Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/ykad1BPUAGSuTqg1Uj2d6UBNQQI.roa
File:                     ykad1BPUAGSuTqg1Uj2d6UBNQQI.roa (raw, json)
Hash identifier:          GloKyXWVWiLekIt3IyUCVwBKBadyda4fnboYRys6DR0=
Subject key identifier:   CA:46:9D:D4:13:D4:00:64:AE:4E:A8:35:52:3D:9D:E9:40:4D:41:02
Certificate issuer:       /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial:       0187FB9E6771A9354DD1B41DFF078BAE6526
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/ykad1BPUAGSuTqg1Uj2d6UBNQQI.roa
Signing time:             Mon 08 May 2023 13:47:54 +0000
ROA not before:           Mon 08 May 2023 13:47:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.167.232.0/24 maxlen: 24
                          185.167.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fb:9e:67:71:a9:35:4d:d1:b4:1d:ff:07:8b:ae:65:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
        Validity
            Not Before: May  8 13:47:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca469dd413d40064ae4ea835523d9de9404d4102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:63:fe:03:d0:cf:6b:d7:5f:5f:f9:21:80:50:
                    f4:2c:9d:0f:e2:7e:0c:0c:e8:4a:a1:cc:e4:55:ed:
                    9e:d8:14:4b:0b:0c:48:85:13:6e:6c:b5:ca:5e:b4:
                    99:de:3e:c2:22:22:2a:fc:a2:88:c3:d3:b3:7e:19:
                    47:01:7f:c4:b1:9a:45:95:e1:0f:a9:9a:56:2f:8e:
                    1c:79:59:58:b8:64:48:8d:5d:a0:5d:99:3d:a3:07:
                    81:8f:d0:fa:2e:ae:95:27:fc:9c:ea:75:21:ad:29:
                    91:74:d5:cb:3d:24:66:ce:d9:4c:3b:3f:33:1d:0e:
                    9b:ce:9a:5d:67:05:ef:47:a1:1e:09:c4:05:76:c4:
                    fa:75:5b:d6:ed:57:cf:e9:68:35:c5:35:a8:e2:cd:
                    c7:80:91:d0:38:67:56:76:ab:2e:c4:e2:83:6e:4b:
                    32:a0:d0:ec:9a:26:4d:e4:0b:a3:6b:30:60:f1:f4:
                    3a:95:41:e2:b6:5e:5e:7d:89:18:14:4a:20:0d:1e:
                    eb:70:3c:34:21:f9:db:f3:a6:9b:db:92:65:a2:d3:
                    f2:67:37:00:30:a1:f8:dc:9f:dc:af:72:2f:35:54:
                    f0:79:e3:0e:b4:4a:0c:66:1c:49:c2:f5:37:e4:42:
                    04:26:a7:20:42:4b:85:72:f5:da:02:d1:9b:a8:5a:
                    31:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:46:9D:D4:13:D4:00:64:AE:4E:A8:35:52:3D:9D:E9:40:4D:41:02
            X509v3 Authority Key Identifier:
                keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/ykad1BPUAGSuTqg1Uj2d6UBNQQI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2d:2a:79:7b:92:08:55:b7:67:84:08:9b:59:77:7e:5a:1e:68:
         16:15:52:a3:93:28:28:1a:e8:b7:f7:dd:97:49:ca:1a:51:d1:
         6f:5a:c0:a5:e6:67:1b:8c:d0:e3:03:c9:8b:ed:e8:73:b2:5c:
         56:f1:42:26:cf:39:70:62:8c:36:74:5d:3e:a8:13:4c:8d:cc:
         5b:63:b8:29:f9:32:34:1f:2d:1e:ba:ae:72:ae:cf:dc:62:c4:
         cf:e2:b4:f1:dc:c1:d9:b5:8d:6b:91:5c:5c:d3:1d:60:fc:e1:
         16:e2:fd:43:21:3d:3d:ee:34:9c:c4:ea:60:3b:35:70:01:ef:
         3b:f0:85:9c:7c:63:09:34:53:a7:c0:3d:c7:b9:fc:4f:36:23:
         3e:0d:30:77:aa:d4:58:32:c2:c4:8e:5f:c7:b3:19:cc:cc:34:
         d2:ef:58:fa:58:af:f5:86:53:d8:54:42:54:c4:e2:4b:dd:35:
         2b:39:da:22:e6:b8:45:3b:c4:73:63:de:bd:a6:61:89:ff:e5:
         30:2c:78:59:ca:0b:7d:9e:48:d7:0b:7b:1d:c0:1b:ac:fe:89:
         f0:c8:a9:6e:bd:cc:14:1e:12:30:85:dd:32:70:13:3d:57:95:
         54:d8:83:54:ff:5c:68:95:a0:48:59:8e:4b:71:ea:7d:4a:fe:
         2d:c3:d2:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf7nmdxqTVN0bQd/weLrmUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGIxNTE5MzgxNmZkMTVkY2ZkMDQ3ZGI0ZWVjYTY3Mjkx
MmJiNjAwHhcNMjMwNTA4MTM0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ2OWRkNDEzZDQwMDY0YWU0ZWE4MzU1MjNkOWRlOTQwNGQ0MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGP+A9DPa9dfX/khgFD0LJ0P4n4M
DOhKoczkVe2e2BRLCwxIhRNubLXKXrSZ3j7CIiIq/KKIw9OzfhlHAX/EsZpFleEP
qZpWL44ceVlYuGRIjV2gXZk9oweBj9D6Lq6VJ/yc6nUhrSmRdNXLPSRmztlMOz8z
HQ6bzppdZwXvR6EeCcQFdsT6dVvW7VfP6Wg1xTWo4s3HgJHQOGdWdqsuxOKDbksy
oNDsmiZN5AujazBg8fQ6lUHitl5efYkYFEogDR7rcDw0Ifnb86ab25JlotPyZzcA
MKH43J/cr3IvNVTweeMOtEoMZhxJwvU35EIEJqcgQkuFcvXaAtGbqFoxlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpGndQT1ABkrk6oNVI9nelATUECMB8GA1UdIwQY
MBaAFG8LFRk4Fv0V3P0EfbTuymcpErtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYt
OWNmODQzZjA1NjcwLzEveWthZDFCUFVBR1N1VHFnMVVqMmQ2VUJOUVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYtOWNmODQzZjA1Njcw
LzEvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuafoMA0G
CSqGSIb3DQEBCwUAA4IBAQAtKnl7kghVt2eECJtZd35aHmgWFVKjkygoGui3992X
ScoaUdFvWsCl5mcbjNDjA8mL7ehzslxW8UImzzlwYow2dF0+qBNMjcxbY7gp+TI0
Hy0euq5yrs/cYsTP4rTx3MHZtY1rkVxc0x1g/OEW4v1DIT097jScxOpgOzVwAe87
8IWcfGMJNFOnwD3HufxPNiM+DTB3qtRYMsLEjl/HsxnMzDTS71j6WK/1hlPYVEJU
xOJL3TUrOdoi5rhFO8RzY969pmGJ/+UwLHhZygt9nkjXC3sdwBus/onwyKluvcwU
HhIwhd0ycBM9V5VU2INU/1xolaBIWY5Lcep9Sv4tw9LY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org