Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YybycYbvG1yyoN04gnd6WPUYnJc.roa
File:                     YybycYbvG1yyoN04gnd6WPUYnJc.roa (raw, json)
Hash identifier:          8Cq8sfWQSkDwRBDxOhJp/soq2+/iysOoRKfgymoBRDE=
Subject key identifier:   63:26:F2:71:86:EF:1B:5C:B2:A0:DD:38:82:77:7A:58:F5:18:9C:97
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       018B3137172F1E3950F3214F7D9EBC977012
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YybycYbvG1yyoN04gnd6WPUYnJc.roa
Signing time:             Sun 15 Oct 2023 02:42:55 +0000
ROA not before:           Sun 15 Oct 2023 02:42:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        195.133.202.0/23 maxlen: 24
                          195.133.208.0/23 maxlen: 24
                          194.88.96.0/21 maxlen: 24
                          89.37.216.0/23 maxlen: 24
                          84.234.24.0/22 maxlen: 24
                          62.112.0.0/21 maxlen: 24
                          62.112.12.0/23 maxlen: 24
                          194.58.64.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 08:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:31:37:17:2f:1e:39:50:f3:21:4f:7d:9e:bc:97:70:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Oct 15 02:42:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6326f27186ef1b5cb2a0dd3882777a58f5189c97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:f9:ab:2f:76:75:39:b0:9c:32:df:29:8d:8f:
                    d8:48:43:7b:d8:77:73:ca:0a:2f:c5:dc:81:91:6b:
                    ab:f8:4f:46:6b:e9:98:e5:b5:13:b6:8c:51:56:4a:
                    5c:c0:1e:b5:3d:a6:a6:5d:18:00:12:cb:86:95:8a:
                    99:1d:c0:69:d4:22:c7:ef:14:6b:11:6e:db:44:12:
                    99:34:dd:29:06:f3:a8:be:22:20:45:22:fd:4f:4f:
                    15:4e:8a:14:c9:d4:55:10:82:d1:d5:1c:45:1f:48:
                    fd:0e:82:46:dd:cb:86:c4:f5:32:b4:bb:13:d1:27:
                    58:0f:95:31:c2:76:0f:c1:9d:bb:b3:fe:8a:00:b3:
                    0d:45:24:a6:aa:37:5d:5f:4c:58:f8:23:f6:b4:d6:
                    d1:5f:b2:8a:c4:ec:f2:6b:88:c1:f8:66:36:25:41:
                    dd:ec:c1:19:cd:bb:d2:69:ba:0f:25:9a:5e:be:68:
                    1f:97:22:2f:34:02:2d:ce:97:af:2d:43:54:36:0b:
                    02:b5:43:a9:6f:62:3a:cf:54:94:e0:be:60:cd:11:
                    f3:0f:a0:ea:b3:71:9f:49:9c:0e:61:ab:eb:2d:d1:
                    dc:e9:51:84:f7:12:a9:8e:e6:c5:0e:84:e2:6c:e7:
                    d4:f0:86:18:fe:56:21:ae:55:bf:aa:f9:fd:2b:a6:
                    96:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:26:F2:71:86:EF:1B:5C:B2:A0:DD:38:82:77:7A:58:F5:18:9C:97
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YybycYbvG1yyoN04gnd6WPUYnJc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.112.0.0/21
                  62.112.12.0/23
                  84.234.24.0/22
                  89.37.216.0/23
                  194.58.64.0/23
                  194.88.96.0/21
                  195.133.202.0/23
                  195.133.208.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:e3:b4:e8:b5:8e:d1:87:21:e8:15:30:6d:b5:0e:dc:27:96:
         cd:93:6b:9b:d0:c1:ab:bf:a0:b1:2c:08:a1:13:e3:96:84:71:
         bb:1d:a0:4b:4f:c7:33:6a:2d:5a:13:02:fd:5d:d1:19:98:8f:
         de:1d:30:4d:1b:c0:28:54:23:3d:48:24:f1:b8:89:c3:17:80:
         b0:f8:e4:fa:01:64:33:8f:1d:01:d3:51:e8:f0:eb:a4:97:30:
         04:67:c3:24:63:99:1e:44:db:c6:9b:7a:56:41:d1:7e:9f:9b:
         be:ce:dd:df:ee:4b:93:31:49:7e:31:54:e7:57:b7:6a:d2:8a:
         e8:1c:5b:e7:00:33:39:e1:b4:ea:c9:dd:b5:90:13:87:92:17:
         41:58:ff:0d:ff:e9:3b:79:cd:47:c4:90:10:e3:5d:cc:b3:05:
         9b:fa:93:7d:75:3e:48:32:06:71:76:ce:fb:69:78:6e:83:f4:
         b6:fb:96:18:98:7d:b5:e2:d7:84:07:3a:67:c3:dd:35:da:99:
         b0:42:4e:7a:8c:84:fc:0b:ba:ce:1d:6c:92:98:4b:22:62:a6:
         fa:b7:bc:13:a7:cf:44:23:7b:21:6c:2c:b8:7c:f6:f5:c2:74:
         6f:5a:6d:f1:93:4d:24:36:34:9d:38:a1:3c:1e:29:8c:fa:d5:
         98:54:b5:0b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYsxNxcvHjlQ8yFPfZ68l3ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDE1MDI0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI2ZjI3MTg2ZWYxYjVjYjJhMGRkMzg4Mjc3N2E1OGY1MTg5Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+/mrL3Z1ObCcMt8pjY/YSEN72Hdz
ygovxdyBkWur+E9Ga+mY5bUTtoxRVkpcwB61PaamXRgAEsuGlYqZHcBp1CLH7xRr
EW7bRBKZNN0pBvOoviIgRSL9T08VTooUydRVEILR1RxFH0j9DoJG3cuGxPUytLsT
0SdYD5UxwnYPwZ27s/6KALMNRSSmqjddX0xY+CP2tNbRX7KKxOzya4jB+GY2JUHd
7MEZzbvSaboPJZpevmgflyIvNAItzpevLUNUNgsCtUOpb2I6z1SU4L5gzRHzD6Dq
s3GfSZwOYavrLdHc6VGE9xKpjubFDoTibOfU8IYY/lYhrlW/qvn9K6aWOwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGMm8nGG7xtcsqDdOIJ3elj1GJyXMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvWXlieWNZYnZHMXl5b04wNGduZDZXUFVZbkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDPnAAAwQB
PnAMAwQCVOoYAwQBWSXYAwQBwjpAAwQDwlhgAwQBw4XKAwQBw4XQMA0GCSqGSIb3
DQEBCwUAA4IBAQCM47TotY7RhyHoFTBttQ7cJ5bNk2ub0MGrv6CxLAihE+OWhHG7
HaBLT8czai1aEwL9XdEZmI/eHTBNG8AoVCM9SCTxuInDF4Cw+OT6AWQzjx0B01Ho
8OuklzAEZ8MkY5keRNvGm3pWQdF+n5u+zt3f7kuTMUl+MVTnV7dq0oroHFvnADM5
4bTqyd21kBOHkhdBWP8N/+k7ec1HxJAQ413MswWb+pN9dT5IMgZxds77aXhug/S2
+5YYmH214teEBzpnw9012pmwQk56jIT8C7rOHWySmEsiYqb6t7wTp89EI3shbCy4
fPb1wnRvWm3xk00kNjSdOKE8HimM+tWYVLUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org