Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/5b4830-7c0f-43d2-bc1f-74016031c238/1/ylCFQZeips2KzEIfxduEWuHf4Dw.roa
File:                     ylCFQZeips2KzEIfxduEWuHf4Dw.roa (raw, json)
Hash identifier:          4VcSuPIf+g0QoFaC7Eywp48ZitcYDq3sLT7vFS9+Gig=
Subject key identifier:   CA:50:85:41:97:A2:A6:CD:8A:CC:42:1F:C5:DB:84:5A:E1:DF:E0:3C
Certificate issuer:       /CN=a750a9b1d454949f0b19303524d55e625df0ba4b
Certificate serial:       01856D53BFF5D8565E5E95540CE734910A92
Authority key identifier: A7:50:A9:B1:D4:54:94:9F:0B:19:30:35:24:D5:5E:62:5D:F0:BA:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p1CpsdRUlJ8LGTA1JNVeYl3wuks.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/5b4830-7c0f-43d2-bc1f-74016031c238/1/ylCFQZeips2KzEIfxduEWuHf4Dw.roa
Signing time:             Sun 01 Jan 2023 12:34:43 +0000
ROA not before:           Sun 01 Jan 2023 12:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43877
IP address blocks:        195.245.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:bf:f5:d8:56:5e:5e:95:54:0c:e7:34:91:0a:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a750a9b1d454949f0b19303524d55e625df0ba4b
        Validity
            Not Before: Jan  1 12:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca50854197a2a6cd8acc421fc5db845ae1dfe03c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c6:74:c9:13:d3:59:40:a9:3d:f8:9f:e5:b4:
                    44:0f:cc:21:14:29:c5:02:28:aa:b4:46:55:ab:81:
                    47:a3:ec:5c:33:4e:2c:26:73:48:df:fc:c9:a2:60:
                    1b:71:49:c8:2b:01:87:b7:9a:f2:50:01:43:a4:ff:
                    7e:a2:51:19:22:37:2a:ff:06:6f:8e:d1:8f:43:07:
                    2d:8c:3a:a2:63:74:4e:e2:91:27:f7:ae:a7:d6:37:
                    e9:33:23:fd:8f:a6:bc:d4:2e:8c:bb:78:b7:e1:d7:
                    89:2a:55:a9:2c:8b:99:0d:8f:84:d5:77:af:a3:aa:
                    32:01:10:ae:a7:66:f1:6d:83:38:c4:17:94:ab:28:
                    27:72:2c:2a:b1:56:b3:b3:8e:60:5b:6d:4f:6a:f1:
                    58:49:96:09:ec:03:3e:e0:fd:0f:05:59:af:e6:d0:
                    94:ae:37:69:78:eb:b8:be:ce:f5:19:b1:84:c6:08:
                    95:e8:f7:43:ad:40:81:ff:91:ad:ec:b8:9c:57:f3:
                    89:21:3f:26:84:6f:8d:bc:04:f7:6b:a6:12:61:c7:
                    1b:95:f6:f2:ba:99:4f:ef:32:3b:7b:35:b2:bf:a6:
                    9d:a9:8b:b9:10:0c:fb:4d:72:28:eb:e7:29:1f:fa:
                    ca:42:50:78:13:9e:78:e7:1c:c5:74:22:95:ab:52:
                    e1:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:50:85:41:97:A2:A6:CD:8A:CC:42:1F:C5:DB:84:5A:E1:DF:E0:3C
            X509v3 Authority Key Identifier:
