Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/YA4SuJyXWqZjB6IvGTBQ6I4WLeI.roa
File:                     YA4SuJyXWqZjB6IvGTBQ6I4WLeI.roa (raw, json)
Hash identifier:          neCk/jSpqxdddjKXW/ixSmjMMBTeuXYJTgi7QTGrUEE=
Subject key identifier:   60:0E:12:B8:9C:97:5A:A6:63:07:A2:2F:19:30:50:E8:8E:16:2D:E2
Certificate issuer:       /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial:       018A98290AF22C5AEAB80AC952509674AC59
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/YA4SuJyXWqZjB6IvGTBQ6I4WLeI.roa
Signing time:             Fri 15 Sep 2023 09:25:41 +0000
ROA not before:           Fri 15 Sep 2023 09:25:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57318
IP address blocks:        80.233.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:98:29:0a:f2:2c:5a:ea:b8:0a:c9:52:50:96:74:ac:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
        Validity
            Not Before: Sep 15 09:25:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=600e12b89c975aa66307a22f193050e88e162de2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0b:6a:33:20:75:66:6f:7a:34:84:5f:78:f5:
                    5d:85:c3:d2:f8:e6:b6:11:bf:6c:ad:49:7e:68:49:
                    6f:94:6d:b5:c5:2d:69:91:f6:4f:01:39:d3:b1:c7:
                    68:e3:40:b7:3a:7d:1f:37:0b:84:bb:19:3b:fc:3d:
                    33:26:be:5b:2d:3e:fd:4e:5f:2b:35:3d:6c:f9:81:
                    ef:c7:2c:d2:5d:2b:7b:fc:9e:6d:45:11:00:5d:fa:
                    5b:1e:95:ad:25:7c:56:87:26:15:96:df:12:70:d2:
                    eb:5c:5f:b2:5d:39:5c:e2:d4:49:c0:2c:49:4b:ce:
                    db:17:0a:a7:c4:50:80:d4:27:52:fa:55:a8:d6:9d:
                    77:9a:d4:c7:10:45:d5:e8:ea:cf:10:d3:f3:24:a0:
                    74:0d:2c:1e:ae:65:87:8e:fe:ce:11:e1:f0:69:0d:
                    0e:7d:1e:94:b5:54:17:cb:e4:f0:e6:53:a4:c2:88:
                    ab:6d:7d:b3:a1:9a:40:82:23:26:34:64:8f:1c:89:
                    2e:9b:a5:0c:25:ef:c3:f6:1d:de:aa:ef:2d:8a:71:
                    7c:89:e1:1d:82:3a:64:cc:79:08:1f:7d:d8:b0:b8:
                    c0:df:70:65:fd:f6:82:cd:f7:96:55:87:97:70:d7:
                    0f:f1:51:eb:df:ea:a5:26:b7:dd:87:3c:e6:e2:53:
                    31:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:0E:12:B8:9C:97:5A:A6:63:07:A2:2F:19:30:50:E8:8E:16:2D:E2
            X509v3 Authority Key Identifier:
                keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/YA4SuJyXWqZjB6IvGTBQ6I4WLeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.233.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:05:83:44:a3:dc:ba:d9:46:13:43:d7:2b:e9:c9:82:38:88:
         f1:d8:40:eb:ea:fc:0c:1d:17:3e:f8:68:57:d3:92:1f:56:b4:
         6b:3b:f7:c7:54:b2:a6:9c:5f:d8:31:04:b4:10:97:e9:a1:0f:
         79:89:71:7b:25:66:e5:82:02:76:a4:fe:f1:5f:6d:1f:81:51:
         85:5c:39:39:39:a0:b9:a1:e7:2e:2d:ce:61:b2:80:2e:21:cf:
         10:52:99:e6:b7:e3:93:b8:81:b3:1a:a4:36:bc:2b:fb:c9:9d:
         75:2d:79:d4:61:08:ed:6e:b2:6c:95:de:f0:19:5e:6f:79:81:
         81:12:0b:fa:d5:03:5b:52:8f:22:6b:30:c7:8e:bc:55:b1:a0:
         27:de:82:eb:53:83:a2:7e:7b:00:bc:2b:2a:3f:79:6a:87:0e:
         25:17:a8:a3:b7:5a:a9:02:69:bc:77:86:90:16:b6:15:3c:41:
         c3:2e:b1:d1:ff:d4:04:32:13:d3:ad:bc:fa:70:a0:f4:83:07:
         30:2c:b0:09:85:3e:b2:4c:45:31:12:8f:07:b8:c2:4c:7e:b1:
         7b:5c:84:61:87:00:1a:79:97:58:46:31:3d:25:a6:50:2c:0e:
         9b:7a:6c:89:00:0d:c3:f7:7f:4a:ef:51:d2:04:de:8b:66:ec:
         a8:ce:f1:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqYKQryLFrquArJUlCWdKxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwOTE1MDkyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBlMTJiODljOTc1YWE2NjMwN2EyMmYxOTMwNTBlODhlMTYyZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wtqMyB1Zm96NIRfePVdhcPS+Oa2
Eb9srUl+aElvlG21xS1pkfZPATnTscdo40C3On0fNwuEuxk7/D0zJr5bLT79Tl8r
NT1s+YHvxyzSXSt7/J5tRREAXfpbHpWtJXxWhyYVlt8ScNLrXF+yXTlc4tRJwCxJ
S87bFwqnxFCA1CdS+lWo1p13mtTHEEXV6OrPENPzJKB0DSwermWHjv7OEeHwaQ0O
fR6UtVQXy+Tw5lOkwoirbX2zoZpAgiMmNGSPHIkum6UMJe/D9h3equ8tinF8ieEd
gjpkzHkIH33YsLjA33Bl/faCzfeWVYeXcNcP8VHr3+qlJrfdhzzm4lMxPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAOEricl1qmYweiLxkwUOiOFi3iMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvWUE0U3VKeVhXcVpqQjZJdkdUQlE2STRXTGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUOmCMA0G
CSqGSIb3DQEBCwUAA4IBAQB2BYNEo9y62UYTQ9cr6cmCOIjx2EDr6vwMHRc++GhX
05IfVrRrO/fHVLKmnF/YMQS0EJfpoQ95iXF7JWblggJ2pP7xX20fgVGFXDk5OaC5
oecuLc5hsoAuIc8QUpnmt+OTuIGzGqQ2vCv7yZ11LXnUYQjtbrJsld7wGV5veYGB
Egv61QNbUo8iazDHjrxVsaAn3oLrU4OifnsAvCsqP3lqhw4lF6ijt1qpAmm8d4aQ
FrYVPEHDLrHR/9QEMhPTrbz6cKD0gwcwLLAJhT6yTEUxEo8HuMJMfrF7XIRhhwAa
eZdYRjE9JaZQLA6bemyJAA3D939K71HSBN6LZuyozvFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org