Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ykgiIzgt15ai7EA4YxXCmtGfTEs.roa
File:                     ykgiIzgt15ai7EA4YxXCmtGfTEs.roa (raw, json)
Hash identifier:          UnkfxiDu8fk/oK1arUJso6HH4gyyPnejB6/sGx4qep4=
Subject key identifier:   CA:48:22:23:38:2D:D7:96:A2:EC:40:38:63:15:C2:9A:D1:9F:4C:4B
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189CA524E9E0E520F487C835B48BE87A576
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ykgiIzgt15ai7EA4YxXCmtGfTEs.roa
Signing time:             Sun 06 Aug 2023 10:08:58 +0000
ROA not before:           Sun 06 Aug 2023 10:08:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        5.180.233.0/24 maxlen: 24
                          5.180.49.0/24 maxlen: 24
                          5.180.82.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 06 Aug 2023 19:07:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ca:52:4e:9e:0e:52:0f:48:7c:83:5b:48:be:87:a5:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug  6 10:08:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca482223382dd796a2ec40386315c29ad19f4c4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:2e:97:2d:91:20:e9:bb:bb:f5:e7:94:a3:d0:
                    b8:e1:98:a2:0e:00:00:2e:92:31:60:45:83:8a:3d:
                    ef:f2:75:1b:af:66:40:77:4c:20:26:b0:ed:29:db:
                    8b:ce:10:ce:b2:82:9e:3b:b1:01:f8:87:41:48:05:
                    2f:fd:f5:a9:bd:6b:20:17:35:de:e0:c9:ff:77:2d:
                    f6:a5:58:9c:aa:ee:6a:91:cf:6a:0f:3b:3c:06:23:
                    a8:b9:b4:c8:98:52:eb:06:f6:97:5b:71:85:22:ab:
                    8e:c9:4c:f2:38:cc:37:fe:13:4a:45:d6:ea:1c:af:
                    a3:f0:ae:79:db:1f:b4:88:73:7b:ce:a2:34:ca:8d:
                    67:7a:b5:0e:5b:dd:dd:0a:cb:3e:79:b1:3a:c8:df:
                    23:da:2b:c3:27:09:22:cd:d9:0c:73:f3:9f:18:50:
                    bc:40:f9:1d:22:ed:79:6e:a8:35:8a:0b:63:46:25:
                    56:45:ac:2f:82:ad:bf:23:0c:91:a6:55:49:ae:79:
                    65:d1:21:15:fa:e8:17:d3:1e:da:e9:20:7e:aa:be:
                    f9:0d:e4:66:37:7c:7f:2c:49:4b:cf:94:46:12:97:
                    e6:f6:bc:64:4a:83:c8:ac:5d:64:e0:3b:81:00:3b:
                    7a:84:42:d4:22:c0:95:36:9b:06:c4:8f:e3:02:c8:
                    0a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:48:22:23:38:2D:D7:96:A2:EC:40:38:63:15:C2:9A:D1:9F:4C:4B
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ykgiIzgt15ai7EA4YxXCmtGfTEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.49.0/24
                  5.180.82.0/24
                  5.180.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:ef:37:7a:05:23:8d:c9:24:f1:97:a6:0d:6e:7f:f7:2e:70:
         ee:53:08:a6:98:2b:43:14:34:d5:c0:fa:bf:8b:bb:1f:ed:67:
         80:f8:e9:59:55:e3:d9:ac:15:54:88:6a:0f:68:5d:e4:af:cc:
         70:70:2a:79:a5:88:00:1f:db:56:9a:8b:81:41:57:62:73:13:
         5f:0c:9b:3d:38:21:82:84:21:58:62:0a:5e:8f:78:a2:d8:81:
         43:f9:d9:3e:05:e0:74:f4:af:5e:b9:c1:55:69:9c:7c:4d:8f:
         d9:2a:41:47:ae:51:ae:0d:99:e3:26:e2:62:11:ca:64:85:ab:
         75:e9:6f:71:3a:e7:fa:e0:d8:fb:de:69:4b:1a:65:64:81:5b:
         2a:21:2a:30:42:ad:ef:83:2a:af:55:53:b1:c5:b9:b3:ea:e8:
         88:ca:44:65:66:8d:84:5d:59:41:97:dc:67:c0:52:87:74:1d:
         91:c7:b3:85:c2:ec:3f:3a:24:ea:54:9e:56:6d:e6:c6:5b:28:
         92:46:56:ee:a9:f9:4c:56:64:b8:a5:7f:6b:e8:86:d2:8c:75:
         cf:a4:bd:c6:b7:f1:d7:52:b1:a1:c5:03:2b:29:c1:ea:a0:90:
         b4:cd:89:4d:f3:42:d4:92:a3:14:92:1e:8c:9b:1f:d1:d7:32:
         69:28:1e:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnKUk6eDlIPSHyDW0i+h6V2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODA2MTAwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ4MjIyMzM4MmRkNzk2YTJlYzQwMzg2MzE1YzI5YWQxOWY0YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC6XLZEg6bu79eeUo9C44ZiiDgAA
LpIxYEWDij3v8nUbr2ZAd0wgJrDtKduLzhDOsoKeO7EB+IdBSAUv/fWpvWsgFzXe
4Mn/dy32pVicqu5qkc9qDzs8BiOoubTImFLrBvaXW3GFIquOyUzyOMw3/hNKRdbq
HK+j8K552x+0iHN7zqI0yo1nerUOW93dCss+ebE6yN8j2ivDJwkizdkMc/OfGFC8
QPkdIu15bqg1igtjRiVWRawvgq2/IwyRplVJrnll0SEV+ugX0x7a6SB+qr75DeRm
N3x/LElLz5RGEpfm9rxkSoPIrF1k4DuBADt6hELUIsCVNpsGxI/jAsgKtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMpIIiM4LdeWouxAOGMVwprRn0xLMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveWtnaUl6Z3QxNWFpN0VBNFl4WENtdEdmVEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbQxAwQA
BbRSAwQABbTpMA0GCSqGSIb3DQEBCwUAA4IBAQC47zd6BSONySTxl6YNbn/3LnDu
UwimmCtDFDTVwPq/i7sf7WeA+OlZVePZrBVUiGoPaF3kr8xwcCp5pYgAH9tWmouB
QVdicxNfDJs9OCGChCFYYgpej3ii2IFD+dk+BeB09K9eucFVaZx8TY/ZKkFHrlGu
DZnjJuJiEcpkhat16W9xOuf64Nj73mlLGmVkgVsqISowQq3vgyqvVVOxxbmz6uiI
ykRlZo2EXVlBl9xnwFKHdB2Rx7OFwuw/OiTqVJ5WbebGWyiSRlbuqflMVmS4pX9r
6IbSjHXPpL3Gt/HXUrGhxQMrKcHqoJC0zYlN80LUkqMUkh6Mmx/R1zJpKB7Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:21 2024 by rpki-client on console-ams.rpki-client.org