Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YSR9r9b_gF2UErpga6SiHkTeNtg.roa
File:                     YSR9r9b_gF2UErpga6SiHkTeNtg.roa (raw, json)
Hash identifier:          U8a9ub2VlI5xGUuJEedr09VAsZDcWUjbNbYpXSSO28E=
Subject key identifier:   61:24:7D:AF:D6:FF:80:5D:94:12:BA:60:6B:A4:A2:1E:44:DE:36:D8
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185710314E04793C89D62DE1FB8DE0A1956
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YSR9r9b_gF2UErpga6SiHkTeNtg.roa
Signing time:             Mon 02 Jan 2023 05:45:05 +0000
ROA not before:           Mon 02 Jan 2023 05:45:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202602
IP address blocks:        188.215.229.0/24 maxlen: 24
                          185.214.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:14:e0:47:93:c8:9d:62:de:1f:b8:de:0a:19:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61247dafd6ff805d9412ba606ba4a21e44de36d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7b:a9:79:30:82:24:75:5c:07:31:39:e0:50:
                    a2:ef:ed:74:06:60:b5:e6:c2:4f:08:21:9c:b9:34:
                    fd:9a:1b:99:43:d7:d9:25:af:aa:c2:d8:38:da:d1:
                    57:43:79:aa:1b:c6:60:e6:87:64:81:b5:c5:6c:6f:
                    cf:b5:64:28:d4:d5:46:36:fc:d5:d2:65:d5:31:0c:
                    43:00:1c:54:e7:da:29:39:a0:d3:00:e7:89:7a:ce:
                    36:f0:23:96:e1:92:9a:6e:ab:fc:82:ef:af:79:88:
                    31:a2:1a:57:e1:22:bf:c8:da:d8:72:c5:39:14:f6:
                    48:bc:dc:03:ab:57:7e:68:39:00:14:5e:01:79:a0:
                    08:41:cf:1b:db:88:d4:a8:25:74:09:5c:22:e3:83:
                    0d:f8:92:f7:d6:ad:ec:90:90:8b:21:81:ac:1e:86:
                    c2:f4:23:97:fb:ea:b8:37:c7:8c:b6:d8:19:66:44:
                    6d:8c:58:4f:e0:01:f5:49:8f:68:57:19:cd:9e:9a:
                    a8:e5:4f:c4:7a:6e:58:11:25:4c:db:53:f2:b5:cf:
                    1c:a7:a2:9d:15:89:39:9f:d6:18:cb:18:c0:53:19:
                    61:a4:7a:49:cc:de:b2:5a:48:c4:9a:01:15:5a:88:
                    dd:ae:c6:8f:ef:47:e7:e9:1a:73:c5:5e:71:4c:a2:
                    8b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:24:7D:AF:D6:FF:80:5D:94:12:BA:60:6B:A4:A2:1E:44:DE:36:D8
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YSR9r9b_gF2UErpga6SiHkTeNtg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.10.0/24
                  188.215.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:1c:5e:cf:24:a6:45:d3:5b:a6:e4:4d:ab:d5:f4:6d:0f:14:
         f5:9f:a6:bf:cc:a6:20:f6:23:9f:51:1f:d6:55:28:7f:7b:c2:
         57:11:3b:0f:ab:12:6c:1f:3b:c5:b7:bd:5a:b4:0a:4b:8c:9b:
         e2:af:f5:dc:08:8f:ea:e6:ab:f2:6f:80:d3:18:4c:22:82:e5:
         17:69:b3:d5:e7:cc:f5:d7:ad:1e:25:8c:c7:a6:21:35:d6:4a:
         d3:0c:83:64:ef:3b:65:e3:92:c3:6b:0e:6c:55:2f:97:8d:33:
         e2:39:d3:ac:e3:07:89:eb:07:f8:cf:cf:dc:b7:7f:1b:2e:ff:
         a3:ff:65:e8:bc:9d:bb:ba:45:1f:d6:3d:97:4e:17:49:af:b7:
         6f:e8:b4:e8:09:1a:6c:90:19:90:40:da:1d:30:e7:8b:f8:0e:
         bf:3f:92:ac:b8:d1:33:e9:4b:4f:d8:b1:6e:7b:8b:d5:c9:f7:
         45:b6:18:f2:f0:0b:ec:aa:af:f6:3f:ea:f7:46:31:9d:6f:43:
         5c:b4:8f:2e:15:b4:43:da:7c:84:79:4f:cb:9a:e9:ec:85:f7:
         96:1a:83:fe:8b:22:9e:de:a3:fe:29:56:fa:ba:5e:cd:a5:e7:
         27:e5:a5:b7:00:25:70:d6:f9:db:aa:ad:b4:f8:e2:14:8a:7f:
         1d:80:ff:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAxTgR5PInWLeH7jeChlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTI0N2RhZmQ2ZmY4MDVkOTQxMmJhNjA2YmE0YTIxZTQ0ZGUzNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHupeTCCJHVcBzE54FCi7+10BmC1
5sJPCCGcuTT9mhuZQ9fZJa+qwtg42tFXQ3mqG8Zg5odkgbXFbG/PtWQo1NVGNvzV
0mXVMQxDABxU59opOaDTAOeJes428COW4ZKabqv8gu+veYgxohpX4SK/yNrYcsU5
FPZIvNwDq1d+aDkAFF4BeaAIQc8b24jUqCV0CVwi44MN+JL31q3skJCLIYGsHobC
9COX++q4N8eMttgZZkRtjFhP4AH1SY9oVxnNnpqo5U/Eem5YESVM21Pytc8cp6Kd
FYk5n9YYyxjAUxlhpHpJzN6yWkjEmgEVWojdrsaP70fn6RpzxV5xTKKLaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEkfa/W/4BdlBK6YGukoh5E3jbYMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWVNSOXI5Yl9nRjJVRXJwZ2E2U2lIa1RlTnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudYKAwQA
vNflMA0GCSqGSIb3DQEBCwUAA4IBAQA+HF7PJKZF01um5E2r1fRtDxT1n6a/zKYg
9iOfUR/WVSh/e8JXETsPqxJsHzvFt71atApLjJvir/XcCI/q5qvyb4DTGEwiguUX
abPV58z1160eJYzHpiE11krTDINk7ztl45LDaw5sVS+XjTPiOdOs4weJ6wf4z8/c
t38bLv+j/2XovJ27ukUf1j2XThdJr7dv6LToCRpskBmQQNodMOeL+A6/P5KsuNEz
6UtP2LFue4vVyfdFthjy8Avsqq/2P+r3RjGdb0NctI8uFbRD2nyEeU/LmunshfeW
GoP+iyKe3qP+KVb6ul7Npecn5aW3ACVw1vnbqq20+OIUin8dgP+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org