Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/LYU7JRD2NNPzfeQ8c07EyF3sVXs.roa
File:                     LYU7JRD2NNPzfeQ8c07EyF3sVXs.roa (raw, json)
Hash identifier:          CDNelv7mzqyvEQ4nZOSuQT8a/JjC3/0GAwSc6RZHp4k=
Subject key identifier:   2D:85:3B:25:10:F6:34:D3:F3:7D:E4:3C:73:4E:C4:C8:5D:EC:55:7B
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       018570F0AB5BB08C15D5E30CB2E9FA94A945
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/LYU7JRD2NNPzfeQ8c07EyF3sVXs.roa
Signing time:             Mon 02 Jan 2023 05:24:58 +0000
ROA not before:           Mon 02 Jan 2023 05:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17941
IP address blocks:        217.147.12.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:f0:ab:5b:b0:8c:15:d5:e3:0c:b2:e9:fa:94:a9:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Jan  2 05:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d853b2510f634d3f37de43c734ec4c85dec557b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:77:d1:15:25:fa:20:88:92:c6:69:f0:4b:c9:
                    92:3a:9e:60:a3:73:28:aa:26:1d:b2:81:fa:43:48:
                    cc:53:d7:02:21:58:1e:5a:f0:47:51:c7:8a:35:a2:
                    01:aa:71:c7:7c:62:bb:2e:3b:1a:19:b8:c3:07:4a:
                    5f:cf:6e:35:31:64:c4:e4:e8:a5:73:f4:96:c0:de:
                    b5:52:94:19:bf:bc:20:b4:00:f1:90:49:26:c2:a6:
                    b1:0c:7b:ae:ff:fa:4c:05:af:64:c4:1c:d2:5d:32:
                    99:60:1b:eb:12:8e:2c:75:d1:f6:5f:81:a8:21:e1:
                    f7:e5:d8:b7:4d:11:cc:25:d3:6e:bd:82:65:fc:3d:
                    9d:b0:6e:cc:fd:40:49:d4:e3:fd:8b:cb:5c:61:58:
                    8d:2d:88:ca:c8:76:37:72:2d:b1:97:46:ed:12:4d:
                    c7:96:c3:dd:da:c3:bf:c8:9c:42:45:dc:af:6b:41:
                    e4:f2:c4:b5:7c:dc:d7:ce:ee:54:42:13:48:72:9d:
                    83:2c:2d:fe:32:73:12:71:ac:3a:b4:a2:31:d8:55:
                    52:f3:24:9d:43:f5:93:12:0d:46:a4:f0:b8:f5:55:
                    79:08:c6:3e:42:3f:d2:6f:69:76:f8:3b:64:4e:7c:
                    57:2b:e7:6f:7a:46:0e:04:48:ca:fd:bc:20:0d:a9:
                    dd:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:85:3B:25:10:F6:34:D3:F3:7D:E4:3C:73:4E:C4:C8:5D:EC:55:7B
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/LYU7JRD2NNPzfeQ8c07EyF3sVXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.147.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:e9:f2:35:25:4e:8d:93:5d:84:b7:08:dd:2c:a8:df:ed:76:
         5a:ae:53:38:6d:86:de:ae:a1:35:26:bc:59:d6:1a:e9:10:9d:
         f8:03:a9:a1:f2:5b:3a:35:a3:a6:69:dc:43:6d:ce:38:ac:7e:
         fc:d1:93:50:02:22:3a:f6:47:18:fb:b0:69:fd:fd:9a:e9:11:
         ec:64:d3:72:ed:9b:29:4b:da:9a:e7:b3:da:34:89:3e:0f:8a:
         80:3f:8d:9c:d2:cf:e8:83:f9:cf:1d:d3:db:20:b5:49:9f:3a:
         2f:e8:f1:7f:75:00:39:89:30:a9:5d:1b:1e:1b:a0:f2:c1:95:
         2b:14:6b:b0:bb:0e:62:60:5c:04:ba:f1:47:5f:b5:6e:41:e3:
         78:b0:1c:c0:a2:04:69:13:0b:fa:a3:14:41:db:30:fa:87:3d:
         89:79:2d:64:a4:08:81:19:2c:7c:4a:8c:a7:c8:a6:c7:dc:b1:
         27:2c:1b:44:98:57:96:32:b1:2c:97:39:72:d7:de:b4:a5:90:
         50:c0:9a:37:4e:31:b9:39:c4:5b:b1:33:2c:7b:a5:a2:49:bb:
         8e:3b:6d:17:cd:1f:b9:2b:a7:15:c8:42:42:47:be:c2:35:91:
         df:f2:9e:27:fd:3c:01:63:7c:d4:a3:d2:4a:0e:60:35:00:65:
         50:1c:84:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KtbsIwV1eMMsun6lKlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMwMTAyMDUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDg1M2IyNTEwZjYzNGQzZjM3ZGU0M2M3MzRlYzRjODVkZWM1NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3fRFSX6IIiSxmnwS8mSOp5go3Mo
qiYdsoH6Q0jMU9cCIVgeWvBHUceKNaIBqnHHfGK7LjsaGbjDB0pfz241MWTE5Oil
c/SWwN61UpQZv7wgtADxkEkmwqaxDHuu//pMBa9kxBzSXTKZYBvrEo4sddH2X4Go
IeH35di3TRHMJdNuvYJl/D2dsG7M/UBJ1OP9i8tcYViNLYjKyHY3ci2xl0btEk3H
lsPd2sO/yJxCRdyva0Hk8sS1fNzXzu5UQhNIcp2DLC3+MnMScaw6tKIx2FVS8ySd
Q/WTEg1GpPC49VV5CMY+Qj/Sb2l2+DtkTnxXK+dvekYOBEjK/bwgDandowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2FOyUQ9jTT833kPHNOxMhd7FV7MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvTFlVN0pSRDJOTlB6ZmVROGMwN0V5RjNzVlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZMMMA0G
CSqGSIb3DQEBCwUAA4IBAQAg6fI1JU6Nk12EtwjdLKjf7XZarlM4bYberqE1JrxZ
1hrpEJ34A6mh8ls6NaOmadxDbc44rH780ZNQAiI69kcY+7Bp/f2a6RHsZNNy7Zsp
S9qa57PaNIk+D4qAP42c0s/og/nPHdPbILVJnzov6PF/dQA5iTCpXRseG6DywZUr
FGuwuw5iYFwEuvFHX7VuQeN4sBzAogRpEwv6oxRB2zD6hz2JeS1kpAiBGSx8Soyn
yKbH3LEnLBtEmFeWMrEslzly1960pZBQwJo3TjG5OcRbsTMse6WiSbuOO20XzR+5
K6cVyEJCR77CNZHf8p4n/TwBY3zUo9JKDmA1AGVQHIQe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org