Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/393d36-77bf-4ae2-9324-340f433584d2/1/uKgkwt-j3uWNCJ0LrpgdMy0IJrU.roa
File:                     uKgkwt-j3uWNCJ0LrpgdMy0IJrU.roa (raw, json)
Hash identifier:          8HHxC2yA6YSF3vmwxV51z6GvRUx1Yt27PYZAAgF6ynU=
Subject key identifier:   B8:A8:24:C2:DF:A3:DE:E5:8D:08:9D:0B:AE:98:1D:33:2D:08:26:B5
Certificate issuer:       /CN=106c0f395410f286c8576576d7d2f78304b5e83a
Certificate serial:       018572BA3EAD3FEDF912A99AFFF9716B4C15
Authority key identifier: 10:6C:0F:39:54:10:F2:86:C8:57:65:76:D7:D2:F7:83:04:B5:E8:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EGwPOVQQ8obIV2V219L3gwS16Do.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/393d36-77bf-4ae2-9324-340f433584d2/1/uKgkwt-j3uWNCJ0LrpgdMy0IJrU.roa
Signing time:             Mon 02 Jan 2023 13:44:46 +0000
ROA not before:           Mon 02 Jan 2023 13:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50802
IP address blocks:        46.151.104.0/21 maxlen: 24
                          195.135.240.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:3e:ad:3f:ed:f9:12:a9:9a:ff:f9:71:6b:4c:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=106c0f395410f286c8576576d7d2f78304b5e83a
        Validity
            Not Before: Jan  2 13:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8a824c2dfa3dee58d089d0bae981d332d0826b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:bc:75:21:c1:6e:05:0b:4b:65:7d:7c:8b:7d:
                    48:54:a6:67:ef:57:a5:1b:df:23:5f:da:29:f7:7c:
                    d5:d0:b5:a5:6c:0c:2d:71:15:12:e6:2f:87:fc:87:
                    1b:76:e9:83:40:f2:ad:fc:f5:4b:3b:72:24:ea:82:
                    91:68:a3:2e:41:82:ea:27:28:d3:eb:09:03:64:1f:
                    8d:1a:df:9d:b6:8e:c3:ab:f8:b9:2f:9b:c2:70:dd:
                    aa:ce:d9:18:2a:b7:dd:a0:24:a9:57:65:4d:54:31:
                    e1:5d:8c:00:d7:20:33:b1:9d:52:8e:5a:67:1f:45:
                    e2:0f:b9:ad:cc:a0:5f:49:bf:85:38:c9:c7:eb:1b:
                    5e:a7:d3:a1:bc:d5:64:e6:2c:1f:e4:2a:56:70:af:
                    2b:ac:37:0e:d7:3a:ce:cb:b3:93:f9:98:98:47:64:
                    b6:73:df:94:68:6e:6d:42:eb:e8:3c:2a:8c:5e:32:
                    1e:6f:3a:86:25:71:fd:8a:d6:30:c8:df:e4:1d:33:
                    87:b0:4c:9a:b8:2f:c6:03:dc:f6:e9:3d:1f:22:18:
                    30:07:20:87:c3:af:3e:81:44:12:1b:70:1d:a9:7f:
                    0f:30:18:e3:45:f1:48:93:8b:e8:53:e8:92:f3:3c:
                    05:01:93:16:57:94:4c:66:78:64:f1:d6:47:66:7d:
                    73:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:A8:24:C2:DF:A3:DE:E5:8D:08:9D:0B:AE:98:1D:33:2D:08:26:B5
            X509v3 Authority Key Identifier:
                keyid:10:6C:0F:39:54:10:F2:86:C8:57:65:76:D7:D2:F7:83:04:B5:E8:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EGwPOVQQ8obIV2V219L3gwS16Do.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/393d36-77bf-4ae2-9324-340f433584d2/1/uKgkwt-j3uWNCJ0LrpgdMy0IJrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/393d36-77bf-4ae2-9324-340f433584d2/1/EGwPOVQQ8obIV2V219L3gwS16Do.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.151.104.0/21
