Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YE0uGr0nZt6_C9mGLVC1rYpexXI.roa
File:                     YE0uGr0nZt6_C9mGLVC1rYpexXI.roa (raw, json)
Hash identifier:          eNUBM5TwESIOhDcAwIp/VrZVLty/o59katAUlZ0/MT0=
Subject key identifier:   60:4D:2E:1A:BD:27:66:DE:BF:0B:D9:86:2D:50:B5:AD:8A:5E:C5:72
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0186ACD450C2900741954C0CFFE440E2DFB4
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YE0uGr0nZt6_C9mGLVC1rYpexXI.roa
Signing time:             Sat 04 Mar 2023 13:34:00 +0000
ROA not before:           Sat 04 Mar 2023 13:34:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30823
IP address blocks:        85.208.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 11:58:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ac:d4:50:c2:90:07:41:95:4c:0c:ff:e4:40:e2:df:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Mar  4 13:34:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=604d2e1abd2766debf0bd9862d50b5ad8a5ec572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:65:c0:ba:11:41:e7:6b:65:e7:7c:f9:c2:68:
                    ce:d8:31:82:2d:4e:c9:dd:38:11:51:9f:bb:49:24:
                    44:53:89:cd:61:b1:34:f5:2c:6b:2a:eb:3b:96:61:
                    1d:34:87:62:b6:28:b8:62:8f:0b:57:2b:77:f1:ab:
                    91:f9:b9:b2:86:50:dc:fc:cd:35:ce:50:7c:2d:1a:
                    77:c2:6f:44:00:be:9d:f1:90:35:ee:8d:71:f0:1e:
                    32:e2:b9:99:4f:87:78:d3:58:49:4e:b3:30:80:eb:
                    f2:b1:27:82:61:97:4f:06:a0:2a:a9:ed:b4:91:ff:
                    e9:1a:9e:92:d2:3f:fb:c9:d1:38:49:58:39:e6:7f:
                    23:c0:3b:27:ed:29:a2:8f:b8:16:1e:94:13:c7:45:
                    b9:f3:6f:e1:5e:a3:af:73:0b:6f:bc:67:64:15:59:
                    0d:41:0f:72:5e:4e:b6:18:20:47:e2:44:1e:dc:86:
                    25:68:40:be:28:86:c0:ff:9b:14:51:d9:5c:ff:fe:
                    47:75:44:ed:8c:f3:81:c1:6e:4d:ce:31:29:02:4d:
                    45:7b:ed:94:ad:b8:c2:80:f6:0e:e9:e4:39:be:69:
                    a4:50:e7:47:82:a7:bf:b6:b9:81:87:95:ec:65:2f:
                    a2:0a:28:d6:f9:a0:52:85:7f:2a:15:87:37:50:a0:
                    48:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:4D:2E:1A:BD:27:66:DE:BF:0B:D9:86:2D:50:B5:AD:8A:5E:C5:72
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YE0uGr0nZt6_C9mGLVC1rYpexXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:d4:2b:f9:59:36:db:96:a2:66:bc:e1:51:9e:f1:4c:4b:68:
         c2:3b:01:4f:0d:8c:94:91:26:5a:b1:63:63:24:4a:d1:d4:fd:
         eb:38:f6:74:6d:ea:6d:86:20:c1:3f:32:61:52:92:97:4c:94:
         f3:6b:2d:80:55:90:8b:3d:d4:85:24:84:f4:75:5a:58:b9:8a:
         d0:15:2e:56:6a:0b:2a:97:4f:93:2f:85:3c:3d:16:d7:95:99:
         b4:f6:4b:d2:cc:91:ef:a1:4c:1f:91:06:e4:b8:ab:65:5e:d8:
         0b:b8:4d:ea:bc:0b:ba:d5:a8:33:e2:28:69:86:f8:7c:67:1c:
         1f:25:69:49:59:44:1c:71:90:c8:74:a9:4c:de:a2:1d:44:1a:
         c9:88:3c:bb:11:01:28:d6:b2:a6:ce:eb:e9:87:62:d2:d0:c8:
         b3:33:d2:d0:01:eb:06:e8:96:c6:62:06:f1:07:61:ee:9b:ad:
         c2:6e:0d:50:7b:44:aa:15:92:2b:56:92:85:21:ea:b5:4b:db:
         48:f6:36:23:12:e3:40:3e:93:ba:a1:38:c7:97:83:ca:a4:af:
         b7:70:93:f5:2f:8b:b4:f2:72:a0:3a:68:61:0a:d8:0e:5f:20:
         c8:b8:74:a4:bd:28:80:ef:79:7d:7c:a7:ac:5d:47:49:0b:8d:
         57:34:f4:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYas1FDCkAdBlUwM/+RA4t+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMzA0MTMzNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRkMmUxYWJkMjc2NmRlYmYwYmQ5ODYyZDUwYjVhZDhhNWVjNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2XAuhFB52tl53z5wmjO2DGCLU7J
3TgRUZ+7SSREU4nNYbE09SxrKus7lmEdNIditii4Yo8LVyt38auR+bmyhlDc/M01
zlB8LRp3wm9EAL6d8ZA17o1x8B4y4rmZT4d401hJTrMwgOvysSeCYZdPBqAqqe20
kf/pGp6S0j/7ydE4SVg55n8jwDsn7Smij7gWHpQTx0W582/hXqOvcwtvvGdkFVkN
QQ9yXk62GCBH4kQe3IYlaEC+KIbA/5sUUdlc//5HdUTtjPOBwW5NzjEpAk1Fe+2U
rbjCgPYO6eQ5vmmkUOdHgqe/trmBh5XsZS+iCijW+aBShX8qFYc3UKBI7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBNLhq9J2bevwvZhi1Qta2KXsVyMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWUUwdUdyMG5adDZfQzltR0xWQzFyWXBleFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBrMA0G
CSqGSIb3DQEBCwUAA4IBAQAw1Cv5WTbblqJmvOFRnvFMS2jCOwFPDYyUkSZasWNj
JErR1P3rOPZ0bepthiDBPzJhUpKXTJTzay2AVZCLPdSFJIT0dVpYuYrQFS5Wagsq
l0+TL4U8PRbXlZm09kvSzJHvoUwfkQbkuKtlXtgLuE3qvAu61agz4ihphvh8Zxwf
JWlJWUQccZDIdKlM3qIdRBrJiDy7EQEo1rKmzuvph2LS0MizM9LQAesG6JbGYgbx
B2Hum63Cbg1Qe0SqFZIrVpKFIeq1S9tI9jYjEuNAPpO6oTjHl4PKpK+3cJP1L4u0
8nKgOmhhCtgOXyDIuHSkvSiA73l9fKesXUdJC41XNPR5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org