Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/YhwLP6celXfMIMMs-UNYm_11gI4.roa
File:                     YhwLP6celXfMIMMs-UNYm_11gI4.roa (raw, json)
Hash identifier:          PhVssnDlidLRIUXppG5DDyvvGO1uBoYw223ED0BfOXg=
Subject key identifier:   62:1C:0B:3F:A7:1E:95:77:CC:20:C3:2C:F9:43:58:9B:FD:75:80:8E
Certificate issuer:       /CN=77292dc63718eebc704ab002ecb81d3d52d4d1c3
Certificate serial:       018C81AA3BFC8E3D6CF1A1A9D93562B900AA
Authority key identifier: 77:29:2D:C6:37:18:EE:BC:70:4A:B0:02:EC:B8:1D:3D:52:D4:D1:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/YhwLP6celXfMIMMs-UNYm_11gI4.roa
Signing time:             Tue 19 Dec 2023 10:41:06 +0000
ROA not before:           Tue 19 Dec 2023 10:41:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15542
IP address blocks:        193.176.104.0/21 maxlen: 24
                          2001:67c:460::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:81:aa:3b:fc:8e:3d:6c:f1:a1:a9:d9:35:62:b9:00:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77292dc63718eebc704ab002ecb81d3d52d4d1c3
        Validity
            Not Before: Dec 19 10:41:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=621c0b3fa71e9577cc20c32cf943589bfd75808e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7c:4d:2c:f2:5b:e3:1f:97:46:73:0b:7f:ec:
                    02:61:1b:37:8a:64:67:0f:4c:05:3a:ec:f0:0a:54:
                    fd:e8:81:a2:f9:58:73:a5:05:61:72:09:c5:83:c2:
                    f4:8f:bf:a5:e0:68:96:c3:a8:71:08:5c:14:80:12:
                    38:1c:fe:f4:bd:0f:30:13:ee:f0:30:21:01:d6:66:
                    ca:16:1d:c3:a4:d3:c7:1b:ca:b2:61:d0:df:dd:15:
                    69:54:5a:4d:ab:62:5f:fb:d6:94:2d:d6:45:bb:5b:
                    12:c7:bc:44:33:63:ca:4c:55:cb:6e:4a:00:e5:ef:
                    91:57:64:c5:84:ac:50:86:62:a7:8b:08:a1:46:db:
                    da:6d:c8:61:14:09:2d:08:9c:18:2c:5c:41:ca:5a:
                    29:43:9b:ed:b4:ce:0f:84:5c:3a:a0:72:2a:59:c5:
                    f0:34:a6:b6:1c:b1:07:46:d2:4d:b3:19:ca:8c:22:
                    d6:38:83:26:81:ca:92:f2:76:06:d3:6e:fb:a3:ba:
                    66:41:4f:07:d6:76:4e:7a:89:ee:59:5d:5a:ce:4f:
                    23:fe:4d:60:c6:bc:19:79:66:7f:e4:a9:ce:21:c2:
                    84:08:09:b4:1b:9a:a8:07:64:46:7d:36:a0:29:ad:
                    e8:9a:03:9d:56:d0:89:29:0e:3f:37:44:37:87:7e:
                    8e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:1C:0B:3F:A7:1E:95:77:CC:20:C3:2C:F9:43:58:9B:FD:75:80:8E
            X509v3 Authority Key Identifier:
                keyid:77:29:2D:C6:37:18:EE:BC:70:4A:B0:02:EC:B8:1D:3D:52:D4:D1:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/YhwLP6celXfMIMMs-UNYm_11gI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/dyktxjcY7rxwSrAC7LgdPVLU0cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.176.104.0/21
