Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ydIqvfqGG6VsIuYgNGBMpzQZbjI.roa
File:                     ydIqvfqGG6VsIuYgNGBMpzQZbjI.roa (raw, json)
Hash identifier:          16VJefuLlx8ntOIYXTbcFtfTzi4QpykVeP7qyG8t9sw=
Subject key identifier:   C9:D2:2A:BD:FA:86:1B:A5:6C:22:E6:20:34:60:4C:A7:34:19:6E:32
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018CC348BA74A03FA07942CC48B6EE7E640B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ydIqvfqGG6VsIuYgNGBMpzQZbjI.roa
Signing time:             Mon 01 Jan 2024 04:29:32 +0000
ROA not before:           Mon 01 Jan 2024 04:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     64267
IP address blocks:        185.92.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 05:05:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:ba:74:a0:3f:a0:79:42:cc:48:b6:ee:7e:64:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 04:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c9d22abdfa861ba56c22e62034604ca734196e32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:69:a4:68:8f:95:38:af:a9:71:8e:06:d5:b9:
                    0a:2a:f4:49:d3:c3:20:93:64:4e:5b:b1:e1:52:62:
                    64:d1:6f:ae:14:bc:69:c4:49:48:d3:f6:26:93:d8:
                    3d:2c:0c:bb:a9:73:04:bd:e4:f1:37:c6:28:0f:b8:
                    3c:fc:85:7d:38:4c:f7:60:ca:42:c0:34:6b:1a:46:
                    d8:2c:d7:0c:e6:c6:a7:90:b5:2a:73:4f:53:9c:45:
                    e9:66:59:1e:01:68:bb:86:65:ed:ee:66:27:3d:58:
                    b5:f2:17:52:9a:a9:ba:3d:86:f1:df:51:5b:21:35:
                    f2:e4:f8:7b:de:27:43:b1:8c:5b:19:64:59:38:3e:
                    55:df:e0:9a:84:86:96:0f:7d:d0:8a:9a:8a:5d:6a:
                    aa:1a:97:92:a9:2e:9b:c7:ae:5a:2d:03:a4:54:95:
                    59:5a:cf:02:77:f9:14:77:6e:2f:de:af:e0:5e:f1:
                    8a:f8:5f:f8:11:f0:75:e9:5c:1a:1e:83:ae:e3:fd:
                    6e:49:80:b4:90:19:73:5d:a0:3f:9a:c1:cc:33:33:
                    99:27:59:a6:73:97:e1:cc:61:6c:77:e5:42:a3:82:
                    0a:58:8e:fc:49:12:8b:57:b5:ee:26:7a:cb:32:05:
                    df:22:66:6d:f4:8f:eb:ac:ef:fb:2a:d8:cd:7e:4c:
                    49:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:D2:2A:BD:FA:86:1B:A5:6C:22:E6:20:34:60:4C:A7:34:19:6E:32
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ydIqvfqGG6VsIuYgNGBMpzQZbjI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:ae:95:c9:b4:7c:46:0f:2a:bf:19:cd:e7:ed:4b:d0:41:80:
         5d:36:44:53:77:3d:a7:f5:79:71:44:ba:e6:57:9b:9e:00:f0:
         aa:cc:5f:84:62:3a:13:8b:ef:5b:f8:17:8a:5a:0c:76:4c:f5:
         e2:8f:39:90:9a:c0:2e:c6:7d:3c:34:7d:cf:fd:72:cf:84:d0:
         e5:a0:94:9c:fb:ad:1d:89:c3:0a:14:c2:f5:cd:78:9e:67:42:
         d3:f5:9c:72:8d:f6:8b:9f:1e:43:35:70:6e:55:dc:03:d8:f0:
         65:6f:8f:5c:6b:40:7b:b5:1c:f4:b4:31:3d:a2:29:cb:3d:b5:
         88:e8:e6:29:15:cf:0f:84:4d:b7:45:83:15:7d:27:2f:db:6c:
         10:e7:75:25:ea:84:b1:bd:fb:86:f8:63:67:9b:ab:d8:cc:e4:
         98:5f:25:d0:e9:b7:83:62:39:33:8f:72:31:c5:c6:0c:9e:2a:
         8a:99:88:87:91:36:83:0e:2c:c4:84:81:db:68:54:51:f7:ed:
         73:1b:e0:62:00:33:a2:e8:24:90:a9:a4:a4:ca:e8:c4:a1:2d:
         52:4e:6e:ce:e9:13:b2:9f:99:d3:d0:fb:22:6d:2b:31:b4:d3:
         cd:a7:29:d9:fc:ac:44:49:ad:f0:c8:68:69:39:e2:1d:8b:98:
         05:68:1c:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLp0oD+geULMSLbufmQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQyMmFiZGZhODYxYmE1NmMyMmU2MjAzNDYwNGNhNzM0MTk2ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGmkaI+VOK+pcY4G1bkKKvRJ08Mg
k2ROW7HhUmJk0W+uFLxpxElI0/Ymk9g9LAy7qXMEveTxN8YoD7g8/IV9OEz3YMpC
wDRrGkbYLNcM5sankLUqc09TnEXpZlkeAWi7hmXt7mYnPVi18hdSmqm6PYbx31Fb
ITXy5Ph73idDsYxbGWRZOD5V3+CahIaWD33QipqKXWqqGpeSqS6bx65aLQOkVJVZ
Ws8Cd/kUd24v3q/gXvGK+F/4EfB16VwaHoOu4/1uSYC0kBlzXaA/msHMMzOZJ1mm
c5fhzGFsd+VCo4IKWI78SRKLV7XuJnrLMgXfImZt9I/rrO/7KtjNfkxJsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnSKr36hhulbCLmIDRgTKc0GW4yMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEveWRJcXZmcUdHNlZzSXVZZ05HQk1welFaYmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVwuMA0G
CSqGSIb3DQEBCwUAA4IBAQA1rpXJtHxGDyq/Gc3n7UvQQYBdNkRTdz2n9XlxRLrm
V5ueAPCqzF+EYjoTi+9b+BeKWgx2TPXijzmQmsAuxn08NH3P/XLPhNDloJSc+60d
icMKFML1zXieZ0LT9ZxyjfaLnx5DNXBuVdwD2PBlb49ca0B7tRz0tDE9oinLPbWI
6OYpFc8PhE23RYMVfScv22wQ53Ul6oSxvfuG+GNnm6vYzOSYXyXQ6beDYjkzj3Ix
xcYMniqKmYiHkTaDDizEhIHbaFRR9+1zG+BiADOi6CSQqaSkyujEoS1STm7O6ROy
n5nT0PsibSsxtNPNpynZ/KxESa3wyGhpOeIdi5gFaBzN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org