Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ug8R-KZNYkWz39gV7jnyyoxXejQ.roa
File:                     Ug8R-KZNYkWz39gV7jnyyoxXejQ.roa (raw, json)
Hash identifier:          B/TYlER9v79J/B8t9e/bY2xSQC/KfD3IqIU0pw9NV5c=
Subject key identifier:   52:0F:11:F8:A6:4D:62:45:B3:DF:D8:15:EE:39:F2:CA:8C:57:7A:34
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018ABC7A2A974309E1617B715EF15414D0F7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ug8R-KZNYkWz39gV7jnyyoxXejQ.roa
Signing time:             Fri 22 Sep 2023 10:40:37 +0000
ROA not before:           Fri 22 Sep 2023 10:40:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        192.124.182.0/24 maxlen: 24
                          193.124.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:bc:7a:2a:97:43:09:e1:61:7b:71:5e:f1:54:14:d0:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 22 10:40:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=520f11f8a64d6245b3dfd815ee39f2ca8c577a34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3f:51:0c:c0:e2:10:b4:70:c9:35:af:e4:1e:
                    b6:9f:a4:b2:50:6c:9f:26:00:28:ce:b5:a2:c9:93:
                    5f:1c:2f:19:9a:3f:0e:0f:49:1d:42:46:8e:52:e8:
                    4a:db:e8:ab:87:5d:61:ee:1e:f3:c5:36:2f:a5:d7:
                    0a:43:47:7f:50:c6:de:70:1b:90:55:8e:07:10:4a:
                    8a:55:56:f5:6f:8c:f5:4c:86:d9:88:70:f2:58:c7:
                    21:9f:c0:e1:a7:f7:99:f9:71:c0:c2:9c:50:0e:c9:
                    5a:bc:ce:b3:d0:81:9d:23:14:09:bb:38:73:dc:df:
                    19:a1:26:af:05:57:b6:68:81:e6:82:b1:26:e3:f3:
                    9c:cf:62:7e:63:ed:b6:86:b7:09:62:d7:e1:37:7b:
                    52:97:7f:d3:83:eb:22:a5:15:53:62:7d:98:68:c3:
                    9a:f8:f8:ac:00:dc:87:0c:a4:f1:85:30:87:5e:e4:
                    26:0f:9c:49:87:f7:90:99:36:f7:82:66:26:80:94:
                    05:18:15:58:fc:77:73:18:f2:2b:3d:43:b2:37:86:
                    59:9b:db:f0:90:a6:4e:a2:98:d3:51:c5:9b:4e:16:
                    0e:eb:1f:fb:68:c6:75:8e:95:2c:e1:0f:27:e8:e2:
                    bb:81:bb:40:86:94:8b:b9:6b:a1:95:4c:f3:2c:4a:
                    f7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:0F:11:F8:A6:4D:62:45:B3:DF:D8:15:EE:39:F2:CA:8C:57:7A:34
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ug8R-KZNYkWz39gV7jnyyoxXejQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.182.0/24
                  193.124.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:d9:c2:dd:91:a4:ce:19:4e:9b:79:49:d5:85:f4:17:cd:34:
         29:e0:ec:0a:79:9e:30:4c:ff:f8:92:89:cd:89:73:4c:88:7e:
         f9:d0:7d:ad:2b:1b:7b:c3:7e:b7:dc:84:b9:c4:8a:8c:fb:30:
         09:89:66:05:b9:1e:ec:c5:08:13:cd:c6:6b:c3:59:b2:27:20:
         13:6d:9e:8c:50:55:06:7b:a7:b5:c5:c4:fa:76:0a:09:c3:8e:
         49:3b:06:7d:32:a1:46:98:1f:11:03:67:6f:ba:4a:17:18:94:
         99:82:5b:dd:0f:ff:c7:aa:06:77:d6:cf:32:a5:ef:32:eb:60:
         29:e4:10:76:7a:35:88:a7:8a:61:21:cd:e9:f5:62:a2:50:78:
         33:ad:2b:25:8c:35:de:8a:0d:62:77:74:65:6a:2f:27:92:80:
         c9:99:94:25:4e:c1:f0:52:ee:ca:9d:3e:85:9a:df:3a:67:8f:
         8b:de:db:d9:68:1a:1e:df:b8:20:5c:45:93:b3:fa:de:4c:0e:
         56:bf:0d:4d:d9:a2:2f:23:b6:64:44:f6:64:13:74:8b:dd:95:
         41:51:76:6b:1b:3a:75:05:02:ef:ba:14:f5:53:71:d5:38:d5:
         9b:c4:81:d9:f8:ae:75:81:81:ed:44:0c:f0:ab:6c:3a:95:2f:
         c0:a1:ec:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYq8eiqXQwnhYXtxXvFUFND3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTIyMTA0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjBmMTFmOGE2NGQ2MjQ1YjNkZmQ4MTVlZTM5ZjJjYThjNTc3YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz9RDMDiELRwyTWv5B62n6SyUGyf
JgAozrWiyZNfHC8Zmj8OD0kdQkaOUuhK2+irh11h7h7zxTYvpdcKQ0d/UMbecBuQ
VY4HEEqKVVb1b4z1TIbZiHDyWMchn8Dhp/eZ+XHAwpxQDslavM6z0IGdIxQJuzhz
3N8ZoSavBVe2aIHmgrEm4/Ocz2J+Y+22hrcJYtfhN3tSl3/Tg+sipRVTYn2YaMOa
+PisANyHDKTxhTCHXuQmD5xJh/eQmTb3gmYmgJQFGBVY/HdzGPIrPUOyN4ZZm9vw
kKZOopjTUcWbThYO6x/7aMZ1jpUs4Q8n6OK7gbtAhpSLuWuhlUzzLEr3lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFIPEfimTWJFs9/YFe458sqMV3o0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVWc4Ui1LWk5Za1d6MzlnVjdqbnl5b3hYZWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHy2AwQA
wXzNMA0GCSqGSIb3DQEBCwUAA4IBAQB32cLdkaTOGU6beUnVhfQXzTQp4OwKeZ4w
TP/4konNiXNMiH750H2tKxt7w3633IS5xIqM+zAJiWYFuR7sxQgTzcZrw1myJyAT
bZ6MUFUGe6e1xcT6dgoJw45JOwZ9MqFGmB8RA2dvukoXGJSZglvdD//HqgZ31s8y
pe8y62Ap5BB2ejWIp4phIc3p9WKiUHgzrSsljDXeig1id3Rlai8nkoDJmZQlTsHw
Uu7KnT6Fmt86Z4+L3tvZaBoe37ggXEWTs/reTA5Wvw1N2aIvI7ZkRPZkE3SL3ZVB
UXZrGzp1BQLvuhT1U3HVONWbxIHZ+K51gYHtRAzwq2w6lS/Aoeyd
-----END CERTIFICATE-----
Generated at Mon Oct 23 10:11:27 2023 by rpki-client on console-ams.rpki-client.org