Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/703df2-b8b4-48f7-9301-de81c7c1e754/1/WY2ovtSbg5rGffcJWEUEYXhvL7c.roa
File:                     WY2ovtSbg5rGffcJWEUEYXhvL7c.roa (raw, json)
Hash identifier:          R5e0flTRt5lYei7VxJQMIzgMh6oqzFcIyPL9BeWwDs4=
Subject key identifier:   59:8D:A8:BE:D4:9B:83:9A:C6:7D:F7:09:58:45:04:61:78:6F:2F:B7
Certificate issuer:       /CN=8e2b2982bbbd438b7ab1ac04e36c1880f38c6ada
Certificate serial:       018570674F868D6025DABCF5BB084699FCB2
Authority key identifier: 8E:2B:29:82:BB:BD:43:8B:7A:B1:AC:04:E3:6C:18:80:F3:8C:6A:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jispgru9Q4t6sawE42wYgPOMato.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/703df2-b8b4-48f7-9301-de81c7c1e754/1/WY2ovtSbg5rGffcJWEUEYXhvL7c.roa
Signing time:             Mon 02 Jan 2023 02:54:56 +0000
ROA not before:           Mon 02 Jan 2023 02:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34538
IP address blocks:        193.239.158.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:4f:86:8d:60:25:da:bc:f5:bb:08:46:99:fc:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e2b2982bbbd438b7ab1ac04e36c1880f38c6ada
        Validity
            Not Before: Jan  2 02:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=598da8bed49b839ac67df70958450461786f2fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a4:cb:94:6b:1c:76:a0:ce:20:00:ee:1f:08:
                    86:b9:8f:3b:fe:af:bd:2f:59:08:db:d7:4b:a5:24:
                    24:24:3d:eb:c3:a6:72:37:a3:ad:39:1f:e2:ff:c0:
                    1a:32:cf:12:27:2a:02:49:c8:86:59:72:da:57:e4:
                    8d:4a:87:c4:8e:37:30:dc:bb:9d:91:c7:cd:0a:f8:
                    f0:50:4d:81:62:d5:35:79:91:fe:4f:65:36:89:6d:
                    12:05:d6:32:f6:2d:c9:fd:05:c0:18:f0:7c:64:42:
                    39:9f:26:cf:15:91:e8:d9:4f:e2:47:f5:e7:51:f3:
                    0f:27:2e:fd:57:97:60:cc:8b:7e:99:50:54:1f:bb:
                    30:bf:6e:5f:7d:95:46:47:40:85:0f:a9:87:62:a2:
                    26:96:75:9a:15:d7:f6:eb:c3:c8:f8:89:ce:d5:85:
                    35:5d:c5:dc:4e:a5:ac:1a:c8:13:2d:b9:0b:69:a0:
                    9a:4e:f0:ae:6a:f0:08:13:bb:df:bf:0a:99:f1:4d:
                    39:8e:b9:b6:65:6e:7b:4b:f1:99:40:32:62:e4:e1:
                    cf:ab:17:8d:2c:77:f4:15:bb:0e:9b:75:16:f1:90:
                    87:03:17:85:fe:18:cc:b7:cc:f4:cd:ea:ec:65:96:
                    39:18:5f:b9:59:01:71:5f:a3:ed:15:8b:26:00:e5:
                    13:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:8D:A8:BE:D4:9B:83:9A:C6:7D:F7:09:58:45:04:61:78:6F:2F:B7
            X509v3 Authority Key Identifier:
