Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa
File:                     YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa (raw, json)
Hash identifier:          smQzpowpTkqI/MMnfeeJXFl0HaxkPjTffxGL/oVO2qs=
Subject key identifier:   61:DB:D1:8D:DF:1C:51:11:23:40:AD:29:13:A2:70:16:37:13:B9:44
Certificate issuer:       /CN=b780b3b9e096221629fe47e102ac522da03979c4
Certificate serial:       01856D3870FABD3E91FA5A8906E95956A96E
Authority key identifier: B7:80:B3:B9:E0:96:22:16:29:FE:47:E1:02:AC:52:2D:A0:39:79:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4CzueCWIhYp_kfhAqxSLaA5ecQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa
Signing time:             Sun 01 Jan 2023 12:04:53 +0000
ROA not before:           Sun 01 Jan 2023 12:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205617
IP address blocks:        37.208.112.0/21 maxlen: 21
                          185.150.208.0/22 maxlen: 22
                          2a00:c7c0::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:70:fa:bd:3e:91:fa:5a:89:06:e9:59:56:a9:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b780b3b9e096221629fe47e102ac522da03979c4
        Validity
            Not Before: Jan  1 12:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61dbd18ddf1c51112340ad2913a270163713b944
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:31:8a:1d:68:cb:be:eb:97:ee:dd:f9:9b:fc:
                    8a:3d:ed:c4:d9:6d:79:4a:1e:8e:a6:4e:2f:d0:9d:
                    75:be:75:30:fa:be:7b:58:05:28:a4:40:a3:0e:fc:
                    ed:a3:d1:13:77:0f:be:e4:e6:12:90:bd:7c:27:4f:
                    2d:24:fe:b0:09:57:6b:15:fb:87:1c:05:d6:53:ac:
                    59:de:e0:65:c8:5e:0d:d9:9b:41:7a:9f:69:bf:e9:
                    15:54:11:05:4f:cf:79:0f:cd:c0:7a:ea:45:a1:db:
                    a0:34:91:95:04:aa:bc:21:7d:39:84:88:74:ce:d0:
                    fe:0d:19:f1:b7:fb:45:7e:64:c2:ad:bb:6d:50:80:
                    0a:f2:15:3e:6a:b3:c1:78:31:64:28:af:5e:70:ef:
                    f7:cf:ce:e4:7e:1d:eb:df:37:d5:c0:8b:9a:4e:b7:
                    26:2a:56:68:2b:c3:e6:a7:f3:66:58:3b:82:fc:60:
                    1d:88:31:db:45:3f:1a:9d:84:f2:3f:7e:50:b8:b4:
                    65:57:57:78:06:63:e1:e7:02:56:77:7e:49:a4:5e:
                    27:57:89:5f:3d:fa:2d:dd:ea:b3:6f:58:16:51:71:
                    67:90:5e:3f:bd:99:fe:7a:36:13:7d:51:5f:5f:2c:
                    e4:fd:d6:11:0a:87:79:59:2a:2e:0f:d2:5d:84:54:
                    1a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:DB:D1:8D:DF:1C:51:11:23:40:AD:29:13:A2:70:16:37:13:B9:44
            X509v3 Authority Key Identifier:
                keyid:B7:80:B3:B9:E0:96:22:16:29:FE:47:E1:02:AC:52:2D:A0:39:79:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4CzueCWIhYp_kfhAqxSLaA5ecQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/t4CzueCWIhYp_kfhAqxSLaA5ecQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.208.112.0/21
