Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/UfdoKYkEM2vz5uUE2-o-A-zUgOQ.roa
File:                     UfdoKYkEM2vz5uUE2-o-A-zUgOQ.roa (raw, json)
Hash identifier:          0WoEZyPflWbFQQoHrk6FXovxuzv34qFDVdViWOiW70k=
Subject key identifier:   51:F7:68:29:89:04:33:6B:F3:E6:E5:04:DB:EA:3E:03:EC:D4:80:E4
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       01877AC10147E2E6BAAD2BD0E96B8F0B1EE1
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/UfdoKYkEM2vz5uUE2-o-A-zUgOQ.roa
Signing time:             Thu 13 Apr 2023 13:14:41 +0000
ROA not before:           Thu 13 Apr 2023 13:14:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209242
IP address blocks:        185.67.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:c1:01:47:e2:e6:ba:ad:2b:d0:e9:6b:8f:0b:1e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Apr 13 13:14:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51f768298904336bf3e6e504dbea3e03ecd480e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:1d:f8:15:fc:16:a3:08:5a:0c:e7:e3:73:e8:
                    e2:ee:59:0b:cb:04:b6:c8:e9:19:4f:29:ea:1b:1d:
                    c9:31:0f:d6:91:e4:51:07:0b:c9:49:14:47:7a:76:
                    ef:96:74:b5:9d:23:11:5c:69:05:b1:0c:6a:03:63:
                    df:36:00:34:bf:b9:ca:01:5a:3c:76:87:75:91:1d:
                    8d:09:49:22:cb:9e:0b:7c:41:b0:47:41:ae:af:3e:
                    e6:f2:89:fc:65:40:5a:c2:e4:e4:85:8f:e7:45:d2:
                    c0:ff:29:44:97:be:19:16:08:bb:3d:28:ab:c9:b2:
                    a2:40:d3:a5:35:01:8f:10:6a:73:03:0c:bd:de:fc:
                    a4:1d:18:10:c5:b5:9b:16:0f:ea:91:3b:f1:6e:d1:
                    03:50:9e:a5:b0:e7:0d:10:ef:18:60:b5:0e:8e:9f:
                    58:0e:ab:bf:8e:9a:12:7a:c3:54:fe:9b:75:e4:25:
                    54:e1:11:56:40:10:73:97:0f:e9:8d:34:fc:79:ff:
                    25:0d:6a:36:b9:c2:3d:04:08:56:98:9c:da:32:c5:
                    79:60:83:49:5e:41:b7:f4:9b:60:67:07:e8:23:d9:
                    46:95:93:4d:d3:68:93:3b:b4:8d:a6:42:fa:10:e0:
                    37:67:2f:36:e6:2b:68:5e:a5:b9:1c:6e:90:dc:ec:
                    1e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:F7:68:29:89:04:33:6B:F3:E6:E5:04:DB:EA:3E:03:EC:D4:80:E4
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/UfdoKYkEM2vz5uUE2-o-A-zUgOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.67.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e8:da:9a:b0:fd:ed:82:2b:eb:ea:9d:5d:e7:5a:52:2a:27:c8:
         85:f7:f5:b5:10:a5:91:2d:4b:84:20:ec:59:5f:52:4f:16:df:
         cc:fd:8a:fc:c4:a7:1d:84:41:3c:b1:dc:b7:02:ac:51:a7:e5:
         e7:ce:c7:1e:92:fd:a7:3a:49:30:2d:90:4b:44:4e:9a:e9:c2:
         1d:ce:a3:fe:d9:97:00:5e:33:63:32:7e:0b:30:cb:ba:93:25:
         da:a5:cb:74:50:f6:29:f2:4b:7f:3e:b8:cd:3a:ac:93:ba:2d:
         48:70:31:21:aa:56:70:a7:31:f1:5c:de:3f:f1:23:1d:ee:8a:
         1d:7c:95:c2:0c:60:70:ca:6b:17:de:32:60:32:20:76:60:d3:
         60:38:17:ca:43:8f:fe:13:a1:40:b8:1c:42:f4:f6:35:57:08:
         d3:2b:1d:48:2e:56:f3:91:90:24:fd:ed:7b:7d:df:b6:44:61:
         f4:91:cb:7f:ae:9c:84:97:d4:96:5c:eb:d2:6a:e0:ce:25:bf:
         b4:af:4e:98:30:98:44:bc:28:ba:96:d8:8c:fb:c9:ba:8d:9a:
         53:30:af:07:3e:7d:ca:d0:60:27:24:89:63:45:61:d2:07:48:
         71:72:09:d9:80:a1:ca:1c:34:0d:5d:f4:23:3c:d7:9a:19:a3:
         59:cf:f2:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6wQFH4ua6rSvQ6WuPCx7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjMwNDEzMTMxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY3NjgyOTg5MDQzMzZiZjNlNmU1MDRkYmVhM2UwM2VjZDQ4MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh34FfwWowhaDOfjc+ji7lkLywS2
yOkZTynqGx3JMQ/WkeRRBwvJSRRHenbvlnS1nSMRXGkFsQxqA2PfNgA0v7nKAVo8
dod1kR2NCUkiy54LfEGwR0Gurz7m8on8ZUBawuTkhY/nRdLA/ylEl74ZFgi7PSir
ybKiQNOlNQGPEGpzAwy93vykHRgQxbWbFg/qkTvxbtEDUJ6lsOcNEO8YYLUOjp9Y
Dqu/jpoSesNU/pt15CVU4RFWQBBzlw/pjTT8ef8lDWo2ucI9BAhWmJzaMsV5YINJ
XkG39JtgZwfoI9lGlZNN02iTO7SNpkL6EOA3Zy825itoXqW5HG6Q3OweAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFH3aCmJBDNr8+blBNvqPgPs1IDkMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvVWZkb0tZa0VNMnZ6NXVVRTItby1BLXpVZ09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUN8MA0G
CSqGSIb3DQEBCwUAA4IBAQDo2pqw/e2CK+vqnV3nWlIqJ8iF9/W1EKWRLUuEIOxZ
X1JPFt/M/Yr8xKcdhEE8sdy3AqxRp+Xnzscekv2nOkkwLZBLRE6a6cIdzqP+2ZcA
XjNjMn4LMMu6kyXapct0UPYp8kt/PrjNOqyTui1IcDEhqlZwpzHxXN4/8SMd7ood
fJXCDGBwymsX3jJgMiB2YNNgOBfKQ4/+E6FAuBxC9PY1VwjTKx1ILlbzkZAk/e17
fd+2RGH0kct/rpyEl9SWXOvSauDOJb+0r06YMJhEvCi6ltiM+8m6jZpTMK8HPn3K
0GAnJIljRWHSB0hxcgnZgKHKHDQNXfQjPNeaGaNZz/Lw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:34 2024 by rpki-client on console-fra.rpki-client.org