Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/yimPvft2KFTXeaJPk-BQPegdSOY.roa
File:                     yimPvft2KFTXeaJPk-BQPegdSOY.roa (raw, json)
Hash identifier:          kYN/C/bs8mMoWaE6dnZptjJTl33Gx7GjkxYu+pv1OTE=
Subject key identifier:   CA:29:8F:BD:FB:76:28:54:D7:79:A2:4F:93:E0:50:3D:E8:1D:48:E6
Certificate issuer:       /CN=24295ce712473d0e3e6daa777db8906f8001df70
Certificate serial:       01856F0B8095818054AB431C17621BFE1BE3
Authority key identifier: 24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/yimPvft2KFTXeaJPk-BQPegdSOY.roa
Signing time:             Sun 01 Jan 2023 20:35:02 +0000
ROA not before:           Sun 01 Jan 2023 20:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49101
IP address blocks:        176.102.64.0/22 maxlen: 22
                          2a07:dbc0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:80:95:81:80:54:ab:43:1c:17:62:1b:fe:1b:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24295ce712473d0e3e6daa777db8906f8001df70
        Validity
            Not Before: Jan  1 20:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca298fbdfb762854d779a24f93e0503de81d48e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f1:2e:1f:05:7e:8e:df:95:da:a1:a5:03:46:
                    a2:cb:72:72:cd:ec:e0:fc:63:24:99:39:ba:6f:04:
                    df:bc:18:2b:b4:60:ae:ae:b8:92:a8:52:13:af:eb:
                    9e:d6:8c:25:46:da:b1:b1:a0:25:f7:cd:31:8b:ce:
                    e3:8c:19:5d:d7:a6:07:0e:a2:59:b0:be:ba:3a:32:
                    7d:a2:20:34:4c:01:d4:c0:cd:96:9e:17:e2:de:0c:
                    33:68:f0:c8:1a:90:f8:64:4b:00:4b:8f:a7:a3:0e:
                    ed:69:37:9a:83:6f:ba:b2:06:5a:ab:dc:47:bf:d0:
                    00:ee:10:94:2a:3b:1d:df:7d:63:1d:a3:57:45:1e:
                    43:b2:9f:20:0f:64:f4:3f:2e:23:7c:03:17:1b:f1:
                    34:33:f5:2e:d5:b9:11:85:61:ed:e4:0d:8e:9d:71:
                    48:fd:33:62:11:29:36:3c:ad:ea:35:7a:2a:c0:01:
                    1e:2b:37:05:d8:a6:41:cb:9c:6c:e8:e4:94:dd:41:
                    2f:8a:4e:92:ad:aa:7f:4c:75:88:bc:f7:c4:c4:9e:
                    a5:43:27:54:5a:3f:a1:80:b3:7c:47:01:57:7c:f4:
                    e4:b0:21:65:d2:ca:75:53:8b:e2:12:5a:7f:1e:21:
                    03:87:cb:70:0b:b8:cc:f8:9d:7d:65:75:63:1d:e6:
                    e4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:29:8F:BD:FB:76:28:54:D7:79:A2:4F:93:E0:50:3D:E8:1D:48:E6
            X509v3 Authority Key Identifier:
                keyid:24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/yimPvft2KFTXeaJPk-BQPegdSOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/JClc5xJHPQ4-bap3fbiQb4AB33A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.102.64.0/22
