Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/YU88pAYfP817lOeIzzpAO9iIVdU.roa
File:                     YU88pAYfP817lOeIzzpAO9iIVdU.roa (raw, json)
Hash identifier:          Lmxf9fAcgMOz4N+paKA2RCBw+ryAlJKsdGob0mukuGs=
Subject key identifier:   61:4F:3C:A4:06:1F:3F:CD:7B:94:E7:88:CF:3A:40:3B:D8:88:55:D5
Certificate issuer:       /CN=24a30b60d23d74e8226bcd5e15dc5bf770ad307e
Certificate serial:       01856E8B4C7B57D291C5C8E67E26013D1B2F
Authority key identifier: 24:A3:0B:60:D2:3D:74:E8:22:6B:CD:5E:15:DC:5B:F7:70:AD:30:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JKMLYNI9dOgia81eFdxb93CtMH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/YU88pAYfP817lOeIzzpAO9iIVdU.roa
Signing time:             Sun 01 Jan 2023 18:15:00 +0000
ROA not before:           Sun 01 Jan 2023 18:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206549
IP address blocks:        185.181.224.0/22 maxlen: 22
                          2a0a:d480::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:4c:7b:57:d2:91:c5:c8:e6:7e:26:01:3d:1b:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24a30b60d23d74e8226bcd5e15dc5bf770ad307e
        Validity
            Not Before: Jan  1 18:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=614f3ca4061f3fcd7b94e788cf3a403bd88855d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:5f:cf:8d:b6:f9:4f:4d:fe:ae:30:95:96:81:
                    c9:bb:b9:b1:1d:08:b1:cc:58:9b:69:73:d8:98:f8:
                    0a:cc:87:2a:44:9a:eb:0b:cc:b6:16:81:0a:57:67:
                    1b:95:c6:30:9b:a9:bf:a0:23:46:31:4c:86:06:f8:
                    f7:cc:40:a5:c6:1d:a5:65:6a:05:19:29:33:4c:78:
                    88:84:72:4a:3d:34:47:20:7e:c1:ca:ef:5c:11:5c:
                    65:98:25:01:62:d8:b5:e2:54:7f:6e:30:b8:6d:4e:
                    62:21:02:be:51:8e:60:80:44:ba:17:5c:72:dd:a8:
                    55:e0:ef:80:23:6f:1e:3a:13:7b:ff:7a:e5:5e:40:
                    ff:5e:db:41:76:d6:b3:95:d9:4a:8a:f3:81:6c:41:
                    80:70:5e:33:97:be:29:1b:50:5a:f9:5e:88:8c:4d:
                    79:41:3d:5f:63:d0:ca:04:62:80:9c:3d:87:e6:e2:
                    8c:5c:56:08:91:25:2a:97:04:38:e1:36:8e:0d:d1:
                    f8:5a:5e:48:ad:36:0e:0d:c3:de:64:c8:51:95:50:
                    bc:91:05:b6:2f:8c:4e:67:5a:0c:95:c9:fe:e9:70:
                    2a:63:f2:e6:fb:bc:ee:bf:f2:f9:d9:bc:2b:f7:88:
                    a6:44:af:01:ea:93:18:34:b5:86:b2:75:ae:c3:33:
                    fe:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:4F:3C:A4:06:1F:3F:CD:7B:94:E7:88:CF:3A:40:3B:D8:88:55:D5
            X509v3 Authority Key Identifier:
                keyid:24:A3:0B:60:D2:3D:74:E8:22:6B:CD:5E:15:DC:5B:F7:70:AD:30:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKMLYNI9dOgia81eFdxb93CtMH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/YU88pAYfP817lOeIzzpAO9iIVdU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/JKMLYNI9dOgia81eFdxb93CtMH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.181.224.0/22
