Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/YT41kC3cMdnoC8sUdcCOGDSOj9s.roa
File:                     YT41kC3cMdnoC8sUdcCOGDSOj9s.roa (raw, json)
Hash identifier:          njw4a/CmPGBAUItsWep/G1lozF9MXEYRxkzNxULKTIk=
Subject key identifier:   61:3E:35:90:2D:DC:31:D9:E8:0B:CB:14:75:C0:8E:18:34:8E:8F:DB
Certificate issuer:       /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial:       018A1671B4C8297BB425818485588F5A048A
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/YT41kC3cMdnoC8sUdcCOGDSOj9s.roa
Signing time:             Mon 21 Aug 2023 04:54:25 +0000
ROA not before:           Mon 21 Aug 2023 04:54:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203
IP address blocks:        212.138.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 07:11:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:16:71:b4:c8:29:7b:b4:25:81:84:85:58:8f:5a:04:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
        Validity
            Not Before: Aug 21 04:54:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=613e35902ddc31d9e80bcb1475c08e18348e8fdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ed:7d:71:76:2c:04:04:26:77:e1:9c:a7:a5:
                    20:8a:b0:e0:17:93:95:bc:e9:d0:bc:68:ce:32:34:
                    db:57:f7:06:1b:fe:70:ce:b0:21:8b:50:0b:24:9f:
                    e5:5e:6e:1b:5d:3f:6c:2d:10:e8:cc:3e:9a:76:97:
                    83:9d:81:03:bb:dc:e5:59:93:e3:da:57:1d:8f:9f:
                    85:1d:b9:23:ef:e0:19:c4:92:05:ec:f6:f5:49:8d:
                    67:0d:35:cc:69:e6:cb:30:d0:5a:d6:a0:f1:d8:a0:
                    cc:90:dd:76:14:63:ca:5b:e4:8f:7c:bf:f4:2a:4c:
                    d2:c4:25:e0:db:ba:c4:72:0b:0a:fa:42:ba:da:79:
                    4b:cf:b7:f5:11:35:e6:77:e8:66:91:6c:d0:6b:93:
                    38:85:5e:8e:48:17:9a:32:28:fa:1b:d7:2a:de:d2:
                    93:ba:72:07:bd:9b:f0:24:e8:75:b1:f6:0d:c9:d6:
                    55:74:0a:b1:e1:de:a0:b3:2b:b5:c6:0b:a6:cc:72:
                    3d:e7:2a:55:28:c9:b2:05:7e:39:ba:30:a4:f9:b5:
                    dc:1e:68:1a:f0:99:dd:08:aa:2c:26:1e:f4:5e:66:
                    a6:6c:77:86:ad:f7:a3:d9:8e:ae:39:4d:57:c2:84:
                    69:76:f1:b7:e3:36:0e:a6:c6:b2:2e:2c:4d:4b:da:
                    0a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:3E:35:90:2D:DC:31:D9:E8:0B:CB:14:75:C0:8E:18:34:8E:8F:DB
            X509v3 Authority Key Identifier:
                keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/YT41kC3cMdnoC8sUdcCOGDSOj9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.138.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:9c:c3:41:e5:d5:96:3d:45:b0:a6:f6:ca:70:fe:4a:51:c7:
         97:6c:0d:04:cf:86:23:05:df:83:38:fe:74:c8:80:eb:a2:22:
         13:50:cf:d4:40:9c:87:0b:d6:b8:28:f7:7d:16:09:69:89:92:
         d9:fb:f5:29:50:7b:fb:72:8a:90:9a:94:19:d7:14:aa:a4:f2:
         49:12:b6:5a:a2:08:b9:48:76:71:e9:ef:60:8d:70:3b:89:5e:
         09:a7:03:73:73:a7:1f:8c:cc:58:89:82:b4:6c:44:48:bc:9f:
         69:b3:8c:db:66:95:b1:36:6b:9e:4c:ce:3e:f2:e2:b4:6d:07:
         a6:ee:72:f0:eb:f8:de:06:6f:66:2b:28:ba:14:4b:18:0e:30:
         6d:c0:f6:2c:32:70:7f:f6:97:b4:b0:42:d7:31:9d:6b:8c:27:
         59:95:62:86:79:47:2f:db:7b:1a:8d:ee:a9:38:31:88:de:92:
         a0:62:f4:95:90:aa:e9:bb:2f:80:d6:5b:ea:85:3a:bc:ea:85:
         57:15:39:ab:27:7f:03:4f:c8:26:d8:7e:fb:22:82:21:e1:4f:
         06:16:71:a8:8a:7b:1a:59:ea:c8:5c:fe:b9:62:7d:db:c7:d7:
         af:20:ed:5b:b5:82:3e:dd:10:33:b9:54:24:bc:d9:5b:e7:d6:
         0b:86:95:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoWcbTIKXu0JYGEhViPWgSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMwODIxMDQ1NDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTNlMzU5MDJkZGMzMWQ5ZTgwYmNiMTQ3NWMwOGUxODM0OGU4ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO19cXYsBAQmd+Gcp6UgirDgF5OV
vOnQvGjOMjTbV/cGG/5wzrAhi1ALJJ/lXm4bXT9sLRDozD6adpeDnYEDu9zlWZPj
2lcdj5+FHbkj7+AZxJIF7Pb1SY1nDTXMaebLMNBa1qDx2KDMkN12FGPKW+SPfL/0
KkzSxCXg27rEcgsK+kK62nlLz7f1ETXmd+hmkWzQa5M4hV6OSBeaMij6G9cq3tKT
unIHvZvwJOh1sfYNydZVdAqx4d6gsyu1xgumzHI95ypVKMmyBX45ujCk+bXcHmga
8JndCKosJh70XmambHeGrfej2Y6uOU1XwoRpdvG34zYOpsayLixNS9oK7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGE+NZAt3DHZ6AvLFHXAjhg0jo/bMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvWVQ0MWtDM2NNZG5vQzhzVWRjQ09HRFNPajlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1IpAMA0G
CSqGSIb3DQEBCwUAA4IBAQADnMNB5dWWPUWwpvbKcP5KUceXbA0Ez4YjBd+DOP50
yIDroiITUM/UQJyHC9a4KPd9FglpiZLZ+/UpUHv7coqQmpQZ1xSqpPJJErZaogi5
SHZx6e9gjXA7iV4JpwNzc6cfjMxYiYK0bERIvJ9ps4zbZpWxNmueTM4+8uK0bQem
7nLw6/jeBm9mKyi6FEsYDjBtwPYsMnB/9pe0sELXMZ1rjCdZlWKGeUcv23saje6p
ODGI3pKgYvSVkKrpuy+A1lvqhTq86oVXFTmrJ38DT8gm2H77IoIh4U8GFnGoinsa
WerIXP65Yn3bx9evIO1btYI+3RAzuVQkvNlb59YLhpVw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org