Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/yVgSnRy0_fq9i8BMBDNL7OYkEYk.roa
File:                     yVgSnRy0_fq9i8BMBDNL7OYkEYk.roa (raw, json)
Hash identifier:          G30fexJy9OiWCg4575+ZIY0Ve9Ds/zuDDfvIUUunIHk=
Subject key identifier:   C9:58:12:9D:1C:B4:FD:FA:BD:8B:C0:4C:04:33:4B:EC:E6:24:11:89
Certificate issuer:       /CN=f416539e74934d23a0572f6625dbfdb54e820873
Certificate serial:       01857039992A4964C5E51779325663CE69E4
Authority key identifier: F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/yVgSnRy0_fq9i8BMBDNL7OYkEYk.roa
Signing time:             Mon 02 Jan 2023 02:05:01 +0000
ROA not before:           Mon 02 Jan 2023 02:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56671
IP address blocks:        46.255.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:99:2a:49:64:c5:e5:17:79:32:56:63:ce:69:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f416539e74934d23a0572f6625dbfdb54e820873
        Validity
            Not Before: Jan  2 02:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c958129d1cb4fdfabd8bc04c04334bece6241189
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f2:08:e9:3d:22:51:ac:f2:ad:e4:16:c0:b6:
                    dc:4d:7a:16:bb:54:34:7c:c7:e2:e6:0a:9b:98:5a:
                    bc:90:cb:f0:19:ae:aa:b6:67:c1:38:92:c6:9d:79:
                    1c:82:f5:47:4b:95:04:81:31:0b:39:1c:41:6a:92:
                    ee:60:bb:be:24:b0:e4:a7:31:96:10:69:5b:6e:60:
                    1c:5f:9a:6f:bf:d6:a4:35:c2:4d:17:56:26:68:89:
                    de:83:8e:27:06:f0:86:e9:37:be:ad:8b:10:77:a8:
                    ed:c5:0e:3e:68:9b:cf:36:9a:46:e5:e4:21:25:5b:
                    66:f8:b4:3e:ab:91:ef:a0:27:5b:7d:d0:ce:95:2b:
                    29:7a:49:be:b9:31:08:aa:59:76:4b:14:44:a8:e8:
                    90:ec:b6:40:61:20:b7:47:e1:34:04:30:a5:14:72:
                    0d:2e:cf:26:3e:cb:d7:45:c9:eb:41:c5:c1:f5:39:
                    53:8f:df:02:bc:55:7b:2e:8d:de:63:c2:ea:96:ba:
                    9d:ae:8e:3c:b5:0f:bb:2e:98:10:b9:5d:ab:e0:33:
                    c6:76:aa:8c:4e:a5:fc:a5:18:10:ad:84:1c:8e:fe:
                    75:d7:7b:55:49:f7:22:d8:f1:c5:8c:7d:d7:75:50:
                    08:ae:7e:54:d8:5a:5d:94:6d:e4:0b:45:16:9d:1b:
                    a9:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:58:12:9D:1C:B4:FD:FA:BD:8B:C0:4C:04:33:4B:EC:E6:24:11:89
            X509v3 Authority Key Identifier:
                keyid:F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/yVgSnRy0_fq9i8BMBDNL7OYkEYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.255.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:b4:4d:0f:b5:41:26:57:fb:4c:5b:fb:0f:75:bd:24:57:0f:
         46:10:1b:13:60:1d:d3:ec:be:f2:24:f3:3e:db:5f:d7:d8:ef:
         dc:08:7b:9d:bc:a7:ac:da:ff:2f:f8:24:b8:99:9f:92:ad:ea:
         11:42:64:05:3c:f8:91:fc:63:61:25:16:60:1a:d8:12:07:18:
         10:d9:f2:6c:e5:66:90:91:e9:a7:03:a0:4f:43:dc:c0:2c:40:
         bf:1c:6f:a8:6e:ca:80:7a:c4:03:db:a4:af:c4:3e:f2:19:02:
         cf:53:97:b8:7b:8a:ad:94:4c:2b:e9:c6:34:55:61:e5:5a:51:
         2b:86:91:7c:17:94:68:22:a7:03:d0:26:e6:e3:4b:01:a5:dc:
         5c:14:92:33:37:5a:d6:0f:31:d5:71:2e:2d:59:5d:f1:cd:60:
         3d:39:ab:d7:2a:da:58:75:5f:72:85:d3:6d:6c:12:19:5a:f4:
         44:78:5f:0d:f8:e4:87:9f:81:f7:50:0c:de:8f:91:b8:7b:d9:
         70:3c:27:30:5c:e3:fe:1a:97:19:44:cc:62:67:d2:4b:56:e9:
         98:f5:47:9c:4f:4b:4d:db:42:37:08:c3:87:fe:c6:15:1f:e3:
         63:98:f0:3b:f0:98:d1:df:a3:75:ae:8d:18:fc:bc:f4:13:33:
         d3:a1:e7:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOZkqSWTF5Rd5MlZjzmnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MTY1MzllNzQ5MzRkMjNhMDU3MmY2NjI1ZGJmZGI1NGU4
MjA4NzMwHhcNMjMwMTAyMDIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTU4MTI5ZDFjYjRmZGZhYmQ4YmMwNGMwNDMzNGJlY2U2MjQxMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/II6T0iUazyreQWwLbcTXoWu1Q0
fMfi5gqbmFq8kMvwGa6qtmfBOJLGnXkcgvVHS5UEgTELORxBapLuYLu+JLDkpzGW
EGlbbmAcX5pvv9akNcJNF1YmaIneg44nBvCG6Te+rYsQd6jtxQ4+aJvPNppG5eQh
JVtm+LQ+q5HvoCdbfdDOlSspekm+uTEIqll2SxREqOiQ7LZAYSC3R+E0BDClFHIN
Ls8mPsvXRcnrQcXB9TlTj98CvFV7Lo3eY8Lqlrqdro48tQ+7LpgQuV2r4DPGdqqM
TqX8pRgQrYQcjv5113tVSfci2PHFjH3XdVAIrn5U2FpdlG3kC0UWnRupCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlYEp0ctP36vYvATAQzS+zmJBGJMB8GA1UdIwQY
MBaAFPQWU550k00joFcvZiXb/bVOgghzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODkt
ZDY3YTYxZDU0MTZkLzEveVZnU25SeTBfZnE5aThCTUJETkw3T1lrRVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODktZDY3YTYxZDU0MTZk
LzEvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALv+VMA0G
CSqGSIb3DQEBCwUAA4IBAQBvtE0PtUEmV/tMW/sPdb0kVw9GEBsTYB3T7L7yJPM+
21/X2O/cCHudvKes2v8v+CS4mZ+SreoRQmQFPPiR/GNhJRZgGtgSBxgQ2fJs5WaQ
kemnA6BPQ9zALEC/HG+obsqAesQD26SvxD7yGQLPU5e4e4qtlEwr6cY0VWHlWlEr
hpF8F5RoIqcD0Cbm40sBpdxcFJIzN1rWDzHVcS4tWV3xzWA9OavXKtpYdV9yhdNt
bBIZWvREeF8N+OSHn4H3UAzej5G4e9lwPCcwXOP+GpcZRMxiZ9JLVumY9UecT0tN
20I3CMOH/sYVH+NjmPA78JjR36N1ro0Y/Lz0EzPToefT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:49 2024 by rpki-client on console-fra.rpki-client.org