Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/Y-9T-p-3Df1M7P3AuJlTZxNSL5I.roa
File:                     Y-9T-p-3Df1M7P3AuJlTZxNSL5I.roa (raw, json)
Hash identifier:          xoJ7uO/2mX8M0QR5uJ1EFYRiDhwuADvx2KYZdHrgiDs=
Subject key identifier:   63:EF:53:FA:9F:B7:0D:FD:4C:EC:FD:C0:B8:99:53:67:13:52:2F:92
Certificate issuer:       /CN=64a7a6cd583814d393bee2635b545574cc75620c
Certificate serial:       018C1A611E1A587E2B07EF4AAFD98D2B07D6
Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/Y-9T-p-3Df1M7P3AuJlTZxNSL5I.roa
Signing time:             Wed 29 Nov 2023 09:20:21 +0000
ROA not before:           Wed 29 Nov 2023 09:20:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51554
IP address blocks:        185.157.8.0/23 maxlen: 23
                          185.157.8.0/22 maxlen: 22
                          185.157.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1a:61:1e:1a:58:7e:2b:07:ef:4a:af:d9:8d:2b:07:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c
        Validity
            Not Before: Nov 29 09:20:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=63ef53fa9fb70dfd4cecfdc0b899536713522f92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:16:01:38:00:17:4f:67:0c:5b:c0:42:ad:0f:
                    a2:7c:cd:b2:da:c2:02:8e:33:23:27:a2:23:f4:f6:
                    86:89:aa:ce:71:6e:4f:20:cd:8c:8f:1f:5c:44:bb:
                    df:a2:10:f5:a1:d5:e4:45:d5:94:06:51:01:fb:93:
                    10:62:6f:65:09:c7:68:65:07:c4:89:13:0d:62:51:
                    8e:b8:7c:f5:d8:fd:a1:dc:85:1d:d5:11:f0:5c:9b:
                    96:e0:45:a4:b4:ab:e0:01:ce:78:4c:f8:d7:39:b4:
                    b4:b4:a0:f9:59:a1:a5:c2:48:ef:16:02:f4:9d:b0:
                    69:54:6d:fa:6e:21:1b:d7:52:cf:81:77:c9:c1:9a:
                    e7:38:88:23:52:ee:ad:db:3f:1e:44:22:d3:67:dc:
                    fe:29:72:53:10:00:b1:44:df:90:13:f3:be:be:ab:
                    63:93:16:8c:a1:f8:d4:26:15:17:83:8d:d2:cc:fd:
                    ad:ac:81:c3:bc:ff:7d:54:84:b3:44:dd:6c:d1:23:
                    31:5d:b4:75:af:90:97:56:1e:de:53:52:b9:64:b7:
                    aa:f7:e6:18:f2:ee:43:26:c7:35:e5:07:ed:1b:5a:
                    59:44:e7:64:98:95:f1:b7:1c:bc:49:05:ee:37:f9:
                    83:a5:15:8c:0f:1e:34:70:47:ba:84:cc:1d:eb:6f:
                    b4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:EF:53:FA:9F:B7:0D:FD:4C:EC:FD:C0:B8:99:53:67:13:52:2F:92
            X509v3 Authority Key Identifier:
                keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/Y-9T-p-3Df1M7P3AuJlTZxNSL5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:8b:2a:c3:a3:a9:38:3f:4e:e9:27:d9:c5:8b:35:52:cc:2a:
         32:fc:2d:80:8c:16:a1:c0:65:f5:63:68:f9:10:13:c1:62:c2:
         25:3e:e9:5f:f8:15:e9:3d:db:94:d1:d6:59:00:78:13:ba:fb:
         8f:d7:8f:1e:85:0f:f2:05:68:52:0b:d0:f0:ed:57:ae:b9:2c:
         d3:bd:38:7b:d0:0f:a2:0d:d0:76:21:05:8f:e2:39:09:55:93:
         2b:c2:3c:e7:3a:50:00:4f:38:6f:a5:0b:4c:18:46:5e:9a:9b:
         1b:b8:d4:80:de:24:87:ce:42:bf:5b:d7:23:24:69:8f:3c:c2:
         e7:fa:c5:36:41:ed:66:e0:fc:25:fc:be:77:7d:8c:70:10:9c:
         c4:e5:d9:62:d8:61:33:07:05:bc:f8:f7:ea:61:91:c2:95:e8:
         b2:51:d1:fb:59:f1:8f:43:b6:32:81:1f:97:b3:0c:78:42:40:
         36:64:90:36:bd:a3:ca:68:56:4f:57:a4:8f:fc:ef:dd:79:3c:
         32:7b:58:a2:b6:ee:8d:db:2e:0d:a2:97:5a:e6:fb:fa:98:4e:
         20:d3:1e:d4:33:6f:70:a0:82:11:a7:15:55:bc:0f:3b:1a:7e:
         13:d1:40:77:8c:d4:96:1f:66:f0:c3:4b:70:e6:b3:d4:1c:cf:
         c3:47:5b:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwaYR4aWH4rB+9Kr9mNKwfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3
NTYyMGMwHhcNMjMxMTI5MDkyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2VmNTNmYTlmYjcwZGZkNGNlY2ZkYzBiODk5NTM2NzEzNTIyZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xYBOAAXT2cMW8BCrQ+ifM2y2sIC
jjMjJ6Ij9PaGiarOcW5PIM2Mjx9cRLvfohD1odXkRdWUBlEB+5MQYm9lCcdoZQfE
iRMNYlGOuHz12P2h3IUd1RHwXJuW4EWktKvgAc54TPjXObS0tKD5WaGlwkjvFgL0
nbBpVG36biEb11LPgXfJwZrnOIgjUu6t2z8eRCLTZ9z+KXJTEACxRN+QE/O+vqtj
kxaMofjUJhUXg43SzP2trIHDvP99VISzRN1s0SMxXbR1r5CXVh7eU1K5ZLeq9+YY
8u5DJsc15QftG1pZROdkmJXxtxy8SQXuN/mDpRWMDx40cEe6hMwd62+0+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPvU/qftw39TOz9wLiZU2cTUi+SMB8GA1UdIwQY
MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt
NmY1ZDhhNzRhMGU0LzEvWS05VC1wLTNEZjFNN1AzQXVKbFRaeE5TTDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0
LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ0IMA0G
CSqGSIb3DQEBCwUAA4IBAQBMiyrDo6k4P07pJ9nFizVSzCoy/C2AjBahwGX1Y2j5
EBPBYsIlPulf+BXpPduU0dZZAHgTuvuP148ehQ/yBWhSC9Dw7VeuuSzTvTh70A+i
DdB2IQWP4jkJVZMrwjznOlAATzhvpQtMGEZempsbuNSA3iSHzkK/W9cjJGmPPMLn
+sU2Qe1m4Pwl/L53fYxwEJzE5dli2GEzBwW8+PfqYZHCleiyUdH7WfGPQ7YygR+X
swx4QkA2ZJA2vaPKaFZPV6SP/O/deTwye1iitu6N2y4Nopda5vv6mE4g0x7UM29w
oIIRpxVVvA87Gn4T0UB3jNSWH2bww0tw5rPUHM/DR1s+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org