Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/cYi8y0uy3MbS7Gij6UWZPTJWKzk.roa
File:                     cYi8y0uy3MbS7Gij6UWZPTJWKzk.roa (raw, json)
Hash identifier:          UzSYg6qFMfZIaxG8P7EGZjn93OBrRgb8cZPD+61yIS8=
Subject key identifier:   71:88:BC:CB:4B:B2:DC:C6:D2:EC:68:A3:E9:45:99:3D:32:56:2B:39
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       0185720C486CDEA7B61EA8C22DFE43EC33BE
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/cYi8y0uy3MbS7Gij6UWZPTJWKzk.roa
Signing time:             Mon 02 Jan 2023 10:34:45 +0000
ROA not before:           Mon 02 Jan 2023 10:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205148
IP address blocks:        2a0d:f407:100::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:48:6c:de:a7:b6:1e:a8:c2:2d:fe:43:ec:33:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Jan  2 10:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7188bccb4bb2dcc6d2ec68a3e945993d32562b39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:14:20:54:e4:17:ac:05:37:80:de:88:3f:9a:
                    be:85:dd:00:04:11:43:b7:c2:3d:0f:22:3c:b0:79:
                    a4:7a:62:f6:31:7c:cd:98:41:9a:f5:ce:d8:36:f0:
                    c9:a3:2b:ec:07:bc:29:4c:cb:80:0e:93:b9:4d:c2:
                    ad:e3:d0:9c:34:5c:45:54:e2:20:fc:69:1d:4d:ad:
                    14:0e:5d:4f:4f:50:90:55:ce:3e:47:8e:84:ad:84:
                    be:62:94:fe:50:f9:44:ec:6d:4e:9e:24:ec:7f:12:
                    45:6a:06:03:d2:cb:29:e3:28:ff:91:74:3e:d7:58:
                    9a:67:e5:0d:38:8d:5c:f5:88:83:ca:10:58:2d:1b:
                    7d:3f:e8:d1:8f:2b:01:e0:fe:06:f2:eb:83:91:34:
                    c6:e6:8c:ff:de:b8:53:00:1f:85:43:4d:2e:e8:17:
                    81:28:7a:d2:37:aa:48:3d:d3:0c:a7:66:6a:e6:45:
                    30:4c:67:6e:3e:8a:16:87:39:cb:b9:28:ac:17:33:
                    2e:c0:14:14:6a:19:51:e6:1c:16:cd:46:ba:48:9c:
                    c8:0f:d8:8d:fd:f2:94:49:ed:ae:7c:49:06:60:aa:
                    c9:d8:97:72:70:9d:bb:07:c1:b3:9a:25:a5:71:b9:
                    1d:34:c0:c0:0d:5b:8f:67:fb:40:9e:7c:f8:9b:72:
                    cd:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:88:BC:CB:4B:B2:DC:C6:D2:EC:68:A3:E9:45:99:3D:32:56:2B:39
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/cYi8y0uy3MbS7Gij6UWZPTJWKzk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:f407:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         1f:64:8c:8f:29:fc:31:ff:a1:0b:39:a4:7a:b2:96:e9:dd:52:
         d8:4d:58:c9:6b:f6:e9:79:ab:2d:ac:51:a5:0d:76:98:74:69:
         89:a3:e3:a9:27:41:99:d0:01:fa:87:d3:1b:d5:8d:5e:79:37:
         f4:4e:ab:13:2c:bb:bf:f8:ad:cf:87:0b:f2:ec:0d:25:f3:65:
         ed:13:af:b3:ed:7f:2c:c8:58:12:34:d9:f2:59:c5:7b:48:3d:
         6b:ae:48:b3:b9:32:2c:fa:e4:60:96:3e:b2:76:b6:66:7f:d1:
         03:08:72:35:01:cc:ac:b9:89:d1:57:ef:e5:e3:39:46:28:d2:
         8c:ef:7a:42:cc:38:49:37:39:5f:31:13:b5:7c:74:1a:8f:a4:
         d5:80:56:6f:31:33:79:df:3e:36:12:af:74:1f:38:b2:31:66:
         6f:59:2b:16:bb:2e:9b:f0:a4:67:bd:b5:d1:73:75:52:7a:a0:
         4d:c4:bc:94:4d:14:c5:c5:89:5b:69:e6:ff:5b:7e:09:dc:19:
         39:2b:b9:9a:08:fb:32:88:7b:3b:f7:e1:4a:4b:d2:48:5c:0d:
         69:9d:ee:9e:c8:e7:01:d0:2c:c9:6e:44:e7:97:50:a7:9a:11:
         76:d1:2a:ec:60:2f:85:66:53:5c:73:3f:54:f9:a2:9f:bd:c4:
         5c:b7:53:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyDEhs3qe2HqjCLf5D7DO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjMwMTAyMTAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTg4YmNjYjRiYjJkY2M2ZDJlYzY4YTNlOTQ1OTkzZDMyNTYyYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxQgVOQXrAU3gN6IP5q+hd0ABBFD
t8I9DyI8sHmkemL2MXzNmEGa9c7YNvDJoyvsB7wpTMuADpO5TcKt49CcNFxFVOIg
/GkdTa0UDl1PT1CQVc4+R46ErYS+YpT+UPlE7G1OniTsfxJFagYD0ssp4yj/kXQ+
11iaZ+UNOI1c9YiDyhBYLRt9P+jRjysB4P4G8uuDkTTG5oz/3rhTAB+FQ00u6BeB
KHrSN6pIPdMMp2Zq5kUwTGduPooWhznLuSisFzMuwBQUahlR5hwWzUa6SJzID9iN
/fKUSe2ufEkGYKrJ2JdycJ27B8GzmiWlcbkdNMDADVuPZ/tAnnz4m3LNLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHGIvMtLstzG0uxoo+lFmT0yVis5MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvY1lpOHkwdXkzTWJTN0dpajZVV1pQVEpXS3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg30BwEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfZIyPKfwx/6ELOaR6spbp3VLYTVjJa/bpeast
rFGlDXaYdGmJo+OpJ0GZ0AH6h9Mb1Y1eeTf0TqsTLLu/+K3Phwvy7A0l82XtE6+z
7X8syFgSNNnyWcV7SD1rrkizuTIs+uRglj6ydrZmf9EDCHI1AcysuYnRV+/l4zlG
KNKM73pCzDhJNzlfMRO1fHQaj6TVgFZvMTN53z42Eq90HziyMWZvWSsWuy6b8KRn
vbXRc3VSeqBNxLyUTRTFxYlbaeb/W34J3Bk5K7maCPsyiHs79+FKS9JIXA1pne6e
yOcB0CzJbkTnl1CnmhF20SrsYC+FZlNccz9U+aKfvcRct1Ob
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org