                keyid:8E:2B:29:82:BB:BD:43:8B:7A:B1:AC:04:E3:6C:18:80:F3:8C:6A:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jispgru9Q4t6sawE42wYgPOMato.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/703df2-b8b4-48f7-9301-de81c7c1e754/1/WY2ovtSbg5rGffcJWEUEYXhvL7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/703df2-b8b4-48f7-9301-de81c7c1e754/1/jispgru9Q4t6sawE42wYgPOMato.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.239.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:78:76:23:5b:e5:f7:52:34:bc:4a:7b:f8:e6:05:45:09:a3:
         4b:04:87:11:d7:9d:bb:32:b7:f7:b1:29:90:37:ee:85:04:2c:
         e4:33:73:9f:0b:ea:37:30:46:e3:b0:06:49:8f:14:f0:7f:b3:
         62:87:36:d3:52:68:79:20:10:75:08:43:0e:ec:60:3b:dd:54:
         fc:ef:e9:78:9a:c3:a5:67:18:1f:a3:71:11:68:ed:c7:64:e5:
         f0:0b:0c:76:fa:bb:d7:65:00:e9:18:2d:ce:f0:95:87:e2:cf:
         db:88:cc:d2:f4:fa:d0:05:b2:0c:ff:d9:f2:27:2e:a0:dd:ce:
         92:f4:46:22:af:31:87:53:e5:a8:b8:77:3e:94:a5:a0:5e:85:
         44:66:1e:00:8f:d9:21:33:ec:bc:07:02:78:f0:63:2b:1e:d5:
         26:48:f3:a4:d7:63:bd:d0:9b:36:6f:48:cf:07:4f:e1:0d:64:
         ae:9c:70:dc:5c:91:8b:90:21:0b:c7:ce:17:73:fa:20:23:a2:
         c0:92:af:6a:79:b0:77:f7:7c:72:75:e7:c9:89:ce:49:92:eb:
         5d:16:fd:1f:27:30:6f:9b:ee:5e:d3:41:6d:90:a9:29:8c:bd:
         24:62:13:a6:3f:14:e9:9d:56:f7:d9:88:a8:cc:f0:9a:ec:17:
         82:d7:73:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ0+GjWAl2rz1uwhGmfyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMmIyOTgyYmJiZDQzOGI3YWIxYWMwNGUzNmMxODgwZjM4
YzZhZGEwHhcNMjMwMTAyMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThkYThiZWQ0OWI4MzlhYzY3ZGY3MDk1ODQ1MDQ2MTc4NmYyZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKTLlGscdqDOIADuHwiGuY87/q+9
L1kI29dLpSQkJD3rw6ZyN6OtOR/i/8AaMs8SJyoCSciGWXLaV+SNSofEjjcw3Lud
kcfNCvjwUE2BYtU1eZH+T2U2iW0SBdYy9i3J/QXAGPB8ZEI5nybPFZHo2U/iR/Xn
UfMPJy79V5dgzIt+mVBUH7swv25ffZVGR0CFD6mHYqImlnWaFdf268PI+InO1YU1
XcXcTqWsGsgTLbkLaaCaTvCuavAIE7vfvwqZ8U05jrm2ZW57S/GZQDJi5OHPqxeN
LHf0FbsOm3UW8ZCHAxeF/hjMt8z0zersZZY5GF+5WQFxX6PtFYsmAOUTSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmNqL7Um4Oaxn33CVhFBGF4by+3MB8GA1UdIwQY
MBaAFI4rKYK7vUOLerGsBONsGIDzjGraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamlzcGdydTlRNHQ2c2F3RTQyd1lnUE9NYXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83MDNkZjItYjhiNC00OGY3LTkzMDEt
ZGU4MWM3YzFlNzU0LzEvV1kyb3Z0U2JnNXJHZmZjSldFVUVZWGh2TDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83MDNkZjItYjhiNC00OGY3LTkzMDEtZGU4MWM3YzFlNzU0
LzEvamlzcGdydTlRNHQ2c2F3RTQyd1lnUE9NYXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwe+eMA0G
CSqGSIb3DQEBCwUAA4IBAQAveHYjW+X3UjS8Snv45gVFCaNLBIcR1527Mrf3sSmQ
N+6FBCzkM3OfC+o3MEbjsAZJjxTwf7NihzbTUmh5IBB1CEMO7GA73VT87+l4msOl
Zxgfo3ERaO3HZOXwCwx2+rvXZQDpGC3O8JWH4s/biMzS9PrQBbIM/9nyJy6g3c6S
9EYirzGHU+WouHc+lKWgXoVEZh4Aj9khM+y8BwJ48GMrHtUmSPOk12O90Js2b0jP
B0/hDWSunHDcXJGLkCELx84Xc/ogI6LAkq9qebB393xydefJic5JkutdFv0fJzBv
m+5e00FtkKkpjL0kYhOmPxTpnVb32YiozPCa7BeC13OW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:06 2024 by rpki-client on console-ams.rpki-client.org