Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/ymE97xnI5K8j0b9aD7uvQyqgz2o.roa
File:                     ymE97xnI5K8j0b9aD7uvQyqgz2o.roa (raw, json)
Hash identifier:          wqRRDiAtZjRA0ppRNI8Lb/v/54dDKQNgwHlwu6Y+Fxw=
Subject key identifier:   CA:61:3D:EF:19:C8:E4:AF:23:D1:BF:5A:0F:BB:AF:43:2A:A0:CF:6A
Certificate issuer:       /CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
Certificate serial:       018D658ADE709DAC3445DD8917696E7592A9
Authority key identifier: C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/ymE97xnI5K8j0b9aD7uvQyqgz2o.roa
Signing time:             Thu 01 Feb 2024 16:40:16 +0000
ROA not before:           Thu 01 Feb 2024 16:40:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        194.33.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 16:12:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:65:8a:de:70:9d:ac:34:45:dd:89:17:69:6e:75:92:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
        Validity
            Not Before: Feb  1 16:40:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ca613def19c8e4af23d1bf5a0fbbaf432aa0cf6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:74:4c:55:0c:3c:da:f6:a7:02:77:e4:40:a0:
                    64:e6:90:d3:af:a0:d8:9e:fe:d9:96:7f:f7:e0:5c:
                    b9:ee:62:b3:87:cb:6b:bd:06:78:85:af:ff:c4:aa:
                    2f:78:b6:58:d4:ad:02:d9:af:aa:a5:aa:ee:b8:e4:
                    97:1b:5d:83:6e:17:32:21:d4:1b:93:70:1d:d4:02:
                    46:bd:6a:d4:c0:3f:b7:41:cb:2e:63:be:8b:b2:49:
                    c5:42:24:d0:69:f2:43:b3:a9:d7:0c:37:30:df:ef:
                    fa:25:95:93:b2:5e:b2:f6:b2:3c:cb:25:d3:40:14:
                    ba:85:4d:11:a7:bc:86:20:36:9f:66:8d:e3:a1:7b:
                    88:2e:66:ed:c1:b4:17:7b:ae:9d:ad:3c:c6:55:b6:
                    78:56:61:cd:36:ff:cf:33:c8:4c:25:a1:3a:dd:a3:
                    d2:2a:8b:07:db:8c:10:c7:b0:4d:b8:37:67:ad:27:
                    0b:37:6a:d8:cc:4e:2b:00:8a:46:28:dc:05:fc:91:
                    d4:be:57:22:90:3d:8b:97:74:a7:ee:9a:96:c5:b6:
                    5f:75:32:63:e8:4d:c0:4e:74:4b:00:24:4f:b6:65:
                    b9:9e:ea:dd:7f:04:0d:66:c4:e9:82:21:7f:55:0d:
                    31:ab:cd:d9:f2:b9:e4:e9:62:b6:60:3a:46:32:22:
                    00:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:61:3D:EF:19:C8:E4:AF:23:D1:BF:5A:0F:BB:AF:43:2A:A0:CF:6A
            X509v3 Authority Key Identifier:
                keyid:C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/ymE97xnI5K8j0b9aD7uvQyqgz2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.33.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:ee:f5:cf:59:17:58:a7:ba:9f:3b:cf:41:3b:b5:25:49:4d:
         51:9f:24:49:05:7d:97:2f:3a:51:aa:04:39:8b:90:ac:68:0c:
         82:c6:24:5b:a6:6f:c0:7d:3b:72:40:ca:5e:59:75:1a:aa:2e:
         87:44:bc:4d:b7:6c:b6:4c:f0:d1:85:5a:04:d5:a9:3c:3b:59:
         50:3a:57:09:29:44:5c:aa:83:77:6c:a8:de:ce:e8:52:d0:fe:
         6a:46:1f:63:0d:eb:a4:ca:8e:c2:b1:2c:06:e8:33:62:10:d4:
         e7:00:e5:21:66:83:cf:47:46:aa:c3:cd:27:31:3e:97:6d:ff:
         50:9a:d4:4d:a3:e0:12:5b:d1:6d:a9:35:33:2a:f2:5c:f4:ed:
         00:79:2a:d8:96:e9:b0:8c:c6:d4:90:29:0c:4a:82:cc:0a:a8:
         ef:5c:2a:3c:95:8e:44:9d:ea:d4:fa:2f:c4:34:b0:65:04:54:
         23:36:36:e8:fd:7d:6a:7e:55:2f:50:a7:53:47:04:05:1b:01:
         6a:ef:bf:8f:57:3b:89:ad:7d:f7:93:24:0f:77:da:76:e5:97:
         7b:e5:6a:6a:b3:65:ba:b9:ec:2e:b9:a7:0b:18:ff:d5:cc:c1:
         35:b0:c0:d5:24:2d:86:58:97:e8:26:31:94:fb:b3:96:0a:23:
         16:f0:0f:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1lit5wnaw0Rd2JF2ludZKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYmE1MGZjYTMzYjE4MGQ2ODQzNmU3ZWYwY2JmNjkwNGJh
ZjQ1ZDQwHhcNMjQwMjAxMTY0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYxM2RlZjE5YzhlNGFmMjNkMWJmNWEwZmJiYWY0MzJhYTBjZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnRMVQw82vanAnfkQKBk5pDTr6DY
nv7Zln/34Fy57mKzh8trvQZ4ha//xKoveLZY1K0C2a+qparuuOSXG12DbhcyIdQb
k3Ad1AJGvWrUwD+3QcsuY76LsknFQiTQafJDs6nXDDcw3+/6JZWTsl6y9rI8yyXT
QBS6hU0Rp7yGIDafZo3joXuILmbtwbQXe66drTzGVbZ4VmHNNv/PM8hMJaE63aPS
KosH24wQx7BNuDdnrScLN2rYzE4rAIpGKNwF/JHUvlcikD2Ll3Sn7pqWxbZfdTJj
6E3ATnRLACRPtmW5nurdfwQNZsTpgiF/VQ0xq83Z8rnk6WK2YDpGMiIAlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMphPe8ZyOSvI9G/Wg+7r0MqoM9qMB8GA1UdIwQY
MBaAFMC6UPyjOxgNaENufvDL9pBLr0XUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgt
ZDFmYmU1YTkxZDcwLzEveW1FOTd4bkk1SzhqMGI5YUQ3dXZReXFnejJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgtZDFmYmU1YTkxZDcw
LzEvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEcMA0G
CSqGSIb3DQEBCwUAA4IBAQAH7vXPWRdYp7qfO89BO7UlSU1RnyRJBX2XLzpRqgQ5
i5CsaAyCxiRbpm/AfTtyQMpeWXUaqi6HRLxNt2y2TPDRhVoE1ak8O1lQOlcJKURc
qoN3bKjezuhS0P5qRh9jDeukyo7CsSwG6DNiENTnAOUhZoPPR0aqw80nMT6Xbf9Q
mtRNo+ASW9FtqTUzKvJc9O0AeSrYlumwjMbUkCkMSoLMCqjvXCo8lY5EnerU+i/E
NLBlBFQjNjbo/X1qflUvUKdTRwQFGwFq77+PVzuJrX33kyQPd9p25Zd75Wpqs2W6
uewuuacLGP/VzME1sMDVJC2GWJfoJjGU+7OWCiMW8A/D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:57 2024 by rpki-client on console-fra.rpki-client.org