Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/YFPmejF4n2orrtLuloEsrPLuKcE.roa
File:                     YFPmejF4n2orrtLuloEsrPLuKcE.roa (raw, json)
Hash identifier:          /YRuQZ9n07YLzLy1O/tuHIL3KXJAbm/hNXdajoSpsXQ=
Subject key identifier:   60:53:E6:7A:31:78:9F:6A:2B:AE:D2:EE:96:81:2C:AC:F2:EE:29:C1
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       018C240D9FC7C19605B939C3EF0786384B0F
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/YFPmejF4n2orrtLuloEsrPLuKcE.roa
Signing time:             Fri 01 Dec 2023 06:25:21 +0000
ROA not before:           Fri 01 Dec 2023 06:25:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     272044
IP address blocks:        83.147.12.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:24:0d:9f:c7:c1:96:05:b9:39:c3:ef:07:86:38:4b:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Dec  1 06:25:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6053e67a31789f6a2baed2ee96812cacf2ee29c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:76:dc:d2:99:27:f4:ef:0e:36:8e:74:53:95:
                    43:02:4f:8b:e0:6f:00:30:04:07:5b:3e:bc:68:af:
                    2c:7c:bf:c6:2c:e6:78:27:25:a0:f6:0c:9f:da:58:
                    1a:67:00:ae:5d:26:e9:dd:12:9d:ae:d4:44:8a:90:
                    4a:95:33:32:9d:e8:9e:33:99:b6:5c:8a:9d:99:a9:
                    d8:c7:e6:ea:69:c7:14:64:03:18:05:6d:31:57:cd:
                    92:55:3d:60:26:8d:f8:e1:2b:d7:4c:0d:d2:29:2d:
                    c3:ee:2f:41:e0:91:94:ef:e0:dc:1d:ea:70:c7:fb:
                    ad:f0:7e:63:8f:5a:c5:5f:26:39:25:8b:f7:49:bc:
                    c9:1b:38:0b:1f:b5:7b:34:71:7a:dc:45:3c:ff:77:
                    dc:e8:b2:db:b2:9a:73:eb:25:90:56:f4:a4:22:a0:
                    ed:2f:ee:11:fd:7d:ec:be:14:aa:23:e2:1e:89:7f:
                    0e:c5:fa:49:dc:ce:08:83:ef:50:60:d5:b1:8a:38:
                    81:8f:93:d7:cd:fc:1f:17:32:db:ee:43:73:77:b7:
                    12:5d:23:a1:1e:a6:22:e6:3f:5b:99:74:f1:38:49:
                    f3:92:54:01:bc:d6:9b:f9:2f:28:4f:2b:4a:d3:e3:
                    32:b2:fc:ba:7e:d2:d1:a6:17:8c:83:8c:cc:9e:80:
                    fe:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:53:E6:7A:31:78:9F:6A:2B:AE:D2:EE:96:81:2C:AC:F2:EE:29:C1
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/YFPmejF4n2orrtLuloEsrPLuKcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:a4:f8:ec:d0:0b:58:01:3c:31:c9:84:59:e9:a8:71:da:56:
         54:c0:19:dc:87:7b:c6:f3:90:60:81:ba:23:0e:de:ee:74:a6:
         68:a8:f1:ad:47:5d:09:b5:84:71:28:0d:5a:01:ae:8a:b6:2f:
         e7:ad:4f:7b:e2:b5:4a:99:51:14:bc:c5:af:26:52:57:8e:1b:
         08:1c:05:df:36:fa:cd:22:a5:e0:f8:73:bf:10:ae:20:21:35:
         22:ae:11:30:5f:e8:5e:2e:27:3d:42:a6:cd:d3:5c:d3:ad:6e:
         a7:fe:70:fc:1b:52:db:a6:43:78:e8:d5:88:fa:5a:9c:3d:12:
         63:2f:f8:34:9f:71:12:85:99:50:e3:f4:0c:e7:d5:b9:e6:96:
         97:84:9a:cd:54:3b:5c:19:56:6b:17:d5:28:b0:ec:f4:37:96:
         fe:36:8b:f0:a9:e1:3b:d6:63:6a:1b:5c:21:26:d2:9f:38:dc:
         27:9a:c1:47:9e:6f:89:93:f7:71:fb:f1:24:c0:28:d1:86:0d:
         11:f9:a1:8c:26:60:c9:83:c5:ff:23:54:85:5c:6d:3c:93:55:
         fc:4c:31:2f:5e:b2:ae:01:32:4f:80:71:16:ee:a5:9e:87:b8:
         41:9f:ab:41:3e:a0:94:68:96:6c:e0:a6:f2:69:25:f1:07:61:
         82:dd:ee:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwkDZ/HwZYFuTnD7weGOEsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMjAxMDYyNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUzZTY3YTMxNzg5ZjZhMmJhZWQyZWU5NjgxMmNhY2YyZWUyOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnbc0pkn9O8ONo50U5VDAk+L4G8A
MAQHWz68aK8sfL/GLOZ4JyWg9gyf2lgaZwCuXSbp3RKdrtREipBKlTMyneieM5m2
XIqdmanYx+bqaccUZAMYBW0xV82SVT1gJo344SvXTA3SKS3D7i9B4JGU7+DcHepw
x/ut8H5jj1rFXyY5JYv3SbzJGzgLH7V7NHF63EU8/3fc6LLbsppz6yWQVvSkIqDt
L+4R/X3svhSqI+IeiX8OxfpJ3M4Ig+9QYNWxijiBj5PXzfwfFzLb7kNzd7cSXSOh
HqYi5j9bmXTxOEnzklQBvNab+S8oTytK0+Mysvy6ftLRpheMg4zMnoD+GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBT5noxeJ9qK67S7paBLKzy7inBMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvWUZQbWVqRjRuMm9ycnRMdWxvRXNyUEx1S2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5MMMA0G
CSqGSIb3DQEBCwUAA4IBAQACpPjs0AtYATwxyYRZ6ahx2lZUwBnch3vG85Bggboj
Dt7udKZoqPGtR10JtYRxKA1aAa6Kti/nrU974rVKmVEUvMWvJlJXjhsIHAXfNvrN
IqXg+HO/EK4gITUirhEwX+heLic9QqbN01zTrW6n/nD8G1LbpkN46NWI+lqcPRJj
L/g0n3EShZlQ4/QM59W55paXhJrNVDtcGVZrF9UosOz0N5b+NovwqeE71mNqG1wh
JtKfONwnmsFHnm+Jk/dx+/EkwCjRhg0R+aGMJmDJg8X/I1SFXG08k1X8TDEvXrKu
ATJPgHEW7qWeh7hBn6tBPqCUaJZs4KbyaSXxB2GC3e5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org