Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/UtqMw8RcjpsUDGVKW_FJ2H38tlw.roa
File:                     UtqMw8RcjpsUDGVKW_FJ2H38tlw.roa (raw, json)
Hash identifier:          LRM+N5OxI+g6MCE0nwkb4UOrOSP3MbDGq+t/RffUus4=
Subject key identifier:   52:DA:8C:C3:C4:5C:8E:9B:14:0C:65:4A:5B:F1:49:D8:7D:FC:B6:5C
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       018DC715A17E5D917C0E96F60BDEFA286511
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/UtqMw8RcjpsUDGVKW_FJ2H38tlw.roa
Signing time:             Tue 20 Feb 2024 15:15:00 +0000
ROA not before:           Tue 20 Feb 2024 15:15:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212477
IP address blocks:        185.226.56.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Feb 2024 15:41:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c7:15:a1:7e:5d:91:7c:0e:96:f6:0b:de:fa:28:65:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Feb 20 15:15:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=52da8cc3c45c8e9b140c654a5bf149d87dfcb65c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:84:29:6b:6b:39:9b:e5:14:7d:15:f5:1a:1a:
                    82:7a:af:c9:79:8b:2e:67:9c:59:59:fb:fa:7e:17:
                    ed:c4:96:ab:52:53:df:7e:fd:99:8b:9f:d4:ff:59:
                    7f:0d:0d:c5:03:10:b4:21:65:83:f7:74:f6:b5:53:
                    02:8d:c3:68:b3:92:f5:a4:36:d6:13:b5:d9:11:59:
                    fb:6c:42:c0:2d:e7:96:04:2b:a4:c0:0d:1e:9d:7c:
                    32:b7:93:db:87:3f:d6:21:06:62:06:dc:a0:22:b9:
                    6a:8c:dc:5a:a8:77:2f:85:e3:22:a0:10:d0:49:44:
                    d4:c8:62:bd:1f:e4:5f:06:c9:34:ee:6f:bc:d6:36:
                    e8:dc:85:a9:05:4e:f9:50:a8:94:1b:fb:9d:5f:c5:
                    84:40:32:0b:ac:0d:d0:29:e7:53:fe:94:cc:2a:7a:
                    a3:d2:c5:d9:fc:19:38:00:cf:a1:1e:28:c7:18:a1:
                    dc:db:66:1d:a5:0e:9e:cc:f0:d3:62:c0:ee:6c:30:
                    c1:9d:78:a9:d3:a6:00:88:a9:7b:04:66:2c:cd:ff:
                    ec:ad:ff:e0:9c:ca:3e:e7:be:ba:ee:eb:b9:97:c7:
                    15:d6:ed:e4:78:3c:7d:53:aa:f2:87:c9:7f:f9:54:
                    7c:8b:40:6c:5a:97:0f:e7:03:3a:4c:2d:83:c0:4f:
                    a4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:DA:8C:C3:C4:5C:8E:9B:14:0C:65:4A:5B:F1:49:D8:7D:FC:B6:5C
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/UtqMw8RcjpsUDGVKW_FJ2H38tlw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:45:22:e8:d2:65:0d:df:03:ef:46:40:0f:35:65:43:ad:fa:
         83:ad:0a:91:da:9e:58:dd:bc:e7:55:8f:cf:b9:06:97:cd:42:
         79:2b:f8:ca:5d:f4:c5:92:4e:1f:49:a7:fc:cd:fc:46:73:bf:
         ab:ad:c9:b9:b5:db:c2:23:83:ae:1e:23:3c:58:af:a3:a4:d0:
         be:ed:7f:60:86:8d:cc:d8:af:54:80:47:ab:86:aa:3f:03:74:
         d4:77:48:95:c0:71:8f:94:e7:33:d3:8a:55:55:52:21:28:71:
         e6:25:21:bf:85:1d:b5:fe:43:ce:91:35:80:b8:8c:f4:41:9f:
         ab:c6:0e:0a:aa:eb:4c:ea:51:6d:3e:89:40:b0:be:77:08:cb:
         3e:0b:19:a1:86:1f:31:a1:56:01:14:f3:c1:04:c0:52:a1:fb:
         fc:b4:9b:b5:15:94:91:55:5e:de:06:4e:0f:4e:51:d4:7a:62:
         55:ef:8c:5b:05:01:88:39:78:70:de:de:ea:9d:63:76:df:01:
         da:af:7d:3c:33:c5:ad:eb:2f:93:77:33:b5:89:fa:e8:c9:a5:
         5b:4a:76:2c:92:00:e2:d5:38:5a:a2:b9:8f:a2:11:07:ac:e3:
         18:8c:62:26:22:84:bd:b7:04:3c:89:3f:84:3e:23:09:07:27:
         b8:5d:64:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3HFaF+XZF8Dpb2C976KGURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjQwMjIwMTUxNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRhOGNjM2M0NWM4ZTliMTQwYzY1NGE1YmYxNDlkODdkZmNiNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYQpa2s5m+UUfRX1GhqCeq/JeYsu
Z5xZWfv6fhftxJarUlPffv2Zi5/U/1l/DQ3FAxC0IWWD93T2tVMCjcNos5L1pDbW
E7XZEVn7bELALeeWBCukwA0enXwyt5Pbhz/WIQZiBtygIrlqjNxaqHcvheMioBDQ
SUTUyGK9H+RfBsk07m+81jbo3IWpBU75UKiUG/udX8WEQDILrA3QKedT/pTMKnqj
0sXZ/Bk4AM+hHijHGKHc22YdpQ6ezPDTYsDubDDBnXip06YAiKl7BGYszf/srf/g
nMo+57667uu5l8cV1u3keDx9U6ryh8l/+VR8i0BsWpcP5wM6TC2DwE+kowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLajMPEXI6bFAxlSlvxSdh9/LZcMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvVXRxTXc4UmNqcHNVREdWS1dfRkoySDM4dGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueI4MA0G
CSqGSIb3DQEBCwUAA4IBAQB8RSLo0mUN3wPvRkAPNWVDrfqDrQqR2p5Y3bznVY/P
uQaXzUJ5K/jKXfTFkk4fSaf8zfxGc7+rrcm5tdvCI4OuHiM8WK+jpNC+7X9gho3M
2K9UgEerhqo/A3TUd0iVwHGPlOcz04pVVVIhKHHmJSG/hR21/kPOkTWAuIz0QZ+r
xg4KqutM6lFtPolAsL53CMs+Cxmhhh8xoVYBFPPBBMBSofv8tJu1FZSRVV7eBk4P
TlHUemJV74xbBQGIOXhw3t7qnWN23wHar308M8Wt6y+TdzO1ifroyaVbSnYskgDi
1ThaormPohEHrOMYjGImIoS9twQ8iT+EPiMJBye4XWSS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:23 2024 by rpki-client on console-ams.rpki-client.org