Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/_UzS-uFdbhVhgt_EzUIYtf0P0kE.roa
File:                     _UzS-uFdbhVhgt_EzUIYtf0P0kE.roa (raw, json)
Hash identifier:          VlIOZ3XCl+v5K86Rq6ep5Jv3b6z2VCOrGM/Yb/aHlsA=
Subject key identifier:   FD:4C:D2:FA:E1:5D:6E:15:61:82:DF:C4:CD:42:18:B5:FD:0F:D2:41
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0185700282D12741CB163BD190E6217D18EC
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/_UzS-uFdbhVhgt_EzUIYtf0P0kE.roa
Signing time:             Mon 02 Jan 2023 01:04:50 +0000
ROA not before:           Mon 02 Jan 2023 01:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43417
IP address blocks:        213.194.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:82:d1:27:41:cb:16:3b:d1:90:e6:21:7d:18:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd4cd2fae15d6e156182dfc4cd4218b5fd0fd241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7a:62:61:b7:76:3a:53:9f:8d:7d:d3:3a:86:
                    3f:34:8c:cb:d3:97:ef:9a:c4:d8:07:e5:52:56:75:
                    cb:0d:4d:2a:09:82:c7:4e:d1:90:18:3d:88:63:8e:
                    a2:c4:9d:d8:4f:51:1c:a5:74:e8:fa:87:6d:5e:88:
                    38:0c:86:0d:b6:e0:db:81:f6:0b:a5:54:06:64:f4:
                    ba:80:94:1e:c1:a9:9c:07:b9:5a:45:75:80:60:61:
                    0b:61:4c:4e:e8:9f:9a:64:71:e8:34:8f:2a:0f:72:
                    8d:b1:02:be:ca:fd:88:cc:99:2e:2f:96:f0:a7:c1:
                    33:23:18:95:8b:29:91:4a:fa:f7:d1:e4:19:78:53:
                    73:cd:4a:02:34:c7:d2:85:0c:7a:25:b0:f4:6a:7f:
                    6c:4b:a5:8b:3c:8d:4f:64:eb:a8:91:e7:9d:04:2f:
                    3c:91:35:70:fe:e6:79:3a:66:7f:f1:84:32:cd:66:
                    44:3f:a4:d1:5e:0f:a4:ee:1d:4b:c6:26:4c:8c:e2:
                    15:f5:1a:e3:d8:2e:30:b1:46:fe:c1:7c:2f:58:b6:
                    e0:64:13:9b:23:4f:da:51:09:d9:3b:cb:9f:0e:c1:
                    ec:04:e0:5e:b8:53:a0:6e:d5:28:70:ba:cc:c0:19:
                    78:9b:b4:c6:af:fb:3e:74:ea:8d:0e:ef:ce:b7:56:
                    db:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:4C:D2:FA:E1:5D:6E:15:61:82:DF:C4:CD:42:18:B5:FD:0F:D2:41
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/_UzS-uFdbhVhgt_EzUIYtf0P0kE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.194.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:34:f4:3a:c2:b8:8b:2b:67:35:3f:31:ff:0d:f2:94:8e:b6:
         33:58:17:30:6b:0f:e5:b3:79:de:03:c0:3e:d8:b2:3f:1f:57:
         41:8b:00:1d:72:4b:25:e2:28:55:67:b4:82:b5:e1:5f:1a:a5:
         4f:5d:a5:4a:63:ff:38:38:97:b2:8e:1c:79:54:3f:59:19:e3:
         40:6e:44:d3:e0:04:4d:b4:f6:93:2f:b3:ef:d3:cd:01:1d:8f:
         26:b0:89:38:c4:43:51:fe:f5:b0:c6:2b:6f:33:28:6e:02:dd:
         f1:0c:85:42:aa:b6:91:29:b7:68:22:6c:6c:a0:da:fb:64:06:
         6e:b1:e7:6c:34:ac:92:b7:21:10:68:73:93:a9:9e:e0:00:1b:
         7d:31:09:20:79:5e:f1:c5:89:a0:8f:14:74:a2:0c:62:f8:e8:
         38:bc:3a:39:bc:85:d5:a5:3c:b5:56:c6:08:08:24:c9:42:60:
         6f:0e:67:14:49:aa:e2:b6:73:d6:aa:9f:ad:5b:ef:b8:be:66:
         85:41:4a:65:c9:ad:e4:70:1c:4f:b7:56:80:dd:02:e5:82:9f:
         8e:98:e3:47:42:f6:36:e5:99:73:88:9c:cc:e6:f6:1e:2e:f6:
         17:c3:0d:8f:c4:8c:05:f8:68:9d:c7:8e:10:61:f5:11:ff:82:
         fe:64:7b:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoLRJ0HLFjvRkOYhfRjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDRjZDJmYWUxNWQ2ZTE1NjE4MmRmYzRjZDQyMThiNWZkMGZkMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXpiYbd2OlOfjX3TOoY/NIzL05fv
msTYB+VSVnXLDU0qCYLHTtGQGD2IY46ixJ3YT1EcpXTo+odtXog4DIYNtuDbgfYL
pVQGZPS6gJQewamcB7laRXWAYGELYUxO6J+aZHHoNI8qD3KNsQK+yv2IzJkuL5bw
p8EzIxiViymRSvr30eQZeFNzzUoCNMfShQx6JbD0an9sS6WLPI1PZOuokeedBC88
kTVw/uZ5OmZ/8YQyzWZEP6TRXg+k7h1LxiZMjOIV9Rrj2C4wsUb+wXwvWLbgZBOb
I0/aUQnZO8ufDsHsBOBeuFOgbtUocLrMwBl4m7TGr/s+dOqNDu/Ot1bbTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1M0vrhXW4VYYLfxM1CGLX9D9JBMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvX1V6Uy11RmRiaFZoZ3RfRXpVSVl0ZjBQMGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1cJsMA0G
CSqGSIb3DQEBCwUAA4IBAQAKNPQ6wriLK2c1PzH/DfKUjrYzWBcwaw/ls3neA8A+
2LI/H1dBiwAdcksl4ihVZ7SCteFfGqVPXaVKY/84OJeyjhx5VD9ZGeNAbkTT4ARN
tPaTL7Pv080BHY8msIk4xENR/vWwxitvMyhuAt3xDIVCqraRKbdoImxsoNr7ZAZu
sedsNKyStyEQaHOTqZ7gABt9MQkgeV7xxYmgjxR0ogxi+Og4vDo5vIXVpTy1VsYI
CCTJQmBvDmcUSaritnPWqp+tW++4vmaFQUplya3kcBxPt1aA3QLlgp+OmONHQvY2
5ZlziJzM5vYeLvYXww2PxIwF+Gidx44QYfUR/4L+ZHuu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org