Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/yIlioA2nl1ajj-8HxhomUSwNTx0.roa
File:                     yIlioA2nl1ajj-8HxhomUSwNTx0.roa (raw, json)
Hash identifier:          GZk6qZ87a7tbMiGIx+yRh3Eil1MDbFjIwdc/zA7+vDE=
Subject key identifier:   C8:89:62:A0:0D:A7:97:56:A3:8F:EF:07:C6:1A:26:51:2C:0D:4F:1D
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       01856F5DC5B14F33FAB20726432B4BC327E6
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/yIlioA2nl1ajj-8HxhomUSwNTx0.roa
Signing time:             Sun 01 Jan 2023 22:04:54 +0000
ROA not before:           Sun 01 Jan 2023 22:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212063
IP address blocks:        87.107.54.0/24 maxlen: 24
                          87.107.172.0/24 maxlen: 24
                          87.107.189.0/24 maxlen: 24
                          87.107.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 03 Jan 2023 17:48:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:c5:b1:4f:33:fa:b2:07:26:43:2b:4b:c3:27:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  1 22:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c88962a00da79756a38fef07c61a26512c0d4f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:6e:21:7f:e4:26:b5:26:2e:42:ad:be:29:08:
                    88:35:75:13:51:cd:6b:78:ea:20:f0:28:c4:e9:18:
                    3a:ee:88:ac:76:c7:bf:98:bc:ed:30:3f:e2:2a:43:
                    ec:45:6a:c8:21:f2:48:b0:80:1e:88:6b:f5:99:02:
                    52:b0:78:ba:e2:b5:16:0d:07:51:0a:3a:aa:db:e1:
                    ce:3a:cc:c9:41:16:86:bf:6d:70:d3:3b:b3:20:6f:
                    99:88:75:ca:3f:1e:4b:5c:b5:49:10:e2:41:f0:f6:
                    32:b1:ad:5a:c6:fe:fe:2c:bd:5b:73:d5:52:98:96:
                    4c:1a:8b:34:79:52:e5:14:ac:63:40:39:d4:18:ec:
                    19:17:db:72:ae:4a:a5:f8:dd:11:37:cc:a0:48:65:
                    80:82:7a:d7:de:13:e7:17:cb:c6:b1:b1:5d:87:07:
                    3b:a8:e8:1b:1e:5c:a7:93:78:79:85:fb:51:5d:b5:
                    33:32:d0:25:ef:38:3d:e9:a0:e9:40:e1:0f:7e:d0:
                    55:d2:45:ef:c3:49:19:2c:9b:fc:c2:a8:08:42:86:
                    b2:46:65:70:79:91:ae:3f:03:6e:0a:b6:23:5e:8f:
                    77:18:ed:1d:71:a3:a4:9b:b4:a8:8d:70:ca:6f:df:
                    20:6f:50:da:aa:58:ca:e2:d7:33:ee:69:c9:ce:45:
                    2c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:89:62:A0:0D:A7:97:56:A3:8F:EF:07:C6:1A:26:51:2C:0D:4F:1D
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/yIlioA2nl1ajj-8HxhomUSwNTx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.107.54.0/24
                  87.107.172.0/24
                  87.107.188.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:04:91:7d:c3:cd:89:2d:c5:4b:6f:36:9f:d4:bc:84:4f:19:
         a7:45:76:d7:5e:22:8d:6a:f7:a2:bf:57:13:f6:cb:e4:33:b2:
         ef:c3:85:a5:83:70:2b:c1:a3:2f:a4:16:b8:8a:da:d2:07:5c:
         8a:85:b7:6c:db:51:c6:d0:13:65:d6:a3:4a:07:3f:1d:a5:de:
         56:30:c8:f3:f8:27:32:49:f9:2f:b3:d6:b4:2c:b2:d6:7e:e4:
         55:3e:02:15:48:24:a0:11:3f:bc:3c:d8:4d:fc:0c:0f:5d:c7:
         23:11:9d:81:65:d9:06:86:9e:79:e9:6b:ef:b0:dd:4f:58:c1:
         a1:96:d7:9f:3a:67:5d:5f:5e:ba:14:ea:3b:16:04:6d:7a:cd:
         21:51:46:c6:da:0d:05:55:87:92:e6:5d:b8:8c:ec:c5:12:bb:
         74:23:e1:d4:e2:2b:5b:23:05:30:20:84:b2:21:c2:f2:97:c2:
         d7:bb:64:e9:86:61:5f:02:a6:c5:04:60:9f:3d:92:b4:76:d8:
         05:a1:2f:90:74:1d:90:e1:c9:68:a2:dd:69:d2:49:6a:f8:f3:
         f7:9b:8c:ab:95:d5:45:5a:72:d8:f6:68:96:59:db:43:68:80:
         a1:d8:70:c2:7c:17:7d:5d:4f:22:3f:d5:96:5f:0d:9a:e3:5e:
         d0:8b:1b:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvXcWxTzP6sgcmQytLwyfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODg5NjJhMDBkYTc5NzU2YTM4ZmVmMDdjNjFhMjY1MTJjMGQ0ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm4hf+QmtSYuQq2+KQiINXUTUc1r
eOog8CjE6Rg67oisdse/mLztMD/iKkPsRWrIIfJIsIAeiGv1mQJSsHi64rUWDQdR
Cjqq2+HOOszJQRaGv21w0zuzIG+ZiHXKPx5LXLVJEOJB8PYysa1axv7+LL1bc9VS
mJZMGos0eVLlFKxjQDnUGOwZF9tyrkql+N0RN8ygSGWAgnrX3hPnF8vGsbFdhwc7
qOgbHlynk3h5hftRXbUzMtAl7zg96aDpQOEPftBV0kXvw0kZLJv8wqgIQoayRmVw
eZGuPwNuCrYjXo93GO0dcaOkm7SojXDKb98gb1DaqljK4tcz7mnJzkUsPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMiJYqANp5dWo4/vB8YaJlEsDU8dMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEveUlsaW9BMm5sMWFqai04SHhob21VU3dOVHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV2s2AwQA
V2usAwQBV2u8MA0GCSqGSIb3DQEBCwUAA4IBAQAoBJF9w82JLcVLbzaf1LyETxmn
RXbXXiKNaveiv1cT9svkM7Lvw4Wlg3ArwaMvpBa4itrSB1yKhbds21HG0BNl1qNK
Bz8dpd5WMMjz+CcySfkvs9a0LLLWfuRVPgIVSCSgET+8PNhN/AwPXccjEZ2BZdkG
hp556WvvsN1PWMGhltefOmddX166FOo7FgRtes0hUUbG2g0FVYeS5l24jOzFErt0
I+HU4itbIwUwIISyIcLyl8LXu2TphmFfAqbFBGCfPZK0dtgFoS+QdB2Q4cloot1p
0klq+PP3m4yrldVFWnLY9miWWdtDaICh2HDCfBd9XU8iP9WWXw2a417QixvP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org