Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/UnEgrr-jF-5oQaZ-NYBAqKj5KL8.roa
File:                     UnEgrr-jF-5oQaZ-NYBAqKj5KL8.roa (raw, json)
Hash identifier:          6y4NSeh/qKOPVyb0YYaDeh65YBoqBsA+wwaSi9BE9vE=
Subject key identifier:   52:71:20:AE:BF:A3:17:EE:68:41:A6:7E:35:80:40:A8:A8:F9:28:BF
Certificate issuer:       /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial:       01856DEF7150025BC11B82B257921FA4BFA1
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/UnEgrr-jF-5oQaZ-NYBAqKj5KL8.roa
Signing time:             Sun 01 Jan 2023 15:24:46 +0000
ROA not before:           Sun 01 Jan 2023 15:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60877
IP address blocks:        195.187.41.0/24 maxlen: 24
                          194.181.125.0/24 maxlen: 24
                          194.181.31.0/24 maxlen: 26

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 22:12:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ef:71:50:02:5b:c1:1b:82:b2:57:92:1f:a4:bf:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
        Validity
            Not Before: Jan  1 15:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=527120aebfa317ee6841a67e358040a8a8f928bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:76:03:c8:9b:a6:38:11:e9:48:20:ae:d7:cc:
                    62:e4:ae:62:23:37:7f:d6:7d:57:99:e6:33:b4:98:
                    3e:3a:d8:7d:cd:ab:88:78:d2:d7:d1:0c:35:2a:79:
                    af:11:5c:37:d7:8e:1c:ae:a7:fc:4c:cb:76:ae:d1:
                    b4:44:24:72:e5:da:ab:a8:bb:5c:cd:26:fc:31:cc:
                    76:df:51:0d:8a:49:25:05:aa:66:55:fe:e1:38:d9:
                    cf:3f:fd:5e:da:65:d0:de:38:ea:40:00:7c:98:a2:
                    59:37:f6:20:d3:b9:5e:f7:ba:9b:fa:bf:f9:c9:1b:
                    fb:6a:e1:f1:05:ec:65:73:fc:24:02:92:8c:bf:2b:
                    74:87:bd:73:59:6f:a1:ee:8e:48:2e:a1:49:b0:d8:
                    f9:e7:dc:06:57:e1:43:9f:f3:3e:77:b8:3f:cb:77:
                    e3:e0:a3:0e:8f:d0:2a:38:87:72:4d:2f:7b:13:1f:
                    9d:a1:23:e7:40:2a:58:d3:a8:82:32:1e:d9:14:13:
                    e0:76:03:35:9a:bc:9e:bd:28:4d:70:86:34:44:f7:
                    14:93:72:38:b8:cf:f9:13:a4:07:54:d7:94:cd:b0:
                    e1:b2:9e:80:dc:ca:93:7e:ab:0f:a3:bc:7a:ce:3f:
                    24:a8:6d:28:35:a5:c5:c9:de:09:ff:42:26:db:3d:
                    57:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:71:20:AE:BF:A3:17:EE:68:41:A6:7E:35:80:40:A8:A8:F9:28:BF
            X509v3 Authority Key Identifier:
                keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/UnEgrr-jF-5oQaZ-NYBAqKj5KL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.181.31.0/24
                  194.181.125.0/24
                  195.187.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:1c:88:cd:14:cf:c9:2c:aa:a9:db:53:6e:40:2b:f2:46:6c:
         0e:21:27:7a:6d:87:4d:6c:3e:0f:b8:eb:3d:30:6f:cc:8b:c8:
         e3:ff:12:8a:a3:97:cd:33:78:57:52:7a:cc:53:50:37:f1:ae:
         f3:c2:3d:ad:51:b1:24:4d:4b:50:29:ea:88:a5:4f:0a:25:1e:
         30:8b:17:1e:e2:7f:4e:c8:10:43:dd:9f:23:73:1d:3e:3a:6f:
         c4:b0:d9:01:b4:c8:17:3a:9c:3d:37:52:e3:f7:4f:5c:be:2f:
         5e:2f:a1:d7:32:d5:44:8b:d7:9f:53:61:fa:57:2a:db:66:56:
         da:15:dc:87:bc:7c:18:dc:23:66:b3:83:54:54:91:4b:e2:db:
         c6:2b:e6:d1:3d:6f:b5:6a:ee:ed:a7:83:4f:69:2d:25:96:e0:
         b3:bd:b6:d9:f1:aa:c0:7f:3a:2c:32:84:45:9f:ba:2e:a3:d8:
         dc:d9:6a:4d:46:09:be:d7:54:8a:51:82:d8:99:7f:57:77:0c:
         e7:aa:c4:31:a1:19:3e:53:a5:ec:63:f4:0e:04:e8:cb:de:49:
         fc:ea:20:db:dd:c4:e0:55:56:50:01:0d:69:4c:b2:83:9a:b2:
         c7:aa:10:89:c4:a0:02:28:90:e7:14:bc:f8:0f:0d:a0:81:83:
         8f:ea:a3:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt73FQAlvBG4KyV5IfpL+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjMwMTAxMTUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcxMjBhZWJmYTMxN2VlNjg0MWE2N2UzNTgwNDBhOGE4ZjkyOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXYDyJumOBHpSCCu18xi5K5iIzd/
1n1XmeYztJg+Oth9zauIeNLX0Qw1KnmvEVw3144crqf8TMt2rtG0RCRy5dqrqLtc
zSb8Mcx231ENikklBapmVf7hONnPP/1e2mXQ3jjqQAB8mKJZN/Yg07le97qb+r/5
yRv7auHxBexlc/wkApKMvyt0h71zWW+h7o5ILqFJsNj559wGV+FDn/M+d7g/y3fj
4KMOj9AqOIdyTS97Ex+doSPnQCpY06iCMh7ZFBPgdgM1mryevShNcIY0RPcUk3I4
uM/5E6QHVNeUzbDhsp6A3MqTfqsPo7x6zj8kqG0oNaXFyd4J/0Im2z1XvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFJxIK6/oxfuaEGmfjWAQKio+Si/MB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvVW5FZ3JyLWpGLTVvUWFaLU5ZQkFxS2o1S0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwrUfAwQA
wrV9AwQAw7spMA0GCSqGSIb3DQEBCwUAA4IBAQAwHIjNFM/JLKqp21NuQCvyRmwO
ISd6bYdNbD4PuOs9MG/Mi8jj/xKKo5fNM3hXUnrMU1A38a7zwj2tUbEkTUtQKeqI
pU8KJR4wixce4n9OyBBD3Z8jcx0+Om/EsNkBtMgXOpw9N1Lj909cvi9eL6HXMtVE
i9efU2H6VyrbZlbaFdyHvHwY3CNms4NUVJFL4tvGK+bRPW+1au7tp4NPaS0lluCz
vbbZ8arAfzosMoRFn7ouo9jc2WpNRgm+11SKUYLYmX9XdwznqsQxoRk+U6XsY/QO
BOjL3kn86iDb3cTgVVZQAQ1pTLKDmrLHqhCJxKACKJDnFLz4Dw2ggYOP6qOd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:40 2024 by rpki-client on console-fra.rpki-client.org