Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UJC2543Pdk7snzb00CoenNdMRpw.roa
File:                     UJC2543Pdk7snzb00CoenNdMRpw.roa (raw, json)
Hash identifier:          y6BPZ/uN+fLYQ2yG7lxW3rfh/98tALC1iMXenVWEng8=
Subject key identifier:   50:90:B6:E7:8D:CF:76:4E:EC:9F:36:F4:D0:2A:1E:9C:D7:4C:46:9C
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018571E891707038FE5C8F91E22B6AEA471F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UJC2543Pdk7snzb00CoenNdMRpw.roa
Signing time:             Mon 02 Jan 2023 09:55:45 +0000
ROA not before:           Mon 02 Jan 2023 09:55:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208911
IP address blocks:        194.15.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 15 Jan 2023 17:15:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e8:91:70:70:38:fe:5c:8f:91:e2:2b:6a:ea:47:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  2 09:55:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5090b6e78dcf764eec9f36f4d02a1e9cd74c469c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8c:d3:04:ae:a3:6a:72:ec:cd:bf:bc:16:9d:
                    40:55:a0:4c:d0:b4:29:5c:9e:de:33:15:71:65:4d:
                    16:8e:ed:81:7f:13:8b:36:15:e1:ad:31:51:c0:e8:
                    38:85:ca:54:70:c0:f4:29:a7:24:e6:ed:ab:af:4b:
                    aa:23:da:c0:1e:56:a5:3f:1a:c9:fd:7c:af:36:5b:
                    e3:dc:6a:18:1f:8a:f2:6a:13:43:a6:c8:c4:03:08:
                    3a:2b:b9:a6:24:20:5a:94:59:ac:16:7c:86:54:49:
                    0d:6e:8a:ea:18:30:7c:a5:74:a2:6f:50:5e:33:f3:
                    ba:5e:95:e8:6c:ba:e0:28:05:54:97:9f:cb:8b:1f:
                    87:53:a7:93:09:74:08:31:a9:bf:35:01:e6:17:05:
                    49:19:2c:cc:86:11:5c:2e:04:16:9b:1a:5c:50:b8:
                    a2:d9:df:68:ff:e8:ab:cf:35:84:ae:1b:02:89:82:
                    b6:b6:3e:49:ee:56:05:f5:3e:13:63:93:6c:5a:2d:
                    4b:2a:9d:54:4a:78:07:e5:02:30:54:a9:6a:d6:23:
                    c5:17:86:66:fc:cd:58:fb:6b:e3:59:ec:d8:36:10:
                    71:af:98:51:e0:1a:35:14:a0:35:b8:29:9a:a4:39:
                    6a:29:e1:b2:4a:70:62:8a:19:de:ec:4d:09:56:a5:
                    56:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:90:B6:E7:8D:CF:76:4E:EC:9F:36:F4:D0:2A:1E:9C:D7:4C:46:9C
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UJC2543Pdk7snzb00CoenNdMRpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:99:1c:d4:ee:b7:55:4a:4f:91:4d:17:6a:5f:ac:b1:2a:89:
         c0:70:de:5e:56:b5:d4:9b:a3:7c:66:fa:ce:94:a3:60:40:6a:
         02:65:f9:08:39:65:7e:f3:82:ab:b9:71:4e:e1:65:c8:b7:26:
         27:2d:c5:5d:65:04:51:8a:20:03:a6:b2:36:ac:5c:e7:a1:28:
         60:a9:08:5c:79:96:be:af:6a:15:a2:6f:54:9f:e5:93:d6:3b:
         de:a3:b1:34:ed:57:33:b9:7f:7b:6a:5a:2a:63:26:ba:8c:99:
         68:88:97:53:d4:6f:39:ea:e9:ff:88:a0:a9:bf:12:3a:52:2e:
         e6:99:ec:cf:44:a2:11:c8:2e:68:9b:89:19:ad:02:c0:1b:a5:
         70:e7:47:d4:39:57:a9:4f:4f:af:e4:10:21:34:01:e9:9b:bb:
         13:da:b4:01:fb:fb:78:98:21:59:b6:ec:44:5c:19:2b:5f:61:
         49:4a:00:fc:f0:34:fc:3b:86:3f:74:2d:14:4d:e4:70:bd:ed:
         da:f9:41:61:58:3c:a1:95:55:e6:f9:14:bd:cb:8f:cc:78:f0:
         38:ba:35:46:22:e9:1f:78:97:94:96:1c:50:d2:83:a1:5e:e2:
         1a:e5:e6:bd:30:17:37:b5:dc:86:53:c9:1e:86:65:97:2e:1f:
         2d:ed:e8:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx6JFwcDj+XI+R4itq6kcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDkwYjZlNzhkY2Y3NjRlZWM5ZjM2ZjRkMDJhMWU5Y2Q3NGM0NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYzTBK6janLszb+8Fp1AVaBM0LQp
XJ7eMxVxZU0Wju2BfxOLNhXhrTFRwOg4hcpUcMD0Kack5u2rr0uqI9rAHlalPxrJ
/XyvNlvj3GoYH4ryahNDpsjEAwg6K7mmJCBalFmsFnyGVEkNborqGDB8pXSib1Be
M/O6XpXobLrgKAVUl5/Lix+HU6eTCXQIMam/NQHmFwVJGSzMhhFcLgQWmxpcULii
2d9o/+irzzWErhsCiYK2tj5J7lYF9T4TY5NsWi1LKp1USngH5QIwVKlq1iPFF4Zm
/M1Y+2vjWezYNhBxr5hR4Bo1FKA1uCmapDlqKeGySnBiihne7E0JVqVW5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCQtueNz3ZO7J829NAqHpzXTEacMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVUpDMjU0M1BkazdzbnpiMDBDb2VuTmRNUnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg80MA0G
CSqGSIb3DQEBCwUAA4IBAQCQmRzU7rdVSk+RTRdqX6yxKonAcN5eVrXUm6N8ZvrO
lKNgQGoCZfkIOWV+84KruXFO4WXItyYnLcVdZQRRiiADprI2rFznoShgqQhceZa+
r2oVom9Un+WT1jveo7E07VczuX97aloqYya6jJloiJdT1G856un/iKCpvxI6Ui7m
mezPRKIRyC5om4kZrQLAG6Vw50fUOVepT0+v5BAhNAHpm7sT2rQB+/t4mCFZtuxE
XBkrX2FJSgD88DT8O4Y/dC0UTeRwve3a+UFhWDyhlVXm+RS9y4/MePA4ujVGIukf
eJeUlhxQ0oOhXuIa5ea9MBc3tdyGU8kehmWXLh8t7ei0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org