Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YN2QdncO65XLLDwS27nGX6DAFcw.roa
File:                     YN2QdncO65XLLDwS27nGX6DAFcw.roa (raw, json)
Hash identifier:          CaFBINejRXa4Yti0FDdzZ8l6axOjlg3T5j46Z96MiPM=
Subject key identifier:   60:DD:90:76:77:0E:EB:95:CB:2C:3C:12:DB:B9:C6:5F:A0:C0:15:CC
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01878DA33F593F1CBDFDC46D332810C0F8DB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YN2QdncO65XLLDwS27nGX6DAFcw.roa
Signing time:             Mon 17 Apr 2023 05:14:58 +0000
ROA not before:           Mon 17 Apr 2023 05:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        85.209.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Apr 2023 12:06:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8d:a3:3f:59:3f:1c:bd:fd:c4:6d:33:28:10:c0:f8:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Apr 17 05:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60dd9076770eeb95cb2c3c12dbb9c65fa0c015cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:15:7c:a3:7f:b5:56:91:c8:20:b0:9e:0e:19:
                    96:21:fb:74:70:1e:f2:21:b0:12:65:3e:cb:e2:9b:
                    b1:6d:85:6d:ca:2d:80:f3:32:87:1d:30:dd:06:95:
                    c3:f7:99:7a:e2:2a:c5:e1:88:9b:80:7a:c3:f1:9f:
                    18:bc:a2:39:4a:87:5f:b0:7d:7c:c3:cd:1d:70:2b:
                    3b:34:f8:b6:c4:87:b8:24:ff:62:f0:1d:7d:8a:f2:
                    a2:bf:b3:67:c8:a3:b3:f1:09:02:a1:96:34:ba:72:
                    c2:24:4f:01:cc:9e:4d:f5:97:55:ec:1b:d5:a3:a1:
                    32:f8:6f:b7:98:c4:ae:b4:01:11:a6:74:e0:1d:66:
                    06:36:4a:23:d1:fe:68:52:87:ce:18:bf:4f:06:28:
                    aa:9f:3b:5c:46:43:75:89:a2:9a:b7:20:7b:22:15:
                    48:59:32:9e:8f:3a:bb:c6:7e:73:eb:9b:78:85:fc:
                    8f:f5:5d:b9:4d:ba:bf:26:2c:1c:9f:56:52:22:ad:
                    e3:0b:04:db:95:51:97:91:c1:b8:95:7d:63:ce:d3:
                    c9:92:16:d9:43:e9:8e:e6:e7:ac:e8:3f:f3:a3:5c:
                    ce:ac:19:c7:98:e6:5d:02:a9:dd:1e:2a:d0:82:c7:
                    fb:b2:68:8a:38:2c:97:a2:9c:25:9a:90:8e:dc:c5:
                    30:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:DD:90:76:77:0E:EB:95:CB:2C:3C:12:DB:B9:C6:5F:A0:C0:15:CC
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YN2QdncO65XLLDwS27nGX6DAFcw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:29:68:e7:a0:55:d4:ac:98:32:ef:26:d2:01:2f:ef:ac:4e:
         69:6c:28:c1:73:ab:b2:54:07:79:e5:20:9f:72:5e:f3:d1:c5:
         3f:90:e1:40:e1:cf:6b:2b:af:66:d0:cf:d0:38:d5:90:30:58:
         c6:39:51:b8:e6:04:bc:a6:06:7a:b4:28:8f:e2:f7:0b:fe:92:
         8d:f1:a1:26:c4:83:6f:32:36:51:7b:e0:43:c1:12:98:80:b8:
         c0:83:b9:52:3b:7c:3e:60:13:5b:67:21:7a:27:24:76:cc:5d:
         7b:5f:41:6c:8b:72:85:99:8e:46:86:1b:7d:ce:8f:47:5b:a2:
         d5:80:56:21:25:5e:ba:f8:eb:cf:3d:2f:47:ee:fd:22:c3:2c:
         ea:92:19:a7:7b:77:df:ca:53:20:ea:7b:7e:7d:60:6d:67:4c:
         7d:b7:fc:42:d1:7e:03:0d:64:69:ad:70:73:9a:d8:4b:8c:1d:
         2f:2b:d5:0c:f2:91:52:ca:98:9a:7b:7a:ec:0e:76:a3:6b:91:
         dd:63:7f:ac:ab:43:f6:f9:ca:3a:c0:eb:54:5f:5d:4d:cd:fa:
         27:7a:6e:5c:b4:6b:fa:a0:45:09:a7:33:e3:f3:c5:e2:bd:93:
         fd:5f:c9:63:66:a6:de:b6:1d:a8:39:d5:fd:31:ae:2b:6d:47:
         c2:8b:1d:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeNoz9ZPxy9/cRtMygQwPjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDE3MDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRkOTA3Njc3MGVlYjk1Y2IyYzNjMTJkYmI5YzY1ZmEwYzAxNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRV8o3+1VpHIILCeDhmWIft0cB7y
IbASZT7L4puxbYVtyi2A8zKHHTDdBpXD95l64irF4YibgHrD8Z8YvKI5SodfsH18
w80dcCs7NPi2xIe4JP9i8B19ivKiv7NnyKOz8QkCoZY0unLCJE8BzJ5N9ZdV7BvV
o6Ey+G+3mMSutAERpnTgHWYGNkoj0f5oUofOGL9PBiiqnztcRkN1iaKatyB7IhVI
WTKejzq7xn5z65t4hfyP9V25Tbq/Jiwcn1ZSIq3jCwTblVGXkcG4lX1jztPJkhbZ
Q+mO5ues6D/zo1zOrBnHmOZdAqndHirQgsf7smiKOCyXopwlmpCO3MUwCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDdkHZ3DuuVyyw8Etu5xl+gwBXMMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWU4yUWRuY082NVhMTER3UzI3bkdYNkRBRmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGjMA0G
CSqGSIb3DQEBCwUAA4IBAQCPKWjnoFXUrJgy7ybSAS/vrE5pbCjBc6uyVAd55SCf
cl7z0cU/kOFA4c9rK69m0M/QONWQMFjGOVG45gS8pgZ6tCiP4vcL/pKN8aEmxINv
MjZRe+BDwRKYgLjAg7lSO3w+YBNbZyF6JyR2zF17X0Fsi3KFmY5Ghht9zo9HW6LV
gFYhJV66+OvPPS9H7v0iwyzqkhmne3ffylMg6nt+fWBtZ0x9t/xC0X4DDWRprXBz
mthLjB0vK9UM8pFSypiae3rsDnaja5HdY3+sq0P2+co6wOtUX11Nzfonem5ctGv6
oEUJpzPj88XivZP9X8ljZqbeth2oOdX9Ma4rbUfCix0v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org