                IPv6:
                  2a0a:d480::/29

    Signature Algorithm: sha256WithRSAEncryption
         8d:7b:7f:83:3a:fc:dc:01:3a:c2:85:c2:7e:a4:ba:ac:ab:67:
         00:16:a5:5b:e9:cd:9d:ac:9e:3c:ed:c6:0a:00:ed:02:93:bc:
         27:61:9f:cb:99:e1:4a:fc:8b:fd:d0:30:01:7b:e6:2f:db:b4:
         50:50:4e:9b:7b:ed:ce:b0:3c:c2:bb:72:6a:95:f1:ff:4b:53:
         43:dd:7f:74:61:c8:77:27:3e:22:34:15:cd:a5:64:ea:a2:93:
         83:be:5e:03:83:43:a6:fd:72:ec:b1:e4:6c:a4:f3:aa:a1:70:
         f1:bb:8a:da:c0:42:8c:bd:37:c9:c4:7d:0b:4d:43:99:e3:fa:
         78:82:ae:9e:6b:4e:84:4e:36:93:e0:9f:1e:5a:d6:fb:94:22:
         13:7e:b1:ee:8d:82:d2:f2:60:44:73:70:05:89:0c:d8:69:29:
         f2:63:1f:13:2c:4d:ba:07:28:10:99:67:78:ba:4d:ab:2d:73:
         73:69:fc:a1:30:db:79:e0:f1:6b:3f:d8:1e:0f:cd:a3:d9:c0:
         45:81:0d:3d:a5:5f:b1:14:87:55:d4:31:72:f7:5f:15:00:cc:
         60:8e:7a:8e:e0:fa:87:97:d2:a2:ad:c0:be:0a:f9:ce:82:14:
         c7:e1:53:09:f2:a1:f6:20:d8:b0:24:dc:d9:a2:36:9b:27:f4:
         67:d1:65:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVui0x7V9KRxcjmfiYBPRsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTMwYjYwZDIzZDc0ZTgyMjZiY2Q1ZTE1ZGM1YmY3NzBh
ZDMwN2UwHhcNMjMwMTAxMTgxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRmM2NhNDA2MWYzZmNkN2I5NGU3ODhjZjNhNDAzYmQ4ODg1NWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF/Pjbb5T03+rjCVloHJu7mxHQix
zFibaXPYmPgKzIcqRJrrC8y2FoEKV2cblcYwm6m/oCNGMUyGBvj3zEClxh2lZWoF
GSkzTHiIhHJKPTRHIH7Byu9cEVxlmCUBYti14lR/bjC4bU5iIQK+UY5ggES6F1xy
3ahV4O+AI28eOhN7/3rlXkD/XttBdtazldlKivOBbEGAcF4zl74pG1Ba+V6IjE15
QT1fY9DKBGKAnD2H5uKMXFYIkSUqlwQ44TaODdH4Wl5IrTYODcPeZMhRlVC8kQW2
L4xOZ1oMlcn+6XAqY/Lm+7zuv/L52bwr94imRK8B6pMYNLWGsnWuwzP+FQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGFPPKQGHz/Ne5TniM86QDvYiFXVMB8GA1UdIwQY
MBaAFCSjC2DSPXToImvNXhXcW/dwrTB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktNTFlOSTlkT2dpYTgxZUZkeGI5M0N0TUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82YTNkM2UtMjVmZC00MmZmLWE1ZmIt
OGIzYmY4YmY5OGViLzEvWVU4OHBBWWZQODE3bE9lSXp6cEFPOWlJVmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82YTNkM2UtMjVmZC00MmZmLWE1ZmItOGIzYmY4YmY5OGVi
LzEvSktNTFlOSTlkT2dpYTgxZUZkeGI5M0N0TUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubXgMA0E
AgACMAcDBQMqCtSAMA0GCSqGSIb3DQEBCwUAA4IBAQCNe3+DOvzcATrChcJ+pLqs
q2cAFqVb6c2drJ487cYKAO0Ck7wnYZ/LmeFK/Iv90DABe+Yv27RQUE6be+3OsDzC
u3JqlfH/S1ND3X90Ych3Jz4iNBXNpWTqopODvl4Dg0Om/XLsseRspPOqoXDxu4ra
wEKMvTfJxH0LTUOZ4/p4gq6ea06ETjaT4J8eWtb7lCITfrHujYLS8mBEc3AFiQzY
aSnyYx8TLE26BygQmWd4uk2rLXNzafyhMNt54PFrP9geD82j2cBFgQ09pV+xFIdV
1DFy918VAMxgjnqO4PqHl9KircC+CvnOghTH4VMJ8qH2INiwJNzZojabJ/Rn0WUk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:57 2024 by rpki-client on console-fra.rpki-client.org