Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YrYKZAtQ5voltUcl3aP5mFQlqww.roa
File:                     YrYKZAtQ5voltUcl3aP5mFQlqww.roa (raw, json)
Hash identifier:          SfAn/A9kH1Vrovk9zm0OR4prYq3AMPzqxW3owo8pLxU=
Subject key identifier:   62:B6:0A:64:0B:50:E6:FA:25:B5:47:25:DD:A3:F9:98:54:25:AB:0C
Certificate issuer:       /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial:       018CC2DAC746C260112CDC230C73482E54E7
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YrYKZAtQ5voltUcl3aP5mFQlqww.roa
Signing time:             Mon 01 Jan 2024 02:29:26 +0000
ROA not before:           Mon 01 Jan 2024 02:29:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197077
IP address blocks:        45.13.202.0/23 maxlen: 23
                          217.198.192.0/20 maxlen: 24
                          91.220.70.0/24 maxlen: 24
                          2a04:a450::/31 maxlen: 31

Validation:               Failed, certificate revoked on Wed 21 Aug 2024 14:23:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:c7:46:c2:60:11:2c:dc:23:0c:73:48:2e:54:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
        Validity
            Not Before: Jan  1 02:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=62b60a640b50e6fa25b54725dda3f9985425ab0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:1e:3e:74:5a:82:44:17:ef:34:f6:96:3a:1e:
                    c5:08:74:38:ed:7b:05:a8:b3:8b:84:f3:a8:c6:d4:
                    92:08:f4:0a:4f:bf:20:c1:6e:82:d7:de:9b:9e:3d:
                    e2:66:1f:5d:c8:03:fa:79:fe:a6:43:63:c3:a8:2e:
                    2c:04:bb:4f:fd:10:8b:39:fd:15:2a:ba:da:98:bb:
                    36:5f:94:c7:c2:2e:0e:3b:8d:a0:3e:86:42:7c:29:
                    2e:b4:9b:41:a0:51:86:30:90:0b:64:8a:af:30:c2:
                    2a:f6:9d:b2:4b:d3:89:3d:c9:3c:99:18:f5:ac:1e:
                    65:49:66:d4:08:6d:64:c6:06:9d:97:14:15:e7:af:
                    a6:ff:58:b3:16:32:8d:22:62:a9:60:ff:3b:28:58:
                    9b:e3:b4:ad:c0:95:82:17:b6:e1:bd:33:47:bc:7b:
                    35:02:a3:d5:5b:43:1c:5f:d9:46:51:9b:ed:77:dc:
                    51:6e:ae:60:d3:ac:70:4d:60:25:c7:1a:38:ff:58:
                    66:e2:bb:68:25:03:32:c1:af:50:11:a8:4e:41:23:
                    80:c5:d0:8b:d5:50:b2:46:6b:d2:b0:c8:aa:1e:49:
                    37:6d:65:e5:df:d7:ba:ab:d7:eb:bc:18:75:be:38:
                    ed:78:62:56:31:c1:9a:c7:09:41:b3:a7:60:9d:2d:
                    9f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B6:0A:64:0B:50:E6:FA:25:B5:47:25:DD:A3:F9:98:54:25:AB:0C
            X509v3 Authority Key Identifier:
                keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YrYKZAtQ5voltUcl3aP5mFQlqww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.202.0/23
                  91.220.70.0/24
                  217.198.192.0/20
                IPv6:
                  2a04:a450::/31

    Signature Algorithm: sha256WithRSAEncryption
         84:85:c4:da:bc:3b:c2:cb:84:fa:aa:65:b3:8f:97:32:ec:6d:
         89:7f:d8:7d:0c:2f:cf:b7:99:1c:f8:e5:56:96:2d:c6:f9:6d:
         97:79:e1:bb:4c:9e:35:94:a7:5d:6c:b5:35:92:98:98:4b:15:
         cf:54:a6:7e:7f:95:4e:0c:77:3f:75:c4:65:77:e7:de:d2:d9:
         18:36:a4:8a:fe:18:66:50:f7:7b:5c:fd:7d:54:1f:91:9e:45:
         00:08:2a:8a:3a:fc:56:51:3f:80:52:3f:32:19:f9:9b:2d:ed:
         e0:d1:53:8a:16:c0:a3:14:3e:83:c2:c7:60:70:1e:8a:98:55:
         52:5e:bf:ef:e4:a7:18:9a:d7:a4:b0:72:f6:ca:7f:c6:6a:78:
         4b:58:54:49:6b:11:5e:16:9b:e5:54:bd:f5:4e:e9:41:77:87:
         27:b2:75:d3:36:90:af:3d:3b:4a:fd:59:79:38:e4:70:a4:e9:
         48:d1:49:e5:c9:b7:7c:af:a3:49:56:90:2e:16:c7:13:bf:2b:
         27:19:1d:67:a7:24:50:c0:0a:5d:ed:1e:35:d3:f9:80:93:f4:
         af:97:2f:02:f4:d2:60:32:f6:a4:29:b8:aa:48:20:97:81:4f:
         6e:ba:7d:91:63:ac:5e:d4:f7:f4:fc:ed:6c:c3:fb:08:3b:ad:
         f1:4c:79:96
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2sdGwmARLNwjDHNILlTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmI2MGE2NDBiNTBlNmZhMjViNTQ3MjVkZGEzZjk5ODU0MjVhYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR4+dFqCRBfvNPaWOh7FCHQ47XsF
qLOLhPOoxtSSCPQKT78gwW6C196bnj3iZh9dyAP6ef6mQ2PDqC4sBLtP/RCLOf0V
KrramLs2X5THwi4OO42gPoZCfCkutJtBoFGGMJALZIqvMMIq9p2yS9OJPck8mRj1
rB5lSWbUCG1kxgadlxQV56+m/1izFjKNImKpYP87KFib47StwJWCF7bhvTNHvHs1
AqPVW0McX9lGUZvtd9xRbq5g06xwTWAlxxo4/1hm4rtoJQMywa9QEahOQSOAxdCL
1VCyRmvSsMiqHkk3bWXl39e6q9frvBh1vjjteGJWMcGaxwlBs6dgnS2fYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGK2CmQLUOb6JbVHJd2j+ZhUJasMMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWXJZS1pBdFE1dm9sdFVjbDNhUDVtRlFscXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLQ3KAwQA
W9xGAwQE2cbAMA0EAgACMAcDBQEqBKRQMA0GCSqGSIb3DQEBCwUAA4IBAQCEhcTa
vDvCy4T6qmWzj5cy7G2Jf9h9DC/Pt5kc+OVWli3G+W2XeeG7TJ41lKddbLU1kpiY
SxXPVKZ+f5VODHc/dcRld+fe0tkYNqSK/hhmUPd7XP19VB+RnkUACCqKOvxWUT+A
Uj8yGfmbLe3g0VOKFsCjFD6DwsdgcB6KmFVSXr/v5KcYmteksHL2yn/GanhLWFRJ
axFeFpvlVL31TulBd4cnsnXTNpCvPTtK/Vl5OORwpOlI0Unlybd8r6NJVpAuFscT
vysnGR1npyRQwApd7R410/mAk/Svly8C9NJgMvakKbiqSCCXgU9uun2RY6xe1Pf0
/O1sw/sIO63xTHmW
-----END CERTIFICATE-----
Generated at Wed Aug 21 19:59:37 2024 by rpki-client on console-ams.rpki-client.org