Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/UXU5EpFA9OoL8poBMylO7_4PcME.roa
File:                     UXU5EpFA9OoL8poBMylO7_4PcME.roa (raw, json)
Hash identifier:          W0tUaC6kif3ddKhJZQHA4alCZoX5DyslhhBm/3H8b0w=
Subject key identifier:   51:75:39:12:91:40:F4:EA:0B:F2:9A:01:33:29:4E:EF:FE:0F:70:C1
Certificate issuer:       /CN=75193bd9f84b4a9ed47a03bdf892d9e798b72727
Certificate serial:       01867EFC6B9E6916D25C4F616AAD10BD8FBC
Authority key identifier: 75:19:3B:D9:F8:4B:4A:9E:D4:7A:03:BD:F8:92:D9:E7:98:B7:27:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/UXU5EpFA9OoL8poBMylO7_4PcME.roa
Signing time:             Thu 23 Feb 2023 15:55:17 +0000
ROA not before:           Thu 23 Feb 2023 15:55:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48954
IP address blocks:        85.91.40.0/22 maxlen: 24
                          45.147.84.0/24 maxlen: 24
                          195.88.100.0/23 maxlen: 24
                          37.48.240.0/21 maxlen: 24
                          185.83.120.0/22 maxlen: 24
                          2a00:7640::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 10:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7e:fc:6b:9e:69:16:d2:5c:4f:61:6a:ad:10:bd:8f:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75193bd9f84b4a9ed47a03bdf892d9e798b72727
        Validity
            Not Before: Feb 23 15:55:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=517539129140f4ea0bf29a0133294eeffe0f70c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f9:3c:a6:54:82:13:01:03:51:a3:0d:e2:cd:
                    36:57:a4:c8:2c:c5:00:d0:fe:41:f5:55:7c:fa:1d:
                    35:96:0f:8d:b7:66:25:5a:de:6a:63:55:0f:b1:e6:
                    c2:a1:46:99:45:23:da:3a:7b:23:a4:31:e6:6b:89:
                    17:19:9d:fa:f5:6b:a2:96:50:9a:ea:ac:ea:dc:1e:
                    b5:f7:5c:1f:18:c9:c1:4f:fe:65:b1:72:ad:f9:91:
                    47:a4:c3:32:9c:2a:e8:1c:7d:f0:1c:18:7b:4c:c6:
                    76:9b:dc:6d:54:c8:54:3b:ff:99:6b:eb:b7:ac:da:
                    2e:f0:71:b0:52:bf:53:4e:11:d8:cd:96:2d:d1:ca:
                    12:f7:88:6c:8c:9d:c1:02:98:2e:08:4e:b3:21:7d:
                    fc:4e:fd:f4:7c:6f:9f:25:a3:41:cc:e9:07:da:8d:
                    6a:93:89:5b:cb:8b:70:8a:d5:d8:3d:5b:ba:05:4b:
                    80:7b:f4:89:6c:67:13:56:39:5d:48:bb:b0:91:33:
                    9c:2c:83:e9:de:ef:e6:67:10:58:18:5b:33:40:a2:
                    03:4f:48:52:cf:dc:ee:55:e6:cc:59:f7:35:21:b9:
                    c5:b5:47:2d:83:37:c2:de:a1:cd:28:75:5c:04:09:
                    75:d2:c4:f6:30:06:20:dc:27:cc:04:cc:8c:11:4f:
                    3c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:75:39:12:91:40:F4:EA:0B:F2:9A:01:33:29:4E:EF:FE:0F:70:C1
            X509v3 Authority Key Identifier:
                keyid:75:19:3B:D9:F8:4B:4A:9E:D4:7A:03:BD:F8:92:D9:E7:98:B7:27:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/UXU5EpFA9OoL8poBMylO7_4PcME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/dRk72fhLSp7UegO9-JLZ55i3Jyc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.48.240.0/21
                  45.147.84.0/24
                  85.91.40.0/22
                  185.83.120.0/22
                  195.88.100.0/23
                IPv6:
                  2a00:7640::/32

    Signature Algorithm: sha256WithRSAEncryption
         3e:d9:62:9d:ac:95:4c:41:b4:75:84:8b:df:c0:b9:a0:0d:59:
         72:1e:71:9e:c7:2a:a2:8b:50:92:03:3c:1e:61:47:b8:07:1d:
         84:1d:b6:d8:75:c5:9f:3e:72:d4:42:05:ef:7c:0d:73:e6:0a:
         f6:d5:0e:e0:9f:24:79:5f:4e:fa:23:d0:3e:68:66:7b:65:b7:
         0d:0a:bb:0b:ae:b2:ff:6b:38:cb:66:61:e3:2b:7b:03:12:dc:
         c6:ec:89:01:f7:40:ff:0b:0c:3c:be:5b:fb:8c:76:e2:2e:6e:
         bf:80:d7:71:8b:50:88:eb:25:55:17:c3:0c:5e:d0:f2:3d:0e:
         d8:e7:d4:71:5a:a9:f7:b7:06:86:46:34:da:9c:92:c0:3a:3f:
         e4:98:0d:f7:04:d9:f3:2a:88:00:ca:55:55:58:10:f3:5b:3b:
         82:54:cb:31:c7:e7:28:9f:05:a3:94:14:44:37:c8:62:4e:a4:
         b7:65:82:75:db:55:cc:54:63:0f:41:b8:be:ab:88:ea:46:64:
         27:83:be:11:86:3d:64:52:fe:5c:81:82:06:0f:db:3c:ca:81:
         95:cb:0c:ca:03:24:bf:ca:b1:a7:3f:c0:c2:3f:fe:63:d8:74:
         70:e5:07:a9:ff:8f:dd:2b:15:90:b5:3b:17:08:e4:72:01:ac:
         fb:b0:fd:e0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYZ+/GueaRbSXE9haq0QvY+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTkzYmQ5Zjg0YjRhOWVkNDdhMDNiZGY4OTJkOWU3OThi
NzI3MjcwHhcNMjMwMjIzMTU1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc1MzkxMjkxNDBmNGVhMGJmMjlhMDEzMzI5NGVlZmZlMGY3MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvk8plSCEwEDUaMN4s02V6TILMUA
0P5B9VV8+h01lg+Nt2YlWt5qY1UPsebCoUaZRSPaOnsjpDHma4kXGZ369WuillCa
6qzq3B6191wfGMnBT/5lsXKt+ZFHpMMynCroHH3wHBh7TMZ2m9xtVMhUO/+Za+u3
rNou8HGwUr9TThHYzZYt0coS94hsjJ3BApguCE6zIX38Tv30fG+fJaNBzOkH2o1q
k4lby4twitXYPVu6BUuAe/SJbGcTVjldSLuwkTOcLIPp3u/mZxBYGFszQKIDT0hS
z9zuVebMWfc1IbnFtUctgzfC3qHNKHVcBAl10sT2MAYg3CfMBMyMEU88eQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFF1ORKRQPTqC/KaATMpTu/+D3DBMB8GA1UdIwQY
MBaAFHUZO9n4S0qe1HoDvfiS2eeYtycnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJrNzJmaExTcDdVZWdPOS1KTFo1NWkzSnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jNGU2YTQtNjFjMi00Mzg4LWI4NDQt
M2I3MTU2OTFkMmU5LzEvVVhVNUVwRkE5T29MOHBvQk15bE83XzRQY01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jNGU2YTQtNjFjMi00Mzg4LWI4NDQtM2I3MTU2OTFkMmU5
LzEvZFJrNzJmaExTcDdVZWdPOS1KTFo1NWkzSnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJTDwAwQA
LZNUAwQCVVsoAwQCuVN4AwQBw1hkMA0EAgACMAcDBQAqAHZAMA0GCSqGSIb3DQEB
CwUAA4IBAQA+2WKdrJVMQbR1hIvfwLmgDVlyHnGexyqii1CSAzweYUe4Bx2EHbbY
dcWfPnLUQgXvfA1z5gr21Q7gnyR5X076I9A+aGZ7ZbcNCrsLrrL/azjLZmHjK3sD
EtzG7IkB90D/Cww8vlv7jHbiLm6/gNdxi1CI6yVVF8MMXtDyPQ7Y59RxWqn3twaG
RjTanJLAOj/kmA33BNnzKogAylVVWBDzWzuCVMsxx+conwWjlBREN8hiTqS3ZYJ1
21XMVGMPQbi+q4jqRmQng74Rhj1kUv5cgYIGD9s8yoGVywzKAyS/yrGnP8DCP/5j
2HRw5Qep/4/dKxWQtTsXCORyAaz7sP3g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:27 2024 by rpki-client on console-fra.rpki-client.org