                IPv6:
                  2a07:dbc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:f6:58:d7:56:41:bb:83:08:9f:83:87:14:ab:f8:63:ed:a7:
         7b:eb:ca:f7:32:fd:0b:a0:14:02:4d:3d:48:83:a7:2d:5c:ac:
         46:ca:bf:2f:a9:eb:5a:1a:76:2d:f6:67:56:2c:17:2e:1d:f8:
         21:9b:19:9b:fc:b2:2e:d2:4d:70:54:2b:b7:17:ad:0f:cf:fd:
         fb:d5:d3:54:bf:eb:37:b6:58:d0:44:5f:26:e4:b5:fa:f7:b0:
         e2:dc:e6:3b:22:49:45:2c:1c:59:58:dc:b6:f2:38:d7:df:0c:
         b8:a0:57:4f:35:df:d7:12:b8:82:fb:75:3c:ff:49:2e:b6:3a:
         9f:98:ac:eb:b3:22:c9:68:f9:e7:02:88:89:9f:3c:9e:e9:a2:
         57:6b:76:4e:a3:cc:b9:04:09:7e:21:df:2e:38:0f:c2:70:ac:
         32:17:4d:ef:0c:aa:45:fb:fe:b3:82:e5:4b:65:ea:06:74:0d:
         4d:92:82:25:63:29:58:47:4c:29:9e:b8:8e:69:5d:87:09:c1:
         2f:db:e7:24:21:74:7a:1e:01:8d:32:8d:bf:cf:7a:99:18:33:
         aa:fa:ce:db:ec:78:eb:ae:20:38:d2:0b:91:f4:35:66:3b:66:
         e4:d3:6d:1e:ca:c2:76:36:f2:31:55:0e:0b:6a:a2:49:d7:21:
         00:49:09:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC4CVgYBUq0McF2Ib/hvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mjk1Y2U3MTI0NzNkMGUzZTZkYWE3NzdkYjg5MDZmODAw
MWRmNzAwHhcNMjMwMTAxMjAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI5OGZiZGZiNzYyODU0ZDc3OWEyNGY5M2UwNTAzZGU4MWQ0OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvEuHwV+jt+V2qGlA0aiy3Jyzezg
/GMkmTm6bwTfvBgrtGCurriSqFITr+ue1owlRtqxsaAl980xi87jjBld16YHDqJZ
sL66OjJ9oiA0TAHUwM2Wnhfi3gwzaPDIGpD4ZEsAS4+now7taTeag2+6sgZaq9xH
v9AA7hCUKjsd331jHaNXRR5Dsp8gD2T0Py4jfAMXG/E0M/Uu1bkRhWHt5A2OnXFI
/TNiESk2PK3qNXoqwAEeKzcF2KZBy5xs6OSU3UEvik6Srap/THWIvPfExJ6lQydU
Wj+hgLN8RwFXfPTksCFl0sp1U4viElp/HiEDh8twC7jM+J19ZXVjHebkswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMopj737dihU13miT5PgUD3oHUjmMB8GA1UdIwQY
MBaAFCQpXOcSRz0OPm2qd324kG+AAd9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNsYzV4SkhQUTQtYmFwM2ZiaVFiNEFCMzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xYTBjNmEtMWE1ZS00MjRiLTlhNjkt
OTk1NTMxODYyNDE5LzEveWltUHZmdDJLRlRYZWFKUGstQlFQZWdkU09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xYTBjNmEtMWE1ZS00MjRiLTlhNjktOTk1NTMxODYyNDE5
LzEvSkNsYzV4SkhQUTQtYmFwM2ZiaVFiNEFCMzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsGZAMA0E
AgACMAcDBQAqB9vAMA0GCSqGSIb3DQEBCwUAA4IBAQA/9ljXVkG7gwifg4cUq/hj
7ad768r3Mv0LoBQCTT1Ig6ctXKxGyr8vqetaGnYt9mdWLBcuHfghmxmb/LIu0k1w
VCu3F60Pz/371dNUv+s3tljQRF8m5LX697Di3OY7IklFLBxZWNy28jjX3wy4oFdP
Nd/XEriC+3U8/0kutjqfmKzrsyLJaPnnAoiJnzye6aJXa3ZOo8y5BAl+Id8uOA/C
cKwyF03vDKpF+/6zguVLZeoGdA1NkoIlYylYR0wpnriOaV2HCcEv2+ckIXR6HgGN
Mo2/z3qZGDOq+s7b7HjrriA40guR9DVmO2bk020eysJ2NvIxVQ4LaqJJ1yEASQki
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:39 2024 by rpki-client on console-fra.rpki-client.org