Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/YdWMpxfatkoe7f4fszqe_-0nZMQ.roa
File:                     YdWMpxfatkoe7f4fszqe_-0nZMQ.roa (raw, json)
Hash identifier:          L3yV8aQp73yYxRt3YzwJ8DrR/XQw3aaMOrPIaTp80fI=
Subject key identifier:   61:D5:8C:A7:17:DA:B6:4A:1E:ED:FE:1F:B3:3A:9E:FF:ED:27:64:C4
Certificate issuer:       /CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Certificate serial:       01859FA7E65BE5B15DC85184CC1165FE0B8F
Authority key identifier: 3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/YdWMpxfatkoe7f4fszqe_-0nZMQ.roa
Signing time:             Wed 11 Jan 2023 07:07:38 +0000
ROA not before:           Wed 11 Jan 2023 07:07:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     55195
IP address blocks:        194.0.46.0/24 maxlen: 24
                          2001:678:74::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9f:a7:e6:5b:e5:b1:5d:c8:51:84:cc:11:65:fe:0b:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
        Validity
            Not Before: Jan 11 07:07:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61d58ca717dab64a1eedfe1fb33a9effed2764c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:06:31:c8:a4:0f:50:a9:30:3d:f5:03:7f:59:
                    32:dc:e8:76:b5:df:cb:ba:04:60:7f:19:8e:6e:7e:
                    03:36:fc:c1:2e:23:f5:d9:97:4f:28:15:02:76:1a:
                    c5:57:a6:7f:5f:f8:ca:bb:48:71:b4:17:46:5d:3c:
                    9e:03:94:4d:f1:f2:ef:16:7a:27:5e:8f:bc:43:59:
                    da:c7:f1:94:6f:49:f8:8a:f2:a9:2a:6f:88:80:8e:
                    37:21:4a:e3:64:c9:63:7d:9c:b3:f4:60:b0:ae:56:
                    ab:e4:98:71:17:24:53:ee:a2:70:e7:bd:a5:be:c6:
                    fc:f5:78:d5:58:e0:e1:b5:06:b6:24:9d:bb:89:96:
                    d7:7a:7e:cf:c7:2d:2c:d6:c7:06:7d:6d:7f:0e:80:
                    c0:a9:a2:75:f7:f2:c7:71:f2:6e:86:72:57:b5:72:
                    19:b7:51:34:d8:70:ce:e5:d5:de:96:d8:0e:16:1d:
                    e8:5b:24:42:75:32:61:6d:13:73:c9:7f:0b:3c:c6:
                    70:53:86:4c:3c:f6:fe:d3:30:2e:9e:eb:09:b2:4c:
                    14:80:ee:04:b4:6f:6b:1b:9a:89:e2:d4:31:76:22:
                    54:e0:b8:9c:84:85:0f:7c:be:73:f6:67:94:9b:cd:
                    15:ce:b4:61:14:e4:36:02:25:34:32:b2:7a:44:64:
                    89:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:D5:8C:A7:17:DA:B6:4A:1E:ED:FE:1F:B3:3A:9E:FF:ED:27:64:C4
            X509v3 Authority Key Identifier:
                keyid:3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/YdWMpxfatkoe7f4fszqe_-0nZMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.46.0/24
                IPv6:
                  2001:678:74::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:aa:66:cb:d8:5e:53:8c:b6:eb:e1:94:35:18:8d:df:cc:d7:
         93:cf:d9:c4:ef:18:c2:7e:bb:a6:f6:f3:bf:6c:ea:a1:94:35:
         ad:df:e6:40:d4:1a:df:42:62:ea:85:1e:7a:df:d4:64:46:35:
         c2:55:cd:d4:f7:3c:fb:e5:93:70:0e:eb:21:a5:21:4c:43:e1:
         b3:f6:6f:89:1a:52:18:92:fd:c8:eb:ab:4f:2f:d7:74:a3:ca:
         b6:f1:4e:b1:41:d1:18:de:77:de:9c:1a:43:d8:e7:51:12:b8:
         eb:fc:39:2c:be:52:67:59:6e:35:3f:9a:f8:58:95:cd:2e:14:
         ab:e6:92:bc:e6:b6:24:a2:39:31:be:78:ea:c1:fe:2b:fb:b5:
         be:62:91:dd:bc:47:99:0a:43:f7:e3:3c:08:90:50:43:9c:ac:
         16:91:48:f3:d7:34:f7:ec:43:ca:14:d7:81:99:26:38:56:5f:
         14:a5:a2:c9:b9:53:2b:9e:b3:56:f0:c6:65:3a:62:46:ff:0d:
         4b:56:90:46:66:bb:94:21:c2:a1:60:91:1a:e7:2b:68:4e:d8:
         6a:24:8e:7a:20:20:c5:2e:f6:42:9f:13:d9:66:d2:fd:5c:0e:
         00:fd:87:47:a5:66:b8:b7:bd:6e:3a:d3:14:2c:a9:7c:a3:2e:
         46:01:c3:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWfp+Zb5bFdyFGEzBFl/guPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNjg1Y2Y4OGE3ZmM0M2ZlMWM3ZmUzNGE2ZmYzZGRiYjQx
NGYwYjUwHhcNMjMwMTExMDcwNzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ1OGNhNzE3ZGFiNjRhMWVlZGZlMWZiMzNhOWVmZmVkMjc2NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAYxyKQPUKkwPfUDf1ky3Oh2td/L
ugRgfxmObn4DNvzBLiP12ZdPKBUCdhrFV6Z/X/jKu0hxtBdGXTyeA5RN8fLvFnon
Xo+8Q1nax/GUb0n4ivKpKm+IgI43IUrjZMljfZyz9GCwrlar5JhxFyRT7qJw572l
vsb89XjVWODhtQa2JJ27iZbXen7Pxy0s1scGfW1/DoDAqaJ19/LHcfJuhnJXtXIZ
t1E02HDO5dXeltgOFh3oWyRCdTJhbRNzyX8LPMZwU4ZMPPb+0zAunusJskwUgO4E
tG9rG5qJ4tQxdiJU4LichIUPfL5z9meUm80VzrRhFOQ2AiU0MrJ6RGSJawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGHVjKcX2rZKHu3+H7M6nv/tJ2TEMB8GA1UdIwQY
MBaAFDpoXPiKf8Q/4cf+NKb/Pdu0FPC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDct
NTlkNmNhNjVjY2JjLzEvWWRXTXB4ZmF0a29lN2Y0ZnN6cWVfLTBuWk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDctNTlkNmNhNjVjY2Jj
LzEvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAuMA8E
AgACMAkDBwAgAQZ4AHQwDQYJKoZIhvcNAQELBQADggEBAByqZsvYXlOMtuvhlDUY
jd/M15PP2cTvGMJ+u6b2879s6qGUNa3f5kDUGt9CYuqFHnrf1GRGNcJVzdT3PPvl
k3AO6yGlIUxD4bP2b4kaUhiS/cjrq08v13SjyrbxTrFB0Rjed96cGkPY51ESuOv8
OSy+UmdZbjU/mvhYlc0uFKvmkrzmtiSiOTG+eOrB/iv7tb5ikd28R5kKQ/fjPAiQ
UEOcrBaRSPPXNPfsQ8oU14GZJjhWXxSlosm5Uyues1bwxmU6Ykb/DUtWkEZmu5Qh
wqFgkRrnK2hO2GokjnogIMUu9kKfE9lm0v1cDgD9h0elZri3vW460xQsqXyjLkYB
w1E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:54 2024 by rpki-client on console-ams.rpki-client.org