Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/LYaSHJw705-3YoZkbGq-Mgcyb7s.roa
File:                     LYaSHJw705-3YoZkbGq-Mgcyb7s.roa (raw, json)
Hash identifier:          Scpr3RnILfVgfIXQ/znzPbeLAcSg4bGtSxn23DEcCr4=
Subject key identifier:   2D:86:92:1C:9C:3B:D3:9F:B7:62:86:64:6C:6A:BE:32:07:32:6F:BB
Certificate issuer:       /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial:       018EE2805C8ADBC2DE109F9DF2FAD218B242
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/LYaSHJw705-3YoZkbGq-Mgcyb7s.roa
Signing time:             Mon 15 Apr 2024 16:04:06 +0000
ROA not before:           Mon 15 Apr 2024 16:04:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        194.246.37.0/24 maxlen: 24
                          194.247.44.0/24 maxlen: 24
                          194.247.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 09:17:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e2:80:5c:8a:db:c2:de:10:9f:9d:f2:fa:d2:18:b2:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
        Validity
            Not Before: Apr 15 16:04:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2d86921c9c3bd39fb76286646c6abe3207326fbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c3:52:2d:20:ae:72:7a:48:1d:89:cf:f1:f5:
                    5d:80:93:6a:d7:65:30:9f:a8:ab:29:c0:a4:fb:72:
                    ad:38:3a:64:24:74:72:0b:3b:36:8e:e3:6b:4c:bb:
                    52:b3:98:6c:b0:7f:44:d3:c8:10:51:16:07:86:bd:
                    fa:a2:c8:e8:b2:0d:1a:ce:71:f1:fe:bd:83:f6:37:
                    54:e1:1b:b3:a6:5d:43:c5:be:d7:b7:8e:c0:72:76:
                    0b:90:38:b7:e3:a9:9e:d6:dc:f3:90:f9:d7:59:33:
                    0c:3a:89:e8:fc:c6:7f:45:ad:06:2f:d5:d0:6c:76:
                    31:fd:cb:dd:ad:6c:ce:7e:2b:90:88:b1:78:f3:59:
                    c8:cf:91:39:93:fa:54:d2:1d:98:62:61:8a:d2:28:
                    b8:0a:a3:25:b9:c4:6d:80:ca:21:51:eb:d8:a2:f4:
                    8a:fd:29:79:bd:1f:e0:7e:7a:ce:3a:21:3f:80:24:
                    fa:62:3a:9d:a1:cb:22:18:64:aa:5b:15:e9:51:63:
                    6f:7d:e5:e1:34:f2:ad:31:37:cf:57:85:40:db:ca:
                    c6:d3:e2:a1:54:80:df:41:aa:a8:e7:a1:92:28:8e:
                    8f:ee:96:bb:28:fe:03:8c:03:6d:42:ec:38:ea:18:
                    6f:c2:a7:2e:c1:cb:48:c7:77:31:27:90:7d:01:c8:
                    8c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:86:92:1C:9C:3B:D3:9F:B7:62:86:64:6C:6A:BE:32:07:32:6F:BB
            X509v3 Authority Key Identifier:
                keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/LYaSHJw705-3YoZkbGq-Mgcyb7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.246.37.0/24
                  194.247.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         53:75:86:fe:6c:fe:31:d0:31:30:ed:2b:09:1f:5c:d7:ad:22:
         e1:ee:bc:6b:94:0e:f5:4e:b5:09:20:17:a0:0e:61:5d:2a:bf:
         dc:ad:4c:f7:8e:76:63:5b:fb:52:ac:1a:6b:01:ff:c8:29:ce:
         b8:1a:17:0f:6a:5b:30:f4:0f:c7:9f:56:d1:21:71:92:1e:ef:
         42:cc:f2:1c:a8:12:3c:b0:48:31:ba:66:db:00:ea:91:ce:4e:
         0f:22:f8:87:0f:aa:55:40:cf:53:9e:cd:ff:8b:fe:dc:f8:e7:
         7c:b9:a0:f4:6a:96:ee:e0:28:84:9e:0d:53:6d:e3:35:c2:07:
         51:ae:f4:6e:74:4d:b2:c5:c7:31:94:b2:35:ba:19:74:55:23:
         2c:5e:e4:c2:99:2c:12:de:44:16:03:8e:57:21:1a:2f:47:67:
         1c:e5:e3:ec:c6:df:7d:fb:64:10:56:98:29:0f:91:98:c8:c6:
         60:b5:58:6a:11:8a:c8:43:d2:4e:c1:47:66:41:2a:ac:2c:c6:
         c5:4e:2c:a1:78:e4:da:cb:5c:62:86:46:b4:b4:d1:08:57:17:
         a3:82:ed:75:04:4f:9f:4c:06:65:6f:ba:ef:a6:58:12:ef:b2:
         b5:cc:2f:c4:f7:a2:65:be:44:f5:92:a7:cf:79:4f:d7:da:2c:
         28:5d:6b:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7igFyK28LeEJ+d8vrSGLJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwNDE1MTYwNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDg2OTIxYzljM2JkMzlmYjc2Mjg2NjQ2YzZhYmUzMjA3MzI2ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8NSLSCucnpIHYnP8fVdgJNq12Uw
n6irKcCk+3KtODpkJHRyCzs2juNrTLtSs5hssH9E08gQURYHhr36osjosg0aznHx
/r2D9jdU4Ruzpl1Dxb7Xt47AcnYLkDi346me1tzzkPnXWTMMOono/MZ/Ra0GL9XQ
bHYx/cvdrWzOfiuQiLF481nIz5E5k/pU0h2YYmGK0ii4CqMlucRtgMohUevYovSK
/Sl5vR/gfnrOOiE/gCT6YjqdocsiGGSqWxXpUWNvfeXhNPKtMTfPV4VA28rG0+Kh
VIDfQaqo56GSKI6P7pa7KP4DjANtQuw46hhvwqcuwctIx3cxJ5B9AciMpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC2GkhycO9Oft2KGZGxqvjIHMm+7MB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvTFlhU0hKdzcwNS0zWW9aa2JHcS1NZ2N5YjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwvYlAwQB
wvcsMA0GCSqGSIb3DQEBCwUAA4IBAQBTdYb+bP4x0DEw7SsJH1zXrSLh7rxrlA71
TrUJIBegDmFdKr/crUz3jnZjW/tSrBprAf/IKc64GhcPalsw9A/Hn1bRIXGSHu9C
zPIcqBI8sEgxumbbAOqRzk4PIviHD6pVQM9Tns3/i/7c+Od8uaD0apbu4CiEng1T
beM1wgdRrvRudE2yxccxlLI1uhl0VSMsXuTCmSwS3kQWA45XIRovR2cc5ePsxt99
+2QQVpgpD5GYyMZgtVhqEYrIQ9JOwUdmQSqsLMbFTiyheOTay1xihka0tNEIVxej
gu11BE+fTAZlb7rvplgS77K1zC/E96JlvkT1kqfPeU/X2iwoXWtQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org