Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/VC_YtcA1TUWyJm0knsz491DR30g.roa
File:                     VC_YtcA1TUWyJm0knsz491DR30g.roa (raw, json)
Hash identifier:          VK8JyTV0oIga2iGbsmDvTdMlkYNJ4S0R1FgAxRgdpqY=
Subject key identifier:   54:2F:D8:B5:C0:35:4D:45:B2:26:6D:24:9E:CC:F8:F7:50:D1:DF:48
Certificate issuer:       /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial:       01856D8199A2609814D2A7A6B277CFFD83C6
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/VC_YtcA1TUWyJm0knsz491DR30g.roa
Signing time:             Sun 01 Jan 2023 13:24:48 +0000
ROA not before:           Sun 01 Jan 2023 13:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34948
IP address blocks:        78.109.80.0/20 maxlen: 20
                          193.189.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:99:a2:60:98:14:d2:a7:a6:b2:77:cf:fd:83:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
        Validity
            Not Before: Jan  1 13:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=542fd8b5c0354d45b2266d249eccf8f750d1df48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:9f:67:9b:00:f4:87:17:1b:ef:49:c9:5e:2f:
                    35:e5:36:dd:3f:f5:ef:17:c7:cb:dc:23:8f:82:ba:
                    87:c8:78:e1:43:55:79:e8:1a:41:66:8f:f8:42:ec:
                    f3:a0:1e:21:24:74:bd:54:ce:b0:db:09:8b:28:cf:
                    08:03:ad:e3:c6:bd:e5:7d:fe:fc:e8:ff:bb:5d:69:
                    6b:0a:dc:eb:90:97:69:81:13:cf:2e:5d:4e:1b:88:
                    c4:eb:28:4b:1f:0b:89:6e:14:57:9d:ed:0e:08:bb:
                    6b:b7:60:bf:f2:6b:cc:4c:63:98:6a:50:be:da:5f:
                    5d:8d:cf:2c:d7:cd:e3:f3:3f:41:aa:9b:c2:d7:0e:
                    bc:6c:f6:8b:8a:15:0c:62:1e:47:c7:67:18:9c:b4:
                    d8:31:3d:a5:2e:38:82:89:eb:b1:01:e1:e9:ac:e6:
                    4e:3a:a7:8a:21:c0:d3:0c:90:86:76:20:e0:1f:40:
                    a4:b6:4e:83:b5:6d:8f:80:31:00:3b:e5:78:26:4a:
                    8f:cf:ac:05:28:a5:80:02:00:f8:1b:2d:92:a7:70:
                    21:1b:34:38:fe:a4:fb:b8:12:71:cb:07:16:c7:12:
                    f5:3b:c7:45:b5:45:db:6d:b2:86:9b:28:1a:ed:82:
                    12:4d:7c:9b:b7:ea:82:a8:82:2d:de:01:34:88:ba:
                    c2:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:2F:D8:B5:C0:35:4D:45:B2:26:6D:24:9E:CC:F8:F7:50:D1:DF:48
            X509v3 Authority Key Identifier:
                keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/VC_YtcA1TUWyJm0knsz491DR30g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.109.80.0/20
                  193.189.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:e4:4d:36:83:4e:ba:b8:4a:be:9d:19:1b:2b:2b:dd:a1:a1:
         42:4d:da:89:06:fe:b0:7d:81:3e:51:6a:8a:84:1b:6f:70:8d:
         3e:43:a3:c8:19:32:09:4a:a7:b4:be:f1:60:85:37:2d:e2:74:
         eb:ae:e4:95:ef:f2:ce:8b:04:05:bd:51:3d:a2:63:68:2a:16:
         a0:6f:1b:25:66:de:3f:24:4a:44:69:9c:ac:4a:e2:8d:3d:a7:
         48:be:17:6f:bb:53:83:2b:14:cb:1d:c6:de:60:6c:86:3c:16:
         c1:5b:75:a0:50:3e:15:1d:fd:7a:e7:59:8b:4f:db:30:6b:d5:
         0c:ff:13:fc:85:34:12:71:52:f8:ce:64:50:a3:20:9e:db:cf:
         6a:a6:de:83:13:20:a0:27:09:3e:d0:11:36:10:19:b9:a0:3c:
         d9:0c:83:b3:31:33:8d:8e:a0:17:2c:50:1e:9a:8c:5f:e5:06:
         72:ed:c8:98:b6:1d:f3:f0:4c:c3:41:1a:46:59:cf:1e:04:0c:
         37:49:3f:ea:d6:11:96:76:81:e8:18:9b:08:d7:93:e2:2b:36:
         af:80:97:e0:e2:7d:bf:86:14:a6:19:49:af:df:15:5b:68:90:
         ea:f2:b5:b0:fd:45:e2:53:d1:8c:a1:84:b0:90:c4:11:c0:f1:
         cc:39:fc:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgZmiYJgU0qemsnfP/YPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjMwMTAxMTMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJmZDhiNWMwMzU0ZDQ1YjIyNjZkMjQ5ZWNjZjhmNzUwZDFkZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ9nmwD0hxcb70nJXi815TbdP/Xv
F8fL3COPgrqHyHjhQ1V56BpBZo/4QuzzoB4hJHS9VM6w2wmLKM8IA63jxr3lff78
6P+7XWlrCtzrkJdpgRPPLl1OG4jE6yhLHwuJbhRXne0OCLtrt2C/8mvMTGOYalC+
2l9djc8s183j8z9BqpvC1w68bPaLihUMYh5Hx2cYnLTYMT2lLjiCieuxAeHprOZO
OqeKIcDTDJCGdiDgH0Cktk6DtW2PgDEAO+V4JkqPz6wFKKWAAgD4Gy2Sp3AhGzQ4
/qT7uBJxywcWxxL1O8dFtUXbbbKGmyga7YISTXybt+qCqIIt3gE0iLrC9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFQv2LXANU1FsiZtJJ7M+PdQ0d9IMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvVkNfWXRjQTFUVVd5Sm0wa25zejQ5MURSMzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETm1QAwQA
wb2PMA0GCSqGSIb3DQEBCwUAA4IBAQCS5E02g066uEq+nRkbKyvdoaFCTdqJBv6w
fYE+UWqKhBtvcI0+Q6PIGTIJSqe0vvFghTct4nTrruSV7/LOiwQFvVE9omNoKhag
bxslZt4/JEpEaZysSuKNPadIvhdvu1ODKxTLHcbeYGyGPBbBW3WgUD4VHf1651mL
T9swa9UM/xP8hTQScVL4zmRQoyCe289qpt6DEyCgJwk+0BE2EBm5oDzZDIOzMTON
jqAXLFAemoxf5QZy7ciYth3z8EzDQRpGWc8eBAw3ST/q1hGWdoHoGJsI15PiKzav
gJfg4n2/hhSmGUmv3xVbaJDq8rWw/UXiU9GMoYSwkMQRwPHMOfw6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org