Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UK1AqHW_By1YSWgnxRCIQF-glPM.roa
File:                     UK1AqHW_By1YSWgnxRCIQF-glPM.roa (raw, json)
Hash identifier:          My2H7YDNIIAdYu99oFzU52ZfJaX4s7Jn7+CQW4FO9g4=
Subject key identifier:   50:AD:40:A8:75:BF:07:2D:58:49:68:27:C5:10:88:40:5F:A0:94:F3
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018DCA54A9EF2957CD4122BD45C9562F08BD
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UK1AqHW_By1YSWgnxRCIQF-glPM.roa
Signing time:             Wed 21 Feb 2024 06:22:42 +0000
ROA not before:           Wed 21 Feb 2024 06:22:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43754
IP address blocks:        213.176.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 13:04:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ca:54:a9:ef:29:57:cd:41:22:bd:45:c9:56:2f:08:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Feb 21 06:22:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=50ad40a875bf072d58496827c51088405fa094f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:1e:8d:4d:17:c0:06:de:79:dd:0b:5d:98:e2:
                    36:7a:7c:02:73:c3:96:b2:81:13:eb:8a:e5:ee:43:
                    7a:71:55:cc:7a:81:86:53:a7:63:af:a8:3f:bb:ad:
                    0e:ba:30:f2:e5:8e:2f:75:cb:52:c0:a7:51:a8:db:
                    14:1a:64:1d:e6:9a:38:28:a6:ff:4d:16:13:af:b0:
                    01:59:ff:18:3a:9f:4a:69:cf:5d:7d:b0:ba:db:0c:
                    bb:c2:32:62:0a:23:54:3a:97:4e:05:1a:4d:f3:84:
                    61:ca:be:bd:27:7f:ee:db:e5:cb:55:c2:93:ca:45:
                    4d:1a:62:5c:2f:a2:8d:fa:d6:94:78:97:c1:29:e0:
                    1a:d4:e9:5d:06:b2:92:55:4c:58:a9:00:d2:fb:57:
                    aa:c5:f0:d7:0f:91:78:1c:c4:7b:ec:8e:d4:1b:6e:
                    3c:2b:0f:c0:5f:1d:a1:f8:80:f4:51:3a:a3:7e:1f:
                    d5:db:82:2e:da:b7:f9:ab:92:ca:78:d9:ba:e4:6c:
                    f6:46:d1:23:48:24:ec:75:ef:3f:61:c5:8d:7f:1f:
                    cf:7f:b6:ce:0b:03:45:20:e0:d2:c5:c1:f9:42:90:
                    d9:54:29:38:4e:16:19:03:e0:7d:02:dd:a7:8e:ae:
                    82:05:3a:cb:c6:e0:3c:82:78:83:f4:f7:3a:72:f9:
                    ed:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:AD:40:A8:75:BF:07:2D:58:49:68:27:C5:10:88:40:5F:A0:94:F3
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UK1AqHW_By1YSWgnxRCIQF-glPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.176.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:b6:a0:04:05:6b:cb:9c:eb:93:4d:0c:c8:61:94:1a:a2:be:
         ba:42:81:c2:08:7a:72:ca:f9:58:95:47:c8:76:79:5d:e9:39:
         fa:21:6c:d4:3f:9c:6b:4c:f3:9f:a3:f6:0c:ce:24:6d:77:7e:
         e7:57:13:41:ff:25:c8:5f:20:6d:24:22:db:34:ee:20:40:4a:
         92:08:82:4a:2b:62:e7:b6:6c:7e:5f:4a:8f:25:45:7a:d2:1b:
         31:a4:ad:9b:63:9e:ce:d7:05:db:44:5d:d4:97:6f:23:d2:54:
         a3:2d:9f:48:2c:e2:a8:c6:ce:4b:23:cc:94:68:dd:34:4b:2c:
         43:51:47:4a:e6:9e:96:ab:a8:16:3d:61:6d:0e:42:7c:1d:f0:
         6b:e2:d0:ae:d5:f3:c4:ee:2c:60:95:51:9b:18:be:82:be:90:
         d6:72:1a:42:e9:38:99:41:e5:6f:e3:26:f8:f6:b5:4a:62:70:
         92:ef:2f:f5:6e:51:79:75:c8:3d:8b:c0:a1:6a:ee:9a:48:fc:
         96:a4:fa:30:ab:84:50:33:0f:37:93:14:98:9b:02:cf:19:29:
         07:c7:4b:8d:51:23:87:f1:bd:67:ed:98:0a:14:c2:83:88:ac:
         1a:1f:82:e3:8e:6b:65:01:60:3c:d1:8e:b2:af:b5:41:b1:37:
         c3:21:b5:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3KVKnvKVfNQSK9RclWLwi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjIxMDYyMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFkNDBhODc1YmYwNzJkNTg0OTY4MjdjNTEwODg0MDVmYTA5NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh6NTRfABt553QtdmOI2enwCc8OW
soET64rl7kN6cVXMeoGGU6djr6g/u60OujDy5Y4vdctSwKdRqNsUGmQd5po4KKb/
TRYTr7ABWf8YOp9Kac9dfbC62wy7wjJiCiNUOpdOBRpN84Rhyr69J3/u2+XLVcKT
ykVNGmJcL6KN+taUeJfBKeAa1OldBrKSVUxYqQDS+1eqxfDXD5F4HMR77I7UG248
Kw/AXx2h+ID0UTqjfh/V24Iu2rf5q5LKeNm65Gz2RtEjSCTsde8/YcWNfx/Pf7bO
CwNFIODSxcH5QpDZVCk4ThYZA+B9At2njq6CBTrLxuA8gniD9Pc6cvntuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCtQKh1vwctWEloJ8UQiEBfoJTzMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVUsxQXFIV19CeTFZU1dnbnhSQ0lRRi1nbFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bACMA0G
CSqGSIb3DQEBCwUAA4IBAQCbtqAEBWvLnOuTTQzIYZQaor66QoHCCHpyyvlYlUfI
dnld6Tn6IWzUP5xrTPOfo/YMziRtd37nVxNB/yXIXyBtJCLbNO4gQEqSCIJKK2Ln
tmx+X0qPJUV60hsxpK2bY57O1wXbRF3Ul28j0lSjLZ9ILOKoxs5LI8yUaN00SyxD
UUdK5p6Wq6gWPWFtDkJ8HfBr4tCu1fPE7ixglVGbGL6CvpDWchpC6TiZQeVv4yb4
9rVKYnCS7y/1blF5dcg9i8Chau6aSPyWpPowq4RQMw83kxSYmwLPGSkHx0uNUSOH
8b1n7ZgKFMKDiKwaH4LjjmtlAWA80Y6yr7VBsTfDIbWN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org