                IPv6:
                  2001:67c:460::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:0b:4d:8c:8e:04:80:e4:f5:57:29:19:c1:26:80:40:32:f8:
         93:a6:fa:81:10:4d:13:96:5f:e7:1d:cb:49:c3:80:60:c2:f8:
         8e:9d:92:f6:56:e7:ea:ba:24:77:60:23:0c:18:b8:10:4e:b7:
         28:91:07:44:d4:79:ee:2a:5e:18:63:a9:da:fd:af:dd:85:84:
         28:e4:f4:16:00:41:00:a9:67:35:48:b8:4a:35:e9:0f:81:f8:
         69:7e:8d:1b:44:df:94:a4:fd:de:c1:11:2d:b8:cc:e1:f1:4a:
         b8:77:2b:f6:1f:69:7a:d7:11:80:65:4f:f1:24:d8:6a:d3:8a:
         c7:43:2c:01:aa:9f:b9:34:26:02:b9:da:0b:10:b9:12:41:05:
         fb:2d:1e:5e:08:8c:c3:58:2e:12:db:85:93:85:3b:31:50:26:
         09:cc:51:92:2c:e6:16:b5:1b:02:81:9e:e6:9d:ee:ba:f0:86:
         37:ce:ff:7d:b4:82:71:c1:d2:5e:98:a4:71:ec:0c:43:c6:96:
         ff:4f:90:b3:05:59:0e:38:13:b2:02:cd:d3:a3:b9:b3:0c:8d:
         4e:2d:a8:01:47:a3:a0:39:c5:e2:f8:a9:b1:95:9f:a0:92:0f:
         24:16:3d:97:41:e9:2d:2f:84:3f:07:68:43:66:58:d2:60:6f:
         b8:22:d2:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyBqjv8jj1s8aGp2TViuQCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjkyZGM2MzcxOGVlYmM3MDRhYjAwMmVjYjgxZDNkNTJk
NGQxYzMwHhcNMjMxMjE5MTA0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFjMGIzZmE3MWU5NTc3Y2MyMGMzMmNmOTQzNTg5YmZkNzU4MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXxNLPJb4x+XRnMLf+wCYRs3imRn
D0wFOuzwClT96IGi+VhzpQVhcgnFg8L0j7+l4GiWw6hxCFwUgBI4HP70vQ8wE+7w
MCEB1mbKFh3DpNPHG8qyYdDf3RVpVFpNq2Jf+9aULdZFu1sSx7xEM2PKTFXLbkoA
5e+RV2TFhKxQhmKniwihRtvabchhFAktCJwYLFxBylopQ5vttM4PhFw6oHIqWcXw
NKa2HLEHRtJNsxnKjCLWOIMmgcqS8nYG0277o7pmQU8H1nZOeonuWV1azk8j/k1g
xrwZeWZ/5KnOIcKECAm0G5qoB2RGfTagKa3omgOdVtCJKQ4/N0Q3h36O7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGIcCz+nHpV3zCDDLPlDWJv9dYCOMB8GA1UdIwQY
MBaAFHcpLcY3GO68cEqwAuy4HT1S1NHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlrdHhqY1k3cnh3U3JBQzdMZ2RQVkxVMGNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82NTc2NGEtZGQ4ZS00MDFiLWI3MzEt
ZDljNWQyNjQxOWIyLzEvWWh3TFA2Y2VsWGZNSU1Ncy1VTlltXzExZ0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82NTc2NGEtZGQ4ZS00MDFiLWI3MzEtZDljNWQyNjQxOWIy
LzEvZHlrdHhqY1k3cnh3U3JBQzdMZ2RQVkxVMGNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwbBoMA8E
AgACMAkDBwAgAQZ8BGAwDQYJKoZIhvcNAQELBQADggEBAK8LTYyOBIDk9VcpGcEm
gEAy+JOm+oEQTROWX+cdy0nDgGDC+I6dkvZW5+q6JHdgIwwYuBBOtyiRB0TUee4q
Xhhjqdr9r92FhCjk9BYAQQCpZzVIuEo16Q+B+Gl+jRtE35Sk/d7BES24zOHxSrh3
K/YfaXrXEYBlT/Ek2GrTisdDLAGqn7k0JgK52gsQuRJBBfstHl4IjMNYLhLbhZOF
OzFQJgnMUZIs5ha1GwKBnuad7rrwhjfO/320gnHB0l6YpHHsDEPGlv9PkLMFWQ44
E7ICzdOjubMMjU4tqAFHo6A5xeL4qbGVn6CSDyQWPZdB6S0vhD8HaENmWNJgb7gi
0sY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org