Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ycfz_HiANs2smIpzP_kOnl2h32k.roa
File:                     ycfz_HiANs2smIpzP_kOnl2h32k.roa (raw, json)
Hash identifier:          VcpwhqN4AAmmaGkmnS0brT+SGM7+8mmCakrDVBIBCw8=
Subject key identifier:   C9:C7:F3:FC:78:80:36:CD:AC:98:8A:73:3F:F9:0E:9E:5D:A1:DF:69
Certificate issuer:       /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial:       01856D540CA5C2297CB6064EED03B55C7980
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ycfz_HiANs2smIpzP_kOnl2h32k.roa
Signing time:             Sun 01 Jan 2023 12:35:02 +0000
ROA not before:           Sun 01 Jan 2023 12:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     132316
IP address blocks:        31.25.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:54:0c:a5:c2:29:7c:b6:06:4e:ed:03:b5:5c:79:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
        Validity
            Not Before: Jan  1 12:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9c7f3fc788036cdac988a733ff90e9e5da1df69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b2:70:90:62:63:c6:1b:1a:0c:eb:ea:2a:1d:
                    fa:d1:eb:48:90:1c:62:a6:65:87:88:61:90:6e:44:
                    b2:2f:e8:1b:f1:bd:fc:67:43:ca:6f:3f:d9:72:04:
                    33:96:84:50:4b:a6:b3:36:89:b1:91:e7:69:f1:a3:
                    5b:de:75:b5:ba:57:6d:79:60:b4:d2:84:64:44:0c:
                    2f:22:bd:8c:ce:69:57:21:b8:eb:13:37:eb:9a:20:
                    0f:0c:b9:a4:92:9d:6c:31:9d:28:a8:27:d8:8b:3c:
                    47:ca:e2:c6:2b:a3:56:5d:7b:fd:6e:45:9a:ba:cc:
                    88:3d:4b:83:dd:2c:5a:0e:1b:1d:cc:c5:2c:fe:28:
                    cc:1d:5f:40:78:eb:0d:67:08:1b:40:57:da:c1:aa:
                    d3:6d:2f:40:00:0a:7e:d1:de:d0:33:75:7d:8f:e4:
                    c7:17:3c:53:28:b0:a9:7f:7b:35:be:8e:62:29:85:
                    23:2f:45:e1:36:e0:9e:43:01:c2:be:22:3d:12:3c:
                    30:d1:26:bf:25:6b:1a:fa:c9:34:da:f3:52:1e:55:
                    a5:0f:39:24:0d:ff:cc:76:5e:b6:3f:55:2c:06:39:
                    8e:ce:ce:fe:5f:36:3f:c7:cd:b4:5a:1c:b6:ec:45:
                    42:77:32:b2:e7:da:f2:f4:9e:4f:59:dd:02:38:8f:
                    91:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:C7:F3:FC:78:80:36:CD:AC:98:8A:73:3F:F9:0E:9E:5D:A1:DF:69
            X509v3 Authority Key Identifier:
                keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ycfz_HiANs2smIpzP_kOnl2h32k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.25.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:9f:bd:af:54:41:ec:b6:cc:e9:e5:de:be:f3:b3:a7:3c:fe:
         56:20:15:92:1b:2b:be:e0:76:5a:8a:df:bf:70:75:bd:e1:b2:
         9b:a0:34:b6:59:03:4c:2a:5a:8b:0c:e7:22:62:f4:f8:eb:5b:
         be:74:62:9f:4c:bf:43:dc:9e:1e:45:37:60:be:1f:a1:eb:03:
         df:14:7c:25:6e:01:4c:22:78:95:17:a5:cb:7c:b1:70:2c:f0:
         71:a3:cc:78:36:59:79:1b:1f:1a:8b:ee:f7:c0:4d:73:60:f6:
         74:b4:2b:be:22:8a:37:cd:96:5e:02:83:ad:bc:a1:d7:18:20:
         6c:fb:34:41:73:2d:54:4a:57:15:57:a4:17:0c:91:a7:9a:b1:
         22:9c:ec:d9:88:cf:82:4a:fd:42:59:1e:19:a2:6f:30:59:fc:
         e3:58:14:e1:fc:38:5f:12:42:d7:f8:d6:50:d9:2e:97:3e:86:
         41:fa:21:12:2e:8c:83:86:60:ff:48:ea:c4:52:9a:f0:dd:69:
         6e:03:95:74:f6:19:fd:6d:a4:b5:b6:de:39:17:01:a4:ec:2d:
         ae:43:0e:75:b9:0c:36:23:18:a5:50:60:cc:a7:08:03:35:03:
         e6:35:0d:42:df:82:d0:49:00:a2:5d:40:cd:15:51:76:f9:67:
         64:31:0b:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVAylwil8tgZO7QO1XHmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwMTAxMTIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWM3ZjNmYzc4ODAzNmNkYWM5ODhhNzMzZmY5MGU5ZTVkYTFkZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7JwkGJjxhsaDOvqKh360etIkBxi
pmWHiGGQbkSyL+gb8b38Z0PKbz/ZcgQzloRQS6azNomxkedp8aNb3nW1uldteWC0
0oRkRAwvIr2MzmlXIbjrEzfrmiAPDLmkkp1sMZ0oqCfYizxHyuLGK6NWXXv9bkWa
usyIPUuD3SxaDhsdzMUs/ijMHV9AeOsNZwgbQFfawarTbS9AAAp+0d7QM3V9j+TH
FzxTKLCpf3s1vo5iKYUjL0XhNuCeQwHCviI9Ejww0Sa/JWsa+sk02vNSHlWlDzkk
Df/Mdl62P1UsBjmOzs7+XzY/x820Why27EVCdzKy59ry9J5PWd0COI+RvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnH8/x4gDbNrJiKcz/5Dp5dod9pMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEveWNmel9IaUFOczJzbUlwelBfa09ubDJoMzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxkLMA0G
CSqGSIb3DQEBCwUAA4IBAQA+n72vVEHstszp5d6+87OnPP5WIBWSGyu+4HZait+/
cHW94bKboDS2WQNMKlqLDOciYvT461u+dGKfTL9D3J4eRTdgvh+h6wPfFHwlbgFM
IniVF6XLfLFwLPBxo8x4Nll5Gx8ai+73wE1zYPZ0tCu+Ioo3zZZeAoOtvKHXGCBs
+zRBcy1USlcVV6QXDJGnmrEinOzZiM+CSv1CWR4Zom8wWfzjWBTh/DhfEkLX+NZQ
2S6XPoZB+iESLoyDhmD/SOrEUprw3WluA5V09hn9baS1tt45FwGk7C2uQw51uQw2
IxilUGDMpwgDNQPmNQ1C34LQSQCiXUDNFVF2+WdkMQsI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:37 2024 by rpki-client on console-fra.rpki-client.org