Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/UVpTko8opNsAbpMU84egsxdaieU.roa
File:                     UVpTko8opNsAbpMU84egsxdaieU.roa (raw, json)
Hash identifier:          pK6yD/Lsij3b3ZvOYp8CKFHtfq8rS2Fgp4MZ3Z6fTHE=
Subject key identifier:   51:5A:53:92:8F:28:A4:DB:00:6E:93:14:F3:87:A0:B3:17:5A:89:E5
Certificate issuer:       /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial:       0189749063B316AA975EDCDE30283E617182
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/UVpTko8opNsAbpMU84egsxdaieU.roa
Signing time:             Thu 20 Jul 2023 18:29:27 +0000
ROA not before:           Thu 20 Jul 2023 18:29:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25198
IP address blocks:        85.204.107.0/24 maxlen: 24
                          195.74.93.0/24 maxlen: 24
                          46.229.243.0/24 maxlen: 24
                          46.229.253.0/24 maxlen: 24
                          2a12:3200:1000::/36 maxlen: 36
                          2a12:3200::/36 maxlen: 36
                          2a12:3200:2000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Wed 23 Aug 2023 14:15:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:74:90:63:b3:16:aa:97:5e:dc:de:30:28:3e:61:71:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
        Validity
            Not Before: Jul 20 18:29:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=515a53928f28a4db006e9314f387a0b3175a89e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:7f:b3:81:79:86:98:b0:c1:aa:dd:db:ff:37:
                    b1:48:d1:d9:85:4b:54:12:9d:21:48:74:46:dc:a4:