhmZDA5MzI4ODFkYTI2MTBlNTkwYWM1ODY0ZmU5Y2UwNGNkMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR1zrQ4ToMCcldfnUgw7lwv9c/uu
+DGjH1JmQwhHVl4Y11AdgblN2CqJAjvd3Nnp/tmdWGGWKRYF1cXDnRbq/XKMPgeo
qPZcFAK9RCVRFYMZibwmx3soCoaFDkHt3qTChiCZhfvOpKBxGWjmHyjlGyXsoZ+X
DwvPeiL+ReBersuZcnP27hb5JqeM6LGbq+IjP91bl6Ta1prfLIOwvCBjU/yZV9wS
A4KnLt24BHJmcpT6KVaaf8P6rXIUpLNP9TlaNHKfKQOuQy2lUMDhzJD9mO47sjjF
AF1zdixyL5pDcjPKEoROny2QdfcS65VrFRiAC+Wj4V5hXx91qjszvIY9VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCP0JMogdomEOWQrFhk/pzgTNCoMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvWUlfUWt5aUIyaVlRNVpDc1dHVC1uT0JNMEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSnYMA0G
CSqGSIb3DQEBCwUAA4IBAQBYJLu65u5ITn9LGjrFQ4sdy6hafMV4fo/+z3BbKoFM
jW0yN+5BDEGrJNLiljPXT6pFTEj8gkChHn7Ruv+rJ3O1w/PHxkznzRSF+5v3Lq5U
Ot4l62/LvgytYqIMdYHHJQTmNlc0+qvsT/bI8MkKAyedHlCh5WynEGwBaCyBnn56
8T+JM1o27Tq4myZo5f7/xlXFsPJmn7pP6EUO3CfqEJyUgvGQEy2lONpUcgif51hj
RKVmGEnFqAs2503zeRdTNMopYB4x8yMcmEz9v9MBEu7D+EEQGKFUXiZyBvGt3aNS
Qh8byOn7S1IRwtuC8f7iVFzaj7zaNAsKDPln1euntmV2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org