Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/AR-uNGWW8949v3Q9P_k9Xa3u0us.roa
File:                     AR-uNGWW8949v3Q9P_k9Xa3u0us.roa (raw, json)
Hash identifier:          uUG+e305Q8NV7PVmfdhYAGljiwjXBIveGMWWixoZeWA=
Subject key identifier:   01:1F:AE:34:65:96:F3:DE:3D:BF:74:3D:3F:F9:3D:5D:AD:EE:D2:EB
Certificate issuer:       /CN=8f3012474e6aa1b36b42064dd175b30ed822e735
Certificate serial:       01856BB80400ED894642B25E16CAA560E70D
Authority key identifier: 8F:30:12:47:4E:6A:A1:B3:6B:42:06:4D:D1:75:B3:0E:D8:22:E7:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzASR05qobNrQgZN0XWzDtgi5zU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/AR-uNGWW8949v3Q9P_k9Xa3u0us.roa
Signing time:             Sun 01 Jan 2023 05:04:59 +0000
ROA not before:           Sun 01 Jan 2023 05:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205843
IP address blocks:        185.158.205.0/24 maxlen: 24
                          2a10:2140::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:b8:04:00:ed:89:46:42:b2:5e:16:ca:a5:60:e7:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3012474e6aa1b36b42064dd175b30ed822e735
        Validity
            Not Before: Jan  1 05:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=011fae346596f3de3dbf743d3ff93d5dadeed2eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:b3:f5:23:cf:b2:f4:06:fb:ae:b7:31:3f:61:
                    0f:d3:09:75:eb:4b:fe:5f:b2:ff:f3:a7:09:86:2c:
                    07:3b:73:25:a4:83:d5:ad:95:9c:36:31:6e:e5:cd:
                    d5:7c:f4:e9:45:3e:01:a9:78:25:46:1f:ab:fb:7f:
                    c6:2a:02:86:44:64:91:d1:4d:b1:14:73:72:d7:d6:
                    80:73:91:cd:a4:6a:26:c2:a6:6a:fa:d8:99:6c:a4:
                    53:da:6b:d0:1c:e0:45:7b:4c:88:18:7f:bc:a9:58:
                    f8:fa:05:64:34:41:56:be:2c:ec:b6:58:74:71:67:
                    b4:8e:c4:6d:35:a4:6a:66:91:5e:e9:98:2f:91:34:
                    49:a5:b7:5d:fc:53:8a:f2:03:ff:b7:df:ec:b8:73:
                    ff:9a:00:41:ba:29:ca:a5:29:31:eb:fb:90:7e:f9:
                    ab:1e:81:10:0f:7a:6b:5f:6d:67:f4:6e:89:0b:7f:
                    a2:78:c3:09:16:ea:cf:35:08:ea:81:61:2b:9a:7e:
                    d2:e5:54:38:a4:09:82:85:6b:11:d8:03:28:e2:a2:
                    71:6a:2d:4c:68:5b:02:91:c6:e2:20:03:e0:40:80:
                    8c:99:82:c3:36:34:df:2e:86:25:10:1d:3e:f8:ec:
                    bd:08:a2:55:9f:7e:f2:d9:4f:74:d2:b9:83:34:3e:
                    82:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:1F:AE:34:65:96:F3:DE:3D:BF:74:3D:3F:F9:3D:5D:AD:EE:D2:EB
            X509v3 Authority Key Identifier:
                keyid:8F:30:12:47:4E:6A:A1:B3:6B:42:06:4D:D1:75:B3:0E:D8:22:E7:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzASR05qobNrQgZN0XWzDtgi5zU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/AR-uNGWW8949v3Q9P_k9Xa3u0us.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/jzASR05qobNrQgZN0XWzDtgi5zU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.158.205.0/24