                  185.150.208.0/22
                IPv6:
                  2a00:c7c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         58:6d:67:93:d8:7e:ae:4a:30:e0:31:e0:04:7f:2a:ff:68:18:
         30:97:02:c3:fc:a3:eb:89:6e:40:ee:1d:32:11:57:ba:5a:84:
         8b:f7:0e:f7:55:8a:58:0f:80:c2:78:06:ff:0d:c9:c1:7a:9a:
         44:66:91:fd:5e:96:74:70:82:d7:c7:dd:f9:79:03:b2:2a:86:
         ff:26:41:d9:45:a8:4d:1c:f5:40:1d:4c:f9:4a:b0:34:f8:97:
         65:52:90:89:06:78:f1:98:69:fd:26:52:07:6f:f8:fa:a0:01:
         f4:c3:db:03:ed:47:05:93:33:61:e2:be:db:63:49:84:7d:c6:
         ed:65:6c:3c:57:c2:84:91:33:e1:af:4a:69:a2:91:a7:7b:c4:
         8d:64:1b:55:74:73:a9:e7:81:11:24:c5:fc:f9:a5:75:51:a0:
         89:78:39:ad:9a:50:4b:fa:3f:93:b2:65:35:14:6e:51:7a:10:
         80:e4:95:01:c1:aa:94:00:50:3f:b0:46:2b:6c:23:3e:98:b0:
         3e:ad:b4:66:a4:b9:7d:35:81:8f:4f:de:df:b8:4a:f1:c4:a0:
         12:95:bb:4c:95:06:62:de:7c:0d:e9:2c:f9:52:97:87:94:51:
         4c:43:ce:f5:34:f4:97:6a:6a:c1:31:76:ad:b6:4c:d6:7b:af:
         a3:9a:33:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtOHD6vT6R+lqJBulZVqluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODBiM2I5ZTA5NjIyMTYyOWZlNDdlMTAyYWM1MjJkYTAz
OTc5YzQwHhcNMjMwMTAxMTIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRiZDE4ZGRmMWM1MTExMjM0MGFkMjkxM2EyNzAxNjM3MTNiOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzGKHWjLvuuX7t35m/yKPe3E2W15
Sh6Opk4v0J11vnUw+r57WAUopECjDvzto9ETdw++5OYSkL18J08tJP6wCVdrFfuH
HAXWU6xZ3uBlyF4N2ZtBep9pv+kVVBEFT895D83AeupFodugNJGVBKq8IX05hIh0
ztD+DRnxt/tFfmTCrbttUIAK8hU+arPBeDFkKK9ecO/3z87kfh3r3zfVwIuaTrcm
KlZoK8Pmp/NmWDuC/GAdiDHbRT8anYTyP35QuLRlV1d4BmPh5wJWd35JpF4nV4lf
Pfot3eqzb1gWUXFnkF4/vZn+ejYTfVFfXyzk/dYRCod5WSouD9JdhFQaEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGHb0Y3fHFERI0CtKROicBY3E7lEMB8GA1UdIwQY
MBaAFLeAs7ngliIWKf5H4QKsUi2gOXnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRDenVlQ1dJaFlwX2tmaEFxeFNMYUE1ZWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xZjMxMTctZjJhMS00MzIyLWI2M2Qt
ZjdlZGIyNjg4NjUyLzEvWWR2UmpkOGNVUkVqUUswcEU2SndGamNUdVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xZjMxMTctZjJhMS00MzIyLWI2M2QtZjdlZGIyNjg4NjUy
LzEvdDRDenVlQ1dJaFlwX2tmaEFxeFNMYUE1ZWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJdBwAwQC
uZbQMA0EAgACMAcDBQMqAMfAMA0GCSqGSIb3DQEBCwUAA4IBAQBYbWeT2H6uSjDg
MeAEfyr/aBgwlwLD/KPriW5A7h0yEVe6WoSL9w73VYpYD4DCeAb/DcnBeppEZpH9
XpZ0cILXx935eQOyKob/JkHZRahNHPVAHUz5SrA0+JdlUpCJBnjxmGn9JlIHb/j6
oAH0w9sD7UcFkzNh4r7bY0mEfcbtZWw8V8KEkTPhr0ppopGne8SNZBtVdHOp54ER
JMX8+aV1UaCJeDmtmlBL+j+TsmU1FG5RehCA5JUBwaqUAFA/sEYrbCM+mLA+rbRm
pLl9NYGPT97fuErxxKASlbtMlQZi3nwN6Sz5UpeHlFFMQ871NPSXamrBMXattkzW
e6+jmjMJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:31 2024 by rpki-client on console-ams.rpki-client.org