                keyid:A7:50:A9:B1:D4:54:94:9F:0B:19:30:35:24:D5:5E:62:5D:F0:BA:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p1CpsdRUlJ8LGTA1JNVeYl3wuks.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/5b4830-7c0f-43d2-bc1f-74016031c238/1/ylCFQZeips2KzEIfxduEWuHf4Dw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/5b4830-7c0f-43d2-bc1f-74016031c238/1/p1CpsdRUlJ8LGTA1JNVeYl3wuks.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:85:46:d4:e9:c2:0f:d5:86:1f:f0:a8:fa:a4:69:25:f8:7b:
         e7:4b:f9:9b:08:fc:8c:bf:0e:67:ad:64:6f:72:91:31:05:fe:
         b0:b5:4f:33:04:ae:6a:7f:74:b3:2e:f3:61:cd:d2:56:e8:d0:
         ca:5f:f3:4c:43:02:9f:2c:9c:6e:cb:50:7b:2d:b0:38:48:53:
         14:48:5b:0c:22:d8:e9:8f:b6:cc:34:bd:bd:f0:e2:a8:b3:32:
         a7:1a:20:c6:d4:9d:3f:98:33:9b:9f:8c:df:8c:fc:66:3a:10:
         d7:0e:19:55:82:b3:54:de:2e:e7:c1:5e:bd:c2:8c:46:2b:99:
         0e:78:37:84:f0:f0:ae:5a:2f:0a:89:ff:5d:fc:51:fa:04:c5:
         0e:85:d5:09:50:02:f9:6c:8c:e8:ef:66:4a:f3:ab:6b:e4:d5:
         fb:73:2b:60:21:5d:2c:7c:46:40:4f:5f:45:6d:6f:fa:5a:96:
         82:21:74:a5:4c:02:67:0d:34:a0:2d:7b:04:e7:ba:12:39:91:
         24:ae:5e:00:d0:c4:d7:bc:a2:23:eb:4d:0e:d6:6a:01:b6:2e:
         24:19:fb:2e:a6:7b:7b:9b:55:ed:57:eb:99:9c:f2:5c:2a:e3:
         49:46:ac:08:1a:19:9a:1c:2c:5f:3a:d8:67:c9:16:e8:28:ed:
         e2:c2:6e:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU7/12FZeXpVUDOc0kQqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NTBhOWIxZDQ1NDk0OWYwYjE5MzAzNTI0ZDU1ZTYyNWRm
MGJhNGIwHhcNMjMwMTAxMTIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTUwODU0MTk3YTJhNmNkOGFjYzQyMWZjNWRiODQ1YWUxZGZlMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsZ0yRPTWUCpPfif5bRED8whFCnF
AiiqtEZVq4FHo+xcM04sJnNI3/zJomAbcUnIKwGHt5ryUAFDpP9+olEZIjcq/wZv
jtGPQwctjDqiY3RO4pEn966n1jfpMyP9j6a81C6Mu3i34deJKlWpLIuZDY+E1Xev
o6oyARCup2bxbYM4xBeUqygnciwqsVazs45gW21PavFYSZYJ7AM+4P0PBVmv5tCU
rjdpeOu4vs71GbGExgiV6PdDrUCB/5Gt7LicV/OJIT8mhG+NvAT3a6YSYccblfby
uplP7zI7ezWyv6adqYu5EAz7TXIo6+cpH/rKQlB4E5545xzFdCKVq1LhdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpQhUGXoqbNisxCH8XbhFrh3+A8MB8GA1UdIwQY
MBaAFKdQqbHUVJSfCxkwNSTVXmJd8LpLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDFDcHNkUlVsSjhMR1RBMUpOVmVZbDN3dWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81YjQ4MzAtN2MwZi00M2QyLWJjMWYt
NzQwMTYwMzFjMjM4LzEveWxDRlFaZWlwczJLekVJZnhkdUVXdUhmNER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81YjQ4MzAtN2MwZi00M2QyLWJjMWYtNzQwMTYwMzFjMjM4
LzEvcDFDcHNkUlVsSjhMR1RBMUpOVmVZbDN3dWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XCMA0G
CSqGSIb3DQEBCwUAA4IBAQCPhUbU6cIP1YYf8Kj6pGkl+HvnS/mbCPyMvw5nrWRv
cpExBf6wtU8zBK5qf3SzLvNhzdJW6NDKX/NMQwKfLJxuy1B7LbA4SFMUSFsMItjp
j7bMNL298OKoszKnGiDG1J0/mDObn4zfjPxmOhDXDhlVgrNU3i7nwV69woxGK5kO
eDeE8PCuWi8Kif9d/FH6BMUOhdUJUAL5bIzo72ZK86tr5NX7cytgIV0sfEZAT19F
bW/6WpaCIXSlTAJnDTSgLXsE57oSOZEkrl4A0MTXvKIj600O1moBti4kGfsupnt7
m1XtV+uZnPJcKuNJRqwIGhmaHCxfOthnyRboKO3iwm7e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:07 2024 by rpki-client on console-fra.rpki-client.org