                IPv6:
                  2a10:2140::/29

    Signature Algorithm: sha256WithRSAEncryption
         71:d1:b7:52:92:ac:93:e6:37:44:b1:8d:1a:e4:b5:98:cd:b7:
         3e:2c:2f:ae:ab:ac:a6:65:37:87:a1:85:05:a1:8f:fd:00:4d:
         e1:3b:71:bc:7a:2b:c2:da:ea:f2:c1:32:44:7f:63:b1:c6:56:
         f5:b4:ee:aa:00:12:f3:54:7c:c3:05:df:1c:ea:77:f2:db:7e:
         0f:5c:03:7a:7b:e0:0d:9e:78:f7:b7:74:54:88:91:d3:bb:34:
         9f:57:a1:b4:02:fa:13:f3:c5:84:86:f9:5a:24:e5:74:71:f6:
         02:e1:8a:9b:a4:15:f6:c2:75:9b:d5:4e:ac:d7:09:b4:9d:9f:
         fc:36:43:76:e5:11:ec:08:a4:99:6b:2f:43:94:5e:f3:08:f1:
         d5:b6:a5:b4:fa:a9:eb:0e:c2:93:4e:f2:77:5e:a9:2a:56:11:
         3e:ef:eb:0e:f1:d0:79:10:f6:fb:84:95:48:4b:ba:9f:a8:d7:
         b4:62:7a:2e:5a:d0:9e:b0:4b:aa:3b:22:4c:37:48:a0:b9:4a:
         42:20:67:ec:ee:8d:ef:36:1d:ee:09:41:61:63:54:01:84:65:
         78:e3:74:66:26:d5:75:77:15:61:54:5e:cd:95:7e:76:e9:29:
         ae:bf:4c:ef:6f:c8:d7:b2:0d:eb:fd:7f:3f:4c:69:b8:b0:50:
         0b:63:07:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVruAQA7YlGQrJeFsqlYOcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAxMjQ3NGU2YWExYjM2YjQyMDY0ZGQxNzViMzBlZDgy
MmU3MzUwHhcNMjMwMTAxMDUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTFmYWUzNDY1OTZmM2RlM2RiZjc0M2QzZmY5M2Q1ZGFkZWVkMmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLP1I8+y9Ab7rrcxP2EP0wl160v+
X7L/86cJhiwHO3MlpIPVrZWcNjFu5c3VfPTpRT4BqXglRh+r+3/GKgKGRGSR0U2x
FHNy19aAc5HNpGomwqZq+tiZbKRT2mvQHOBFe0yIGH+8qVj4+gVkNEFWvizstlh0
cWe0jsRtNaRqZpFe6ZgvkTRJpbdd/FOK8gP/t9/suHP/mgBBuinKpSkx6/uQfvmr
HoEQD3prX21n9G6JC3+ieMMJFurPNQjqgWErmn7S5VQ4pAmChWsR2AMo4qJxai1M
aFsCkcbiIAPgQICMmYLDNjTfLoYlEB0++Oy9CKJVn37y2U900rmDND6CvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAEfrjRllvPePb90PT/5PV2t7tLrMB8GA1UdIwQY
MBaAFI8wEkdOaqGza0IGTdF1sw7YIuc1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBU1IwNXFvYk5yUWdaTjBYV3pEdGdpNXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80MWViYmYtODBjYS00MWUxLWIxY2Mt
Y2EzNzhlNTI5MzBjLzEvQVItdU5HV1c4OTQ5djNROVBfazlYYTN1MHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80MWViYmYtODBjYS00MWUxLWIxY2MtY2EzNzhlNTI5MzBj
LzEvanpBU1IwNXFvYk5yUWdaTjBYV3pEdGdpNXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZ7NMA0E
AgACMAcDBQMqECFAMA0GCSqGSIb3DQEBCwUAA4IBAQBx0bdSkqyT5jdEsY0a5LWY
zbc+LC+uq6ymZTeHoYUFoY/9AE3hO3G8eivC2urywTJEf2Oxxlb1tO6qABLzVHzD
Bd8c6nfy234PXAN6e+ANnnj3t3RUiJHTuzSfV6G0AvoT88WEhvlaJOV0cfYC4Yqb
pBX2wnWb1U6s1wm0nZ/8NkN25RHsCKSZay9DlF7zCPHVtqW0+qnrDsKTTvJ3Xqkq
VhE+7+sO8dB5EPb7hJVIS7qfqNe0YnouWtCesEuqOyJMN0iguUpCIGfs7o3vNh3u
CUFhY1QBhGV443RmJtV1dxVhVF7NlX526Smuv0zvb8jXsg3r/X8/TGm4sFALYwdg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:55 2024 by rpki-client on console-ams.rpki-client.org