Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/YuCcjsEX6w6imSnPhfKnChDyEl0.roa
File:                     YuCcjsEX6w6imSnPhfKnChDyEl0.roa (raw, json)
Hash identifier:          k5InI5CtfO3gqF9feIiSJAy2gvI3mG4BRdlke5U1CAk=
Subject key identifier:   62:E0:9C:8E:C1:17:EB:0E:A2:99:29:CF:85:F2:A7:0A:10:F2:12:5D
Certificate issuer:       /CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Certificate serial:       01856DD43948C4E4B9F008B8060E4329E66D
Authority key identifier: A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/YuCcjsEX6w6imSnPhfKnChDyEl0.roa
Signing time:             Sun 01 Jan 2023 14:55:02 +0000
ROA not before:           Sun 01 Jan 2023 14:55:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209181
IP address blocks:        176.119.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:39:48:c4:e4:b9:f0:08:b8:06:0e:43:29:e6:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
        Validity
            Not Before: Jan  1 14:55:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62e09c8ec117eb0ea29929cf85f2a70a10f2125d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:53:ec:d8:8f:51:a9:6f:54:e5:aa:e5:73:0d:
                    95:03:51:b1:83:59:11:d4:7a:29:00:32:fd:af:f2:
                    e4:24:e9:e8:70:be:3c:cf:7c:2e:27:94:0e:2d:4a:
                    61:01:34:eb:b7:04:2d:a2:c5:e0:64:fc:33:15:ed:
                    84:6d:3b:f2:35:1f:ef:86:9b:09:42:9c:09:f1:0a:
                    d4:92:70:14:6b:b5:aa:b6:c6:c0:f4:23:fe:0f:7a:
                    af:8d:a8:4a:71:b1:84:b9:0b:57:f0:e0:2f:24:23:
                    3e:be:e3:5f:e1:f9:14:be:7f:64:f5:13:c4:9d:5e:
                    47:1d:b1:63:c2:c0:38:29:91:d1:47:40:80:34:31:
                    91:72:cf:88:5a:6e:5d:3a:ee:a5:2a:fc:33:d2:44:
                    f2:7e:23:76:26:58:14:cb:71:7a:e7:34:de:08:74:
                    e6:5e:f6:eb:70:ac:c1:fd:62:99:0d:0f:54:2f:81:
                    e0:a2:0c:83:26:9e:ee:ab:f7:03:6f:33:51:f8:d7:
                    e5:d9:21:e2:ba:0f:74:b5:8d:e7:04:f1:0d:7d:d7:
                    f1:50:00:cd:9b:f8:84:24:0f:22:d0:ca:8b:b8:6d:
                    63:2c:76:20:e8:f1:d5:08:27:63:60:1f:58:a1:cf:
                    6c:75:cc:93:56:3e:f6:d3:4f:30:23:5e:58:64:3d:
                    57:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:E0:9C:8E:C1:17:EB:0E:A2:99:29:CF:85:F2:A7:0A:10:F2:12:5D
            X509v3 Authority Key Identifier:
                keyid:A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/YuCcjsEX6w6imSnPhfKnChDyEl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.119.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:48:62:af:fa:e2:a3:18:1e:8d:03:94:22:da:e8:66:f5:de:
         df:cf:6f:58:82:43:d3:d4:e1:36:1c:d0:eb:a1:49:66:fd:a7:
         df:1c:fa:83:e8:af:ad:32:92:ba:c8:2e:2b:bb:c6:1a:c3:cb:
         50:8f:2a:11:c2:a0:8c:6b:73:cb:c2:e4:66:0e:41:ae:d3:57:
         fe:e7:37:4d:46:80:ce:83:27:60:1d:e6:c4:84:d2:cb:a8:bb:
         09:03:53:4d:11:2f:9a:fa:12:d2:ee:44:06:22:77:80:8c:d8:
         14:ef:f6:1b:2d:13:e9:72:ce:4d:dd:7a:30:8e:1d:24:96:ce:
         78:15:1a:db:73:c3:3b:81:ba:f0:1e:c9:e0:19:f1:22:3d:04:
         f7:94:f3:4e:4a:05:48:59:32:29:0d:91:13:26:68:e4:ec:49:
         f6:24:d5:e1:bc:1b:fa:c5:9d:e6:e8:43:dc:e3:ab:95:97:ad:
         59:bc:d8:d9:2a:ad:89:05:96:05:db:fc:b7:cb:33:27:d3:7f:
         a5:cd:0e:f5:39:cd:01:2c:5b:78:0c:8c:20:54:1f:b0:16:b4:
         44:c4:a7:6d:15:8b:e6:94:ab:15:c6:48:59:6d:58:ed:62:8c:
         96:41:d7:bd:a2:0b:54:df:ee:f7:6f:ec:94:ba:22:e7:0d:16:
         16:6f:07:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1DlIxOS58Ai4Bg5DKeZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTZiNDIzODNhZDg2MmNlNmEzNzRhZDJjYTZkMzZjMjU0
ZGM3YjEwHhcNMjMwMTAxMTQ1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmUwOWM4ZWMxMTdlYjBlYTI5OTI5Y2Y4NWYyYTcwYTEwZjIxMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFPs2I9RqW9U5arlcw2VA1Gxg1kR
1HopADL9r/LkJOnocL48z3wuJ5QOLUphATTrtwQtosXgZPwzFe2EbTvyNR/vhpsJ
QpwJ8QrUknAUa7WqtsbA9CP+D3qvjahKcbGEuQtX8OAvJCM+vuNf4fkUvn9k9RPE
nV5HHbFjwsA4KZHRR0CANDGRcs+IWm5dOu6lKvwz0kTyfiN2JlgUy3F65zTeCHTm
XvbrcKzB/WKZDQ9UL4HgogyDJp7uq/cDbzNR+Nfl2SHiug90tY3nBPENfdfxUADN
m/iEJA8i0MqLuG1jLHYg6PHVCCdjYB9Yoc9sdcyTVj72008wI15YZD1XqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLgnI7BF+sOopkpz4XypwoQ8hJdMB8GA1UdIwQY
MBaAFKBWtCODrYYs5qN0rSym02wlTcexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDct
OWIzZGQ0MTdjMzA4LzEvWXVDY2pzRVg2dzZpbVNuUGhmS25DaER5RWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDctOWIzZGQ0MTdjMzA4
LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHfeMA0G
CSqGSIb3DQEBCwUAA4IBAQBYSGKv+uKjGB6NA5Qi2uhm9d7fz29YgkPT1OE2HNDr
oUlm/affHPqD6K+tMpK6yC4ru8Yaw8tQjyoRwqCMa3PLwuRmDkGu01f+5zdNRoDO
gydgHebEhNLLqLsJA1NNES+a+hLS7kQGIneAjNgU7/YbLRPpcs5N3Xowjh0kls54
FRrbc8M7gbrwHsngGfEiPQT3lPNOSgVIWTIpDZETJmjk7En2JNXhvBv6xZ3m6EPc
46uVl61ZvNjZKq2JBZYF2/y3yzMn03+lzQ71Oc0BLFt4DIwgVB+wFrRExKdtFYvm
lKsVxkhZbVjtYoyWQde9ogtU3+73b+yUuiLnDRYWbwcX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:19 2024 by rpki-client on console-ams.rpki-client.org