Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Uw1SSTdFCMBpsfYi-0gG-OVfHok.roa
File:                     Uw1SSTdFCMBpsfYi-0gG-OVfHok.roa (raw, json)
Hash identifier:          OXhIcIf/s8qPbnDf1eyHEz2cIuCM4SIOa7oc3f6Ryy4=
Subject key identifier:   53:0D:52:49:37:45:08:C0:69:B1:F6:22:FB:48:06:F8:E5:5F:1E:89
Certificate issuer:       /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial:       01857246F9844E83CBAEAF86CCCA1170DA97
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Uw1SSTdFCMBpsfYi-0gG-OVfHok.roa
Signing time:             Mon 02 Jan 2023 11:38:51 +0000
ROA not before:           Mon 02 Jan 2023 11:38:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56724
IP address blocks:        178.236.140.0/23 maxlen: 23
                          178.236.140.0/22 maxlen: 22
                          178.236.142.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:f9:84:4e:83:cb:ae:af:86:cc:ca:11:70:da:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
        Validity
            Not Before: Jan  2 11:38:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=530d5249374508c069b1f622fb4806f8e55f1e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:97:bd:00:f1:da:57:7a:33:3d:69:6d:de:7e:
                    0d:f9:dc:01:25:22:40:e7:88:7f:da:3f:24:3b:36:
                    c4:bd:94:5e:be:54:fe:b4:4b:5d:62:d3:59:dd:b8:
                    e0:b0:fd:da:f1:02:90:a7:5a:90:8d:90:6f:fa:39:
                    60:17:63:40:34:81:bd:38:1d:30:c7:98:e2:bb:66:
                    33:93:73:3c:68:e0:fe:2a:0e:14:55:97:59:24:3a:
                    68:22:42:da:b3:4b:c7:f5:05:a8:cf:b4:be:40:c2:
                    e7:0d:cc:e9:3c:76:eb:9c:8d:83:24:b9:94:75:95:
                    c6:ab:77:88:dc:51:02:5d:94:23:fc:c9:dd:b4:36:
                    bd:03:b8:3b:d5:63:81:ec:49:c8:23:ac:fa:45:0b:
                    47:00:3c:a3:4d:e2:8d:6a:a5:c6:6e:d3:4b:e5:ce:
                    5c:12:dd:92:27:20:f2:ac:b4:95:25:15:aa:c2:01:
                    5d:02:c3:5f:df:a8:31:1b:44:dd:fd:fd:21:00:7f:
                    70:5e:61:68:0e:f4:ea:d3:44:76:c0:c5:04:cb:99:
                    b3:75:ae:06:4d:da:cb:22:8d:68:9c:1d:96:85:db:
                    9c:eb:8f:50:ab:51:3c:8c:63:9c:c4:48:20:a3:28:
                    98:8e:65:d6:6e:00:2b:b9:8b:1a:48:62:e9:c3:49:
                    91:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:0D:52:49:37:45:08:C0:69:B1:F6:22:FB:48:06:F8:E5:5F:1E:89
            X509v3 Authority Key Identifier:
                keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Uw1SSTdFCMBpsfYi-0gG-OVfHok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:df:7b:5c:22:ca:37:dc:20:3f:a4:08:d9:4e:8a:8f:c8:f9:
         9d:43:f7:50:b2:62:0a:2b:45:8e:2a:4e:7d:ed:e3:f9:0f:68:
         a4:17:28:39:68:a0:11:3e:24:9b:a4:ff:57:e4:f5:43:3d:de:
         27:2f:5e:77:43:24:3b:23:7e:dc:44:e1:07:39:5e:f6:9b:ba:
         55:fa:81:4c:87:3d:29:d8:4d:f1:51:bf:b9:bd:6b:1a:39:f1:
         88:94:2b:bc:33:9e:65:cc:82:e8:cb:6d:34:52:50:c5:66:62:
         63:04:f5:b9:fc:6b:56:3c:d5:c2:40:2b:30:6f:ea:f3:a0:4c:
         1b:b6:1f:ee:39:d9:e9:94:18:9e:27:aa:98:1c:db:b2:e4:ea:
         20:c4:34:20:31:fc:a5:51:11:31:a7:76:0d:e0:5b:ad:a5:d7:
         98:76:86:a9:e4:7e:c0:65:9f:ed:f4:2c:dc:96:6f:78:ac:ec:
         eb:cd:08:cc:01:1c:a1:20:28:7e:d4:77:9f:26:f5:f7:4f:8b:
         21:28:55:e1:c8:58:92:a4:4d:f2:ef:ac:ae:ef:d4:39:34:08:
         7b:8d:86:68:fe:5d:f5:4a:0b:35:28:d5:0f:74:24:b0:f5:aa:
         b4:84:96:f5:49:8e:91:48:39:89:42:6c:22:42:3d:d3:94:86:
         62:e1:50:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRvmEToPLrq+GzMoRcNqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjMwMTAyMTEzODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzBkNTI0OTM3NDUwOGMwNjliMWY2MjJmYjQ4MDZmOGU1NWYxZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pe9APHaV3ozPWlt3n4N+dwBJSJA
54h/2j8kOzbEvZRevlT+tEtdYtNZ3bjgsP3a8QKQp1qQjZBv+jlgF2NANIG9OB0w
x5jiu2Yzk3M8aOD+Kg4UVZdZJDpoIkLas0vH9QWoz7S+QMLnDczpPHbrnI2DJLmU
dZXGq3eI3FECXZQj/MndtDa9A7g71WOB7EnII6z6RQtHADyjTeKNaqXGbtNL5c5c
Et2SJyDyrLSVJRWqwgFdAsNf36gxG0Td/f0hAH9wXmFoDvTq00R2wMUEy5mzda4G
TdrLIo1onB2Whduc649Qq1E8jGOcxEggoyiYjmXWbgAruYsaSGLpw0mRWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMNUkk3RQjAabH2IvtIBvjlXx6JMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvVXcxU1NUZEZDTUJwc2ZZaS0wZ0ctT1ZmSG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsuyMMA0G
CSqGSIb3DQEBCwUAA4IBAQAW33tcIso33CA/pAjZToqPyPmdQ/dQsmIKK0WOKk59
7eP5D2ikFyg5aKARPiSbpP9X5PVDPd4nL153QyQ7I37cROEHOV72m7pV+oFMhz0p
2E3xUb+5vWsaOfGIlCu8M55lzILoy200UlDFZmJjBPW5/GtWPNXCQCswb+rzoEwb
th/uOdnplBieJ6qYHNuy5OogxDQgMfylURExp3YN4FutpdeYdoap5H7AZZ/t9Czc
lm94rOzrzQjMARyhICh+1HefJvX3T4shKFXhyFiSpE3y76yu79Q5NAh7jYZo/l31
Sgs1KNUPdCSw9aq0hJb1SY6RSDmJQmwiQj3TlIZi4VAd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:14 2024 by rpki-client on console-fra.rpki-client.org