Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/YT96XP2SiyCh-FuJdqcB-f5ed2c.roa
File:                     YT96XP2SiyCh-FuJdqcB-f5ed2c.roa (raw, json)
Hash identifier:          WcjOUMhN+EL6C+G7uP+tMA/3527k/UwcqIdZEaKyNGI=
Subject key identifier:   61:3F:7A:5C:FD:92:8B:20:A1:F8:5B:89:76:A7:01:F9:FE:5E:77:67
Certificate issuer:       /CN=2f920d9912b3a728b94818188ef3e3e57f8d3f9c
Certificate serial:       01856B00C5334A1302B1AD7E292614C09164
Authority key identifier: 2F:92:0D:99:12:B3:A7:28:B9:48:18:18:8E:F3:E3:E5:7F:8D:3F:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5INmRKzpyi5SBgYjvPj5X-NP5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/YT96XP2SiyCh-FuJdqcB-f5ed2c.roa
Signing time:             Sun 01 Jan 2023 01:44:50 +0000
ROA not before:           Sun 01 Jan 2023 01:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204991
IP address blocks:        91.203.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:00:c5:33:4a:13:02:b1:ad:7e:29:26:14:c0:91:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f920d9912b3a728b94818188ef3e3e57f8d3f9c
        Validity
            Not Before: Jan  1 01:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=613f7a5cfd928b20a1f85b8976a701f9fe5e7767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:07:67:ee:e1:d7:9d:d4:23:15:93:cf:85:ad:
                    4f:ce:2c:1c:2c:18:74:40:c9:ef:9f:5a:ca:92:d3:
                    6a:9d:02:45:e3:e7:78:87:f1:87:06:43:4c:e7:ce:
                    50:59:d2:3d:2f:e0:4a:46:f7:56:67:8b:21:e3:b1:
                    ab:b5:79:98:2d:f3:18:99:2d:16:32:da:c3:bc:9c:
                    98:d5:b6:00:be:50:f6:f9:4e:b7:3c:7d:2f:f5:b9:
                    ae:ff:5d:39:ff:8b:32:bb:84:9a:9b:07:d9:a5:46:
                    85:9d:63:28:3a:1d:66:21:c2:32:c7:2d:0c:67:a0:
                    09:88:1a:8c:bf:87:e3:6e:ef:34:5f:08:7b:c6:9b:
                    40:06:16:d9:a8:dc:1a:eb:62:0d:12:6e:0b:d3:c9:
                    4f:cf:e3:22:9d:e3:70:51:c7:7b:64:25:de:26:e1:
                    8b:a1:d7:4b:d1:b1:80:32:8d:25:a8:bb:36:00:d7:
                    8b:b1:4d:0a:ec:b5:0d:83:69:bf:0c:02:8f:a7:6f:
                    9e:8b:6a:76:10:38:e5:d0:35:1a:2c:07:b1:21:0b:
                    33:3f:81:3d:a5:a7:3a:f9:3b:02:85:11:ea:26:07:
                    d4:f4:92:4b:cb:c7:1d:56:25:57:0c:67:30:f3:78:
                    c2:24:5a:36:53:0c:f0:54:29:96:f4:c2:66:51:93:
                    80:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:3F:7A:5C:FD:92:8B:20:A1:F8:5B:89:76:A7:01:F9:FE:5E:77:67
            X509v3 Authority Key Identifier:
                keyid:2F:92:0D:99:12:B3:A7:28:B9:48:18:18:8E:F3:E3:E5:7F:8D:3F:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5INmRKzpyi5SBgYjvPj5X-NP5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/YT96XP2SiyCh-FuJdqcB-f5ed2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/L5INmRKzpyi5SBgYjvPj5X-NP5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:18:fc:2d:2e:c6:31:15:99:9e:b2:a7:b2:51:1b:b3:16:3b:
         1f:68:b3:0e:06:0c:08:86:f4:12:27:7d:ae:d2:52:00:f0:04:
         9b:6b:dd:ea:7e:2e:58:6f:eb:2a:f0:bf:35:1b:20:50:aa:d4:
         48:72:17:7b:aa:3c:7a:a3:a2:92:6f:e1:a1:ae:cf:23:fb:77:
         65:04:39:db:b3:be:d5:52:56:0a:5d:cd:b4:8a:3e:1e:e6:b9:
         25:4c:6e:76:ba:e5:5a:b4:79:aa:dc:52:ab:78:bd:2d:51:ff:
         ea:ac:85:d1:9c:d0:26:61:6f:0e:f6:93:d2:d9:ed:70:53:9d:
         08:30:8a:82:e4:82:47:b6:3a:52:f3:a4:77:77:c3:cc:75:09:
         ae:f6:b0:bb:20:db:f8:f6:77:e7:26:52:c6:37:b5:12:da:4c:
         33:8d:35:13:6b:82:dc:c0:07:6b:fc:29:3e:98:9a:c2:90:b8:
         b8:2c:f7:04:f6:32:c0:c6:f6:cd:17:83:8d:b6:13:fb:59:ab:
         02:31:88:50:dc:18:0b:34:d4:ce:36:94:b7:28:95:a7:a2:c6:
         45:99:b1:57:0d:f9:be:da:1d:ac:fb:c1:3d:3b:a8:7d:82:fa:
         62:29:74:3c:1e:73:3c:f2:cf:3b:c7:07:1a:7d:e1:6b:fd:7f:
         06:aa:2e:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrAMUzShMCsa1+KSYUwJFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTIwZDk5MTJiM2E3MjhiOTQ4MTgxODhlZjNlM2U1N2Y4
ZDNmOWMwHhcNMjMwMTAxMDE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTNmN2E1Y2ZkOTI4YjIwYTFmODViODk3NmE3MDFmOWZlNWU3NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggdn7uHXndQjFZPPha1PziwcLBh0
QMnvn1rKktNqnQJF4+d4h/GHBkNM585QWdI9L+BKRvdWZ4sh47GrtXmYLfMYmS0W
MtrDvJyY1bYAvlD2+U63PH0v9bmu/105/4syu4SamwfZpUaFnWMoOh1mIcIyxy0M
Z6AJiBqMv4fjbu80Xwh7xptABhbZqNwa62INEm4L08lPz+MineNwUcd7ZCXeJuGL
oddL0bGAMo0lqLs2ANeLsU0K7LUNg2m/DAKPp2+ei2p2EDjl0DUaLAexIQszP4E9
pac6+TsChRHqJgfU9JJLy8cdViVXDGcw83jCJFo2UwzwVCmW9MJmUZOA+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGE/elz9kosgofhbiXanAfn+XndnMB8GA1UdIwQY
MBaAFC+SDZkSs6couUgYGI7z4+V/jT+cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVJTm1SS3pweWk1U0JnWWp2UGo1WC1OUDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY1MjUtNmFjNC00YWQzLWI4ZDIt
OWMzMDAwMjQ1Njc2LzEvWVQ5NlhQMlNpeUNoLUZ1SmRxY0ItZjVlZDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY1MjUtNmFjNC00YWQzLWI4ZDItOWMzMDAwMjQ1Njc2
LzEvTDVJTm1SS3pweWk1U0JnWWp2UGo1WC1OUDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8viMA0G
CSqGSIb3DQEBCwUAA4IBAQAUGPwtLsYxFZmesqeyURuzFjsfaLMOBgwIhvQSJ32u
0lIA8ASba93qfi5Yb+sq8L81GyBQqtRIchd7qjx6o6KSb+Ghrs8j+3dlBDnbs77V
UlYKXc20ij4e5rklTG52uuVatHmq3FKreL0tUf/qrIXRnNAmYW8O9pPS2e1wU50I
MIqC5IJHtjpS86R3d8PMdQmu9rC7INv49nfnJlLGN7US2kwzjTUTa4LcwAdr/Ck+
mJrCkLi4LPcE9jLAxvbNF4ONthP7WasCMYhQ3BgLNNTONpS3KJWnosZFmbFXDfm+
2h2s+8E9O6h9gvpiKXQ8HnM88s87xwcafeFr/X8Gqi4g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:50 2024 by rpki-client on console-fra.rpki-client.org