Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/YSkzI9DINet3DkFDeDWKcGOR_I4.roa
File:                     YSkzI9DINet3DkFDeDWKcGOR_I4.roa (raw, json)
Hash identifier:          ePA19UE8OHemxFdlymQGXCIUaQ/3by4tZ5HZ4yvFtSc=
Subject key identifier:   61:29:33:23:D0:C8:35:EB:77:0E:41:43:78:35:8A:70:63:91:FC:8E
Certificate issuer:       /CN=e75bce163cb502a657f272f79fd3e487fbbd4b88
Certificate serial:       0185711E4594BDBAD566000817C064F36F71
Authority key identifier: E7:5B:CE:16:3C:B5:02:A6:57:F2:72:F7:9F:D3:E4:87:FB:BD:4B:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51vOFjy1AqZX8nL3n9Pkh_u9S4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/YSkzI9DINet3DkFDeDWKcGOR_I4.roa
Signing time:             Mon 02 Jan 2023 06:14:47 +0000
ROA not before:           Mon 02 Jan 2023 06:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206288
IP address blocks:        185.35.84.0/22 maxlen: 22
                          2a00:f280::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:45:94:bd:ba:d5:66:00:08:17:c0:64:f3:6f:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e75bce163cb502a657f272f79fd3e487fbbd4b88
        Validity
            Not Before: Jan  2 06:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61293323d0c835eb770e414378358a706391fc8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0f:54:69:e9:20:3b:bb:a5:b0:86:44:24:fa:
                    a5:25:e9:e5:f5:82:42:60:81:ea:42:ac:0e:5a:c5:
                    f2:31:ff:c3:95:fc:fb:fb:3e:b3:72:35:7c:fb:ec:
                    c9:14:11:29:9d:c3:54:4f:fd:40:91:61:74:ef:68:
                    24:57:d8:87:b7:76:c9:9e:99:2e:ad:82:15:93:1a:
                    eb:b0:92:1d:2e:09:df:08:74:21:80:a8:f0:e7:91:
                    15:90:76:8f:9f:66:49:15:ad:f6:f5:0e:d0:5b:04:
                    d2:4d:84:63:26:b1:c3:1c:32:6d:64:6e:73:35:83:
                    32:4b:17:cb:c4:71:b4:7a:c7:7e:f6:67:8b:df:42:
                    b0:c0:1f:ac:57:59:4e:91:5e:5a:86:e9:29:ad:22:
                    ad:29:cb:1d:51:d8:fb:9f:41:02:18:6c:29:45:5c:
                    ad:f7:2f:b8:63:8f:3e:84:6c:fa:59:82:5b:e4:ee:
                    1d:f5:95:6f:d1:76:9a:dd:98:b0:ab:cb:91:fa:31:
                    3d:d9:61:5e:77:a3:c7:71:bb:50:50:3a:5a:16:34:
                    5b:c1:13:11:04:4b:51:eb:a7:c7:ba:a2:c3:08:8a:
                    8e:e0:20:ab:d1:1f:a9:71:d8:e1:0f:5c:94:56:5d:
                    e3:ef:0a:dd:1e:b9:8f:64:2a:1e:41:dd:fd:66:49:
                    89:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:29:33:23:D0:C8:35:EB:77:0E:41:43:78:35:8A:70:63:91:FC:8E
            X509v3 Authority Key Identifier:
                keyid:E7:5B:CE:16:3C:B5:02:A6:57:F2:72:F7:9F:D3:E4:87:FB:BD:4B:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51vOFjy1AqZX8nL3n9Pkh_u9S4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/YSkzI9DINet3DkFDeDWKcGOR_I4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/51vOFjy1AqZX8nL3n9Pkh_u9S4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.84.0/22
                IPv6:
                  2a00:f280::/32

    Signature Algorithm: sha256WithRSAEncryption
         99:69:62:ef:d9:7a:62:b7:88:b6:7d:b7:88:ab:94:80:57:e1:
         1c:11:25:53:80:a9:e6:de:a6:86:49:9d:54:00:57:3c:74:68:
         17:27:59:32:5f:d9:62:2b:2a:8b:e3:44:80:6e:10:35:29:fd:
         7c:5c:94:1b:eb:9a:80:c6:dc:e5:83:fb:87:0e:e8:72:e0:e8:
         df:8a:30:8b:a3:83:cc:09:41:1c:f6:58:3f:fd:ab:7d:91:2a:
         2f:c6:0b:15:7b:db:0c:2e:c9:01:ac:f3:8b:fd:6f:ea:b9:8f:
         ea:53:00:93:9b:89:be:e5:2b:6a:00:f5:2d:fa:cb:6b:16:c2:
         9c:9c:b4:f6:37:09:b6:22:e8:7c:9f:e2:5d:d2:ae:f2:4f:38:
         e7:46:13:ec:4b:6e:03:c3:ed:b9:1b:8e:79:25:96:cc:08:c5:
         fa:b6:1a:4a:de:c4:85:6b:80:45:0c:76:70:9b:02:48:d1:da:
         86:64:a1:3f:a8:34:7b:14:ae:01:3a:91:cf:18:5c:00:2c:64:
         26:6b:ef:a0:5c:84:f1:77:64:3e:f3:dc:fe:7b:64:2a:2d:29:
         df:fe:98:5a:94:6d:13:78:d6:ed:a3:30:2d:07:19:c1:84:f8:
         51:93:4c:9a:1e:6d:e7:8e:7e:66:bb:d9:6c:25:27:53:57:37:
         8d:db:72:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHkWUvbrVZgAIF8Bk829xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NWJjZTE2M2NiNTAyYTY1N2YyNzJmNzlmZDNlNDg3ZmJi
ZDRiODgwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTI5MzMyM2QwYzgzNWViNzcwZTQxNDM3ODM1OGE3MDYzOTFmYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA9UaekgO7ulsIZEJPqlJenl9YJC
YIHqQqwOWsXyMf/Dlfz7+z6zcjV8++zJFBEpncNUT/1AkWF072gkV9iHt3bJnpku
rYIVkxrrsJIdLgnfCHQhgKjw55EVkHaPn2ZJFa329Q7QWwTSTYRjJrHDHDJtZG5z
NYMySxfLxHG0esd+9meL30KwwB+sV1lOkV5ahukprSKtKcsdUdj7n0ECGGwpRVyt
9y+4Y48+hGz6WYJb5O4d9ZVv0Xaa3Ziwq8uR+jE92WFed6PHcbtQUDpaFjRbwRMR
BEtR66fHuqLDCIqO4CCr0R+pcdjhD1yUVl3j7wrdHrmPZCoeQd39ZkmJdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGEpMyPQyDXrdw5BQ3g1inBjkfyOMB8GA1UdIwQY
MBaAFOdbzhY8tQKmV/Jy95/T5If7vUuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTF2T0ZqeTFBcVpYOG5MM245UGtoX3U5UzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jNTcwOGItZmFmOS00MmE0LWJmNDgt
NGI4NTc4NzE1MTU0LzEvWVNrekk5RElOZXQzRGtGRGVEV0tjR09SX0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jNTcwOGItZmFmOS00MmE0LWJmNDgtNGI4NTc4NzE1MTU0
LzEvNTF2T0ZqeTFBcVpYOG5MM245UGtoX3U5UzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSNUMA0E
AgACMAcDBQAqAPKAMA0GCSqGSIb3DQEBCwUAA4IBAQCZaWLv2Xpit4i2fbeIq5SA
V+EcESVTgKnm3qaGSZ1UAFc8dGgXJ1kyX9liKyqL40SAbhA1Kf18XJQb65qAxtzl
g/uHDuhy4OjfijCLo4PMCUEc9lg//at9kSovxgsVe9sMLskBrPOL/W/quY/qUwCT
m4m+5StqAPUt+strFsKcnLT2Nwm2Iuh8n+Jd0q7yTzjnRhPsS24Dw+25G455JZbM
CMX6thpK3sSFa4BFDHZwmwJI0dqGZKE/qDR7FK4BOpHPGFwALGQma++gXITxd2Q+
89z+e2QqLSnf/phalG0TeNbtozAtBxnBhPhRk0yaHm3njn5mu9lsJSdTVzeN23Io
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org