Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/rp1UOgP6zvElZFHHtzxvdyMvc3M.roa
File:                     rp1UOgP6zvElZFHHtzxvdyMvc3M.roa (raw, json)
Hash identifier:          hyDzyM9jLj8GRth568yqNj5/ApK5hZ0pqXEzGBwxIfA=
Subject key identifier:   AE:9D:54:3A:03:FA:CE:F1:25:64:51:C7:B7:3C:6F:77:23:2F:73:73
Certificate issuer:       /CN=c8d0fc8259075cd675f319d7af4fa713048a515c
Certificate serial:       018570150CBB4AB1E42B6B1ECA80804BE750
Authority key identifier: C8:D0:FC:82:59:07:5C:D6:75:F3:19:D7:AF:4F:A7:13:04:8A:51:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/rp1UOgP6zvElZFHHtzxvdyMvc3M.roa
Signing time:             Mon 02 Jan 2023 01:25:05 +0000
ROA not before:           Mon 02 Jan 2023 01:25:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12409
IP address blocks:        212.94.192.0/19 maxlen: 19
                          2a0a:fc80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:15:0c:bb:4a:b1:e4:2b:6b:1e:ca:80:80:4b:e7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8d0fc8259075cd675f319d7af4fa713048a515c
        Validity
            Not Before: Jan  2 01:25:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae9d543a03facef1256451c7b73c6f77232f7373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a8:20:25:b6:f5:18:e8:70:38:6d:cf:24:e0:
                    11:47:29:8b:04:55:79:59:41:6f:c4:14:c6:48:fd:
                    18:e8:4f:9b:4c:a5:10:a4:21:4a:8a:ca:ea:d9:5a:
                    8e:67:4d:2d:ce:08:ec:48:3f:27:67:43:1f:2e:91:
                    47:c5:85:ee:e5:47:27:3f:46:d3:15:ff:7d:e2:2d:
                    22:0b:d3:3c:b4:4c:d5:57:60:8d:54:0c:fb:d9:7c:
                    31:ea:57:88:4c:aa:4f:7b:4c:21:f6:d5:20:d4:03:
                    89:9a:18:76:6e:ea:70:43:6b:da:bf:b2:a6:84:39:
                    d7:74:2b:77:1b:ad:be:45:0e:52:c8:70:4d:00:57:
                    61:11:41:a2:12:d6:9a:0f:08:48:3f:cd:63:74:88:
                    7f:e2:6c:30:41:56:e2:bd:68:e5:21:97:ea:c9:b6:
                    0a:bc:55:3e:2c:85:e2:87:cf:14:d1:a8:3c:aa:cc:
                    91:4a:be:96:c0:9c:14:0e:cc:bf:09:23:4a:67:e8:
                    74:72:2e:37:51:2c:e3:65:91:fa:86:6c:99:c0:c3:
                    b6:d8:bb:b5:9d:6e:dd:28:20:c0:b7:ab:5f:9f:86:
                    ce:35:ee:75:44:66:4e:08:54:be:4d:6c:bf:dd:75:
                    d7:15:5a:eb:25:b5:7e:8a:0f:5c:ed:c8:ae:12:f4:
                    97:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:9D:54:3A:03:FA:CE:F1:25:64:51:C7:B7:3C:6F:77:23:2F:73:73
            X509v3 Authority Key Identifier:
                keyid:C8:D0:FC:82:59:07:5C:D6:75:F3:19:D7:AF:4F:A7:13:04:8A:51:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/rp1UOgP6zvElZFHHtzxvdyMvc3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/yND8glkHXNZ18xnXr0-nEwSKUVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.94.192.0/19
                IPv6:
                  2a0a:fc80::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:e7:bd:63:e6:61:f8:ff:96:11:c6:75:d6:ca:c7:c8:de:fa:
         67:52:e8:25:99:51:2c:a1:af:c1:ae:c7:ed:a6:d2:35:a6:65:
         0a:39:25:df:c4:e0:ba:71:5f:1d:aa:f3:74:c3:fd:ac:29:31:
         9e:9a:31:cd:98:b8:4b:13:17:f3:0b:2e:cb:a9:7b:f4:ec:f1:
         ba:c8:b2:d9:8f:bb:90:b9:9f:db:1f:57:03:ef:6f:17:e6:76:
         fc:87:5a:58:0d:24:d5:cd:9d:72:b8:cf:4f:07:f3:37:24:84:
         cf:cc:88:05:f3:09:51:c8:04:7a:0c:fa:40:3f:a0:7f:7b:f1:
         c8:3c:74:45:71:ba:7e:4e:21:95:54:c6:3b:2d:02:59:27:bb:
         57:a5:85:5a:ab:d5:ba:61:c4:56:09:4c:51:6d:1d:b7:f5:06:
         27:84:45:c2:9a:ca:39:76:4e:95:af:d4:19:cc:5c:86:4c:2d:
         ff:d1:37:d3:db:be:ef:5e:e9:68:db:95:7f:0f:ea:52:66:f0:
         00:7e:2a:9c:e2:3c:c8:a5:2c:ba:2f:af:5d:75:c3:01:25:7b:
         bd:bc:72:68:7f:04:09:1a:a6:4b:73:ca:3e:25:57:06:b2:9e:
         14:0b:fa:b5:28:3e:e5:cb:f3:9a:c2:46:13:9a:f1:b1:5d:03:
         b5:3f:08:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFQy7SrHkK2seyoCAS+dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDBmYzgyNTkwNzVjZDY3NWYzMTlkN2FmNGZhNzEzMDQ4
YTUxNWMwHhcNMjMwMTAyMDEyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTlkNTQzYTAzZmFjZWYxMjU2NDUxYzdiNzNjNmY3NzIzMmY3MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKggJbb1GOhwOG3PJOARRymLBFV5
WUFvxBTGSP0Y6E+bTKUQpCFKisrq2VqOZ00tzgjsSD8nZ0MfLpFHxYXu5UcnP0bT
Ff994i0iC9M8tEzVV2CNVAz72Xwx6leITKpPe0wh9tUg1AOJmhh2bupwQ2vav7Km
hDnXdCt3G62+RQ5SyHBNAFdhEUGiEtaaDwhIP81jdIh/4mwwQVbivWjlIZfqybYK
vFU+LIXih88U0ag8qsyRSr6WwJwUDsy/CSNKZ+h0ci43USzjZZH6hmyZwMO22Lu1
nW7dKCDAt6tfn4bONe51RGZOCFS+TWy/3XXXFVrrJbV+ig9c7ciuEvSXjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK6dVDoD+s7xJWRRx7c8b3cjL3NzMB8GA1UdIwQY
MBaAFMjQ/IJZB1zWdfMZ169PpxMEilFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5EOGdsa0hYTloxOHhuWHIwLW5Fd1NLVVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80NWM4NjItOWUzMy00NWM4LWE3Mjgt
N2EyZmQxMDI2OWJlLzEvcnAxVU9nUDZ6dkVsWkZISHR6eHZkeU12YzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80NWM4NjItOWUzMy00NWM4LWE3MjgtN2EyZmQxMDI2OWJl
LzEveU5EOGdsa0hYTloxOHhuWHIwLW5Fd1NLVVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1F7AMA0E
AgACMAcDBQAqCvyAMA0GCSqGSIb3DQEBCwUAA4IBAQCB571j5mH4/5YRxnXWysfI
3vpnUuglmVEsoa/BrsftptI1pmUKOSXfxOC6cV8dqvN0w/2sKTGemjHNmLhLExfz
Cy7LqXv07PG6yLLZj7uQuZ/bH1cD728X5nb8h1pYDSTVzZ1yuM9PB/M3JITPzIgF
8wlRyAR6DPpAP6B/e/HIPHRFcbp+TiGVVMY7LQJZJ7tXpYVaq9W6YcRWCUxRbR23
9QYnhEXCmso5dk6Vr9QZzFyGTC3/0TfT277vXulo25V/D+pSZvAAfiqc4jzIpSy6
L69ddcMBJXu9vHJofwQJGqZLc8o+JVcGsp4UC/q1KD7ly/OawkYTmvGxXQO1Pwg0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:38 2024 by rpki-client on console-fra.rpki-client.org