Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/YMEsepomQf1C5F5gooNgtYhzFU8.roa
File:                     YMEsepomQf1C5F5gooNgtYhzFU8.roa (raw, json)
Hash identifier:          b+6eKqep+WlE0ZifldBkDyk2BcivUr2VOLAYDc8sOkk=
Subject key identifier:   60:C1:2C:7A:9A:26:41:FD:42:E4:5E:60:A2:83:60:B5:88:73:15:4F
Certificate issuer:       /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial:       018CC9BCDCA1F52F2536A6A2326A3AEEC214
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/YMEsepomQf1C5F5gooNgtYhzFU8.roa
Signing time:             Tue 02 Jan 2024 10:34:06 +0000
ROA not before:           Tue 02 Jan 2024 10:34:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204137
IP address blocks:        134.19.128.0/21 maxlen: 21
                          2a05:7400:4000::/34 maxlen: 34

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 02:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:dc:a1:f5:2f:25:36:a6:a2:32:6a:3a:ee:c2:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
        Validity
            Not Before: Jan  2 10:34:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=60c12c7a9a2641fd42e45e60a28360b58873154f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:01:59:e9:55:90:a3:18:39:c7:31:f5:c7:62:
                    31:9c:ef:fd:c1:62:9b:7e:a0:70:48:54:d4:79:49:
                    9c:46:44:bb:cd:68:fd:5a:f0:db:c0:38:40:19:f3:
                    99:3c:91:d8:fd:b2:a5:96:d9:ff:2f:61:1c:b3:5c:
                    ae:93:fa:11:ca:ab:5a:35:34:26:74:34:f3:3f:2d:
                    f2:d1:d7:dd:bc:9f:6d:97:80:3c:e9:52:c5:a0:2a:
                    df:7f:f6:e2:4a:fa:5e:f0:09:ae:0d:de:a7:0b:d8:
                    50:76:ec:5f:3b:8b:57:3d:13:ca:9f:ec:0e:83:5b:
                    17:25:8a:70:e2:19:b3:1d:30:c1:37:72:b0:57:22:
                    b7:4c:01:f2:01:36:37:96:cd:6b:61:9e:11:15:4c:
                    5a:bc:39:fa:e7:b4:4f:a1:43:27:b1:e3:74:74:ef:
                    73:b4:bb:42:09:2f:33:ef:eb:0d:bd:67:1b:0c:8f:
                    43:5f:c0:78:cf:86:83:4c:9f:9f:c7:2e:00:17:cc:
                    9e:dd:f5:16:36:d0:7d:29:ab:71:8d:53:e2:0c:90:
                    f4:3b:66:7f:3d:c1:15:7a:75:1b:4f:61:33:70:97:
                    d4:60:d5:b3:6e:37:27:20:67:6d:8a:70:72:7b:d2:
                    8e:16:ba:3f:0d:b1:60:33:96:2e:9a:cd:8d:79:9d:
                    cf:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C1:2C:7A:9A:26:41:FD:42:E4:5E:60:A2:83:60:B5:88:73:15:4F
            X509v3 Authority Key Identifier:
                keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/YMEsepomQf1C5F5gooNgtYhzFU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.19.128.0/21
                IPv6:
                  2a05:7400:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         25:b7:79:16:70:6c:08:84:cb:ee:54:6f:d0:f2:60:22:64:b7:
         d2:3b:60:0e:6d:eb:79:f9:36:67:bb:78:e8:ce:91:47:89:8a:
         f6:4d:b1:5a:af:fb:f8:de:73:75:49:cd:41:63:5c:5f:90:b1:
         36:29:3e:99:bb:bb:90:f7:7d:c4:20:1d:7e:6f:f7:e2:22:c0:
         cd:2e:b8:89:28:bc:1f:c4:cd:ad:cd:3d:c7:c2:53:f4:4a:57:
         01:d8:0c:8f:13:61:b1:dc:a1:ff:40:fd:11:17:ed:af:d3:4d:
         fa:01:15:44:0a:1e:40:b5:5b:dd:e6:57:d4:a5:86:4c:99:d0:
         a1:57:ae:d3:81:75:9c:92:85:3c:61:ac:d1:88:37:ae:99:0c:
         0f:10:85:d8:31:7a:45:41:37:09:5c:fc:b5:54:33:a1:9d:54:
         0c:d6:ad:6c:02:21:4d:49:63:01:d5:94:a7:4d:a4:0e:51:df:
         c6:d8:31:08:25:e7:f4:4a:c7:b1:c8:1d:13:6e:3e:39:68:ca:
         52:43:6b:3d:c4:cc:c6:a2:33:7e:8b:ae:2f:36:d6:c3:a9:c6:
         12:cb:5a:ac:09:53:01:07:27:7c:2b:ba:32:e1:1a:1f:24:f9:
         bd:16:fa:73:cf:6a:50:5d:62:c3:e0:24:0c:95:8f:2d:14:ac:
         c6:c4:a8:e2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJvNyh9S8lNqaiMmo67sIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGMxMmM3YTlhMjY0MWZkNDJlNDVlNjBhMjgzNjBiNTg4NzMxNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwFZ6VWQoxg5xzH1x2IxnO/9wWKb
fqBwSFTUeUmcRkS7zWj9WvDbwDhAGfOZPJHY/bKlltn/L2Ecs1yuk/oRyqtaNTQm
dDTzPy3y0dfdvJ9tl4A86VLFoCrff/biSvpe8AmuDd6nC9hQduxfO4tXPRPKn+wO
g1sXJYpw4hmzHTDBN3KwVyK3TAHyATY3ls1rYZ4RFUxavDn657RPoUMnseN0dO9z
tLtCCS8z7+sNvWcbDI9DX8B4z4aDTJ+fxy4AF8ye3fUWNtB9KatxjVPiDJD0O2Z/
PcEVenUbT2EzcJfUYNWzbjcnIGdtinBye9KOFro/DbFgM5Yums2NeZ3PlwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGDBLHqaJkH9QuReYKKDYLWIcxVPMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvWU1Fc2Vwb21RZjFDNUY1Z29vTmd0WWh6RlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDhhOAMA4E
AgACMAgDBgYqBXQAQDANBgkqhkiG9w0BAQsFAAOCAQEAJbd5FnBsCITL7lRv0PJg
ImS30jtgDm3refk2Z7t46M6RR4mK9k2xWq/7+N5zdUnNQWNcX5CxNik+mbu7kPd9
xCAdfm/34iLAzS64iSi8H8TNrc09x8JT9EpXAdgMjxNhsdyh/0D9ERftr9NN+gEV
RAoeQLVb3eZX1KWGTJnQoVeu04F1nJKFPGGs0Yg3rpkMDxCF2DF6RUE3CVz8tVQz
oZ1UDNatbAIhTUljAdWUp02kDlHfxtgxCCXn9ErHscgdE24+OWjKUkNrPcTMxqIz
fouuLzbWw6nGEstarAlTAQcnfCu6MuEaHyT5vRb6c89qUF1iw+AkDJWPLRSsxsSo
4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org