Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/UJZqqqKW4SeGVQLkmYv60-Z-KfU.roa
File:                     UJZqqqKW4SeGVQLkmYv60-Z-KfU.roa (raw, json)
Hash identifier:          9zmOkXYnEDoF5RDR4JNRIpYbpIaNncNk/wsuVdcU9bU=
Subject key identifier:   50:96:6A:AA:A2:96:E1:27:86:55:02:E4:99:8B:FA:D3:E6:7E:29:F5
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64ADFA8A3DAC4EEF000ADB7FD6CC14F
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/UJZqqqKW4SeGVQLkmYv60-Z-KfU.roa
Signing time:             Mon 01 Jan 2024 18:30:44 +0000
ROA not before:           Mon 01 Jan 2024 18:30:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29437
IP address blocks:        193.230.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 08:12:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:df:a8:a3:da:c4:ee:f0:00:ad:b7:fd:6c:c1:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=50966aaaa296e127865502e4998bfad3e67e29f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:fd:a1:57:7d:94:7c:97:f1:7c:72:9e:c0:8d:
                    be:d6:0a:04:21:b8:1c:6f:63:39:fb:0e:10:01:e8:
                    b4:cf:77:63:a4:b6:ee:37:ad:d1:69:cb:e9:eb:05:
                    20:f5:3e:6f:f0:88:28:2d:96:32:12:b7:a8:61:ca:
                    62:2a:45:62:3f:b1:3e:8e:a3:df:d6:a2:01:12:fd:
                    83:07:5b:51:d3:0a:d0:64:9b:9c:da:e9:36:c4:51:
                    8a:c9:35:26:2f:58:04:93:0a:50:25:81:54:bb:b3:
                    21:20:9a:d2:58:6f:5f:60:6d:87:e3:94:c2:3d:45:
                    59:d6:5c:97:7c:bd:c4:99:d1:d0:a4:60:87:b8:9e:
                    d4:4e:7f:34:fd:da:0d:46:a8:82:ce:32:27:c7:80:
                    83:c1:7c:76:69:9b:7f:62:82:c4:9e:ac:9e:4a:77:
                    d4:ec:a3:60:d2:f1:08:6b:d2:83:9d:e0:b9:47:b5:
                    ac:8b:9f:6e:26:1c:c7:40:db:60:72:5b:e2:5a:9d:
                    5d:ca:3c:81:ca:93:f2:f2:7a:bc:52:75:a1:e0:1c:
                    24:29:91:c3:78:8b:be:fb:f7:3c:3b:ae:73:3b:2e:
                    68:78:fb:5d:37:9f:24:b2:94:87:ee:72:42:89:17:
                    85:c3:b0:54:f3:7a:13:e5:8c:8f:22:56:6b:a3:46:
                    cd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:96:6A:AA:A2:96:E1:27:86:55:02:E4:99:8B:FA:D3:E6:7E:29:F5
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/UJZqqqKW4SeGVQLkmYv60-Z-KfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.230.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:a4:d0:c0:5b:0e:84:41:a9:c1:4e:8f:79:9f:6e:cd:75:26:
         7b:dd:07:df:1c:4a:85:8a:49:e6:82:a5:7b:86:d9:3c:af:c9:
         40:aa:9c:be:4b:28:4e:46:53:41:29:f5:02:04:f2:d4:45:10:
         a1:3d:8e:e5:61:b1:19:94:3f:4d:68:db:c6:2b:d1:87:ba:9b:
         6f:23:2a:78:4e:8b:21:88:bd:25:ea:53:c7:38:3c:18:25:66:
         54:ad:c6:22:96:7f:f4:90:fb:29:a6:3f:77:16:27:ff:cb:ff:
         ee:ac:98:b5:31:72:fc:04:96:96:12:73:c5:64:fe:0d:fa:8b:
         5b:82:19:8c:c5:55:1b:6a:84:99:6a:d5:c0:90:48:1b:66:a5:
         b9:d3:78:b8:66:77:4c:27:fa:6a:0e:ea:04:cd:5f:60:2d:ec:
         51:81:08:9a:76:89:d9:e6:92:8e:25:ef:59:b8:4f:3f:2d:58:
         fe:05:20:75:9c:4b:b8:10:de:b6:6b:4c:c0:7e:83:21:c2:39:
         b6:e9:85:8b:cf:0e:7b:1b:b5:8d:29:fd:d0:94:c3:1d:1f:83:
         9d:50:29:5d:3f:b8:33:81:10:e7:6d:ac:54:6b:14:03:68:9f:
         77:fc:69:2a:87:67:5f:00:ed:02:17:27:e7:37:1e:37:1c:5a:
         e3:2b:aa:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSt+oo9rE7vAArbf9bMFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk2NmFhYWEyOTZlMTI3ODY1NTAyZTQ5OThiZmFkM2U2N2UyOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP2hV32UfJfxfHKewI2+1goEIbgc
b2M5+w4QAei0z3djpLbuN63Racvp6wUg9T5v8IgoLZYyEreoYcpiKkViP7E+jqPf
1qIBEv2DB1tR0wrQZJuc2uk2xFGKyTUmL1gEkwpQJYFUu7MhIJrSWG9fYG2H45TC
PUVZ1lyXfL3EmdHQpGCHuJ7UTn80/doNRqiCzjInx4CDwXx2aZt/YoLEnqyeSnfU
7KNg0vEIa9KDneC5R7Wsi59uJhzHQNtgclviWp1dyjyBypPy8nq8UnWh4BwkKZHD
eIu++/c8O65zOy5oePtdN58kspSH7nJCiReFw7BU83oT5YyPIlZro0bNGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCWaqqiluEnhlUC5JmL+tPmfin1MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvVUpacXFxS1c0U2VHVlFMa21ZdjYwLVotS2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwea9MA0G
CSqGSIb3DQEBCwUAA4IBAQBzpNDAWw6EQanBTo95n27NdSZ73QffHEqFiknmgqV7
htk8r8lAqpy+SyhORlNBKfUCBPLURRChPY7lYbEZlD9NaNvGK9GHuptvIyp4Tosh
iL0l6lPHODwYJWZUrcYiln/0kPsppj93Fif/y//urJi1MXL8BJaWEnPFZP4N+otb
ghmMxVUbaoSZatXAkEgbZqW503i4ZndMJ/pqDuoEzV9gLexRgQiadonZ5pKOJe9Z
uE8/LVj+BSB1nEu4EN62a0zAfoMhwjm26YWLzw57G7WNKf3QlMMdH4OdUCldP7gz
gRDnbaxUaxQDaJ93/Gkqh2dfAO0CFyfnNx43HFrjK6p3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org