                  195.135.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:86:25:67:fe:82:f9:1d:f8:f7:ba:39:9e:29:a9:8c:19:b4:
         b4:bb:08:da:2a:0c:bb:cc:12:24:56:ea:30:4a:24:51:22:c7:
         42:c1:81:88:a3:50:34:7c:0c:48:61:93:f5:1e:97:71:73:f7:
         36:8c:1e:ef:37:41:fe:ef:92:bd:d3:1f:32:25:3f:f9:88:ed:
         21:1e:4d:6d:50:29:cc:df:fe:2c:e8:f6:db:28:54:9b:cd:3a:
         6e:b5:d8:a0:6c:82:cb:6f:87:40:0c:84:ac:a3:9c:be:46:80:
         49:6f:97:63:5d:f9:77:82:9c:a2:ad:85:37:1c:bb:86:a5:d1:
         73:d0:4d:bf:64:03:17:c9:15:a5:14:6d:8f:5c:46:02:ca:5c:
         33:01:0f:e1:4a:8a:6f:28:11:c1:84:fc:a4:5a:f7:4a:33:3e:
         05:a7:24:9c:6f:ec:76:d4:6d:a9:54:16:cc:db:d0:8f:04:63:
         f6:44:a3:6a:d1:48:ae:89:b6:0a:25:d2:97:25:01:98:8b:80:
         b4:ba:2a:26:f0:14:74:de:8d:7a:55:eb:6e:03:05:f8:62:37:
         18:48:96:75:2f:a2:c2:91:73:16:21:01:e0:95:b5:1e:81:22:
         36:bd:6f:d5:15:ef:bd:ce:06:d3:42:1e:8a:c6:35:b6:95:ed:
         de:65:2e:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyuj6tP+35Eqma//lxa0wVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNmMwZjM5NTQxMGYyODZjODU3NjU3NmQ3ZDJmNzgzMDRi
NWU4M2EwHhcNMjMwMTAyMTM0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGE4MjRjMmRmYTNkZWU1OGQwODlkMGJhZTk4MWQzMzJkMDgyNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbx1IcFuBQtLZX18i31IVKZn71el
G98jX9op93zV0LWlbAwtcRUS5i+H/IcbdumDQPKt/PVLO3Ik6oKRaKMuQYLqJyjT
6wkDZB+NGt+dto7Dq/i5L5vCcN2qztkYKrfdoCSpV2VNVDHhXYwA1yAzsZ1Sjlpn
H0XiD7mtzKBfSb+FOMnH6xtep9OhvNVk5iwf5CpWcK8rrDcO1zrOy7OT+ZiYR2S2
c9+UaG5tQuvoPCqMXjIebzqGJXH9itYwyN/kHTOHsEyauC/GA9z26T0fIhgwByCH
w68+gUQSG3AdqX8PMBjjRfFIk4voU+iS8zwFAZMWV5RMZnhk8dZHZn1z/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLioJMLfo97ljQidC66YHTMtCCa1MB8GA1UdIwQY
MBaAFBBsDzlUEPKGyFdldtfS94MEteg6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUd3UE9WUVE4b2JJVjJWMjE5TDNnd1MxNkRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zOTNkMzYtNzdiZi00YWUyLTkzMjQt
MzQwZjQzMzU4NGQyLzEvdUtna3d0LWozdVdOQ0owTHJwZ2RNeTBJSnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zOTNkMzYtNzdiZi00YWUyLTkzMjQtMzQwZjQzMzU4NGQy
LzEvRUd3UE9WUVE4b2JJVjJWMjE5TDNnd1MxNkRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLpdoAwQC
w4fwMA0GCSqGSIb3DQEBCwUAA4IBAQBwhiVn/oL5Hfj3ujmeKamMGbS0uwjaKgy7
zBIkVuowSiRRIsdCwYGIo1A0fAxIYZP1Hpdxc/c2jB7vN0H+75K90x8yJT/5iO0h
Hk1tUCnM3/4s6PbbKFSbzTputdigbILLb4dADISso5y+RoBJb5djXfl3gpyirYU3
HLuGpdFz0E2/ZAMXyRWlFG2PXEYCylwzAQ/hSopvKBHBhPykWvdKMz4FpyScb+x2
1G2pVBbM29CPBGP2RKNq0UiuibYKJdKXJQGYi4C0uiom8BR03o16VetuAwX4YjcY
SJZ1L6LCkXMWIQHglbUegSI2vW/VFe+9zgbTQh6KxjW2le3eZS6q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:27 2024 by rpki-client on console-fra.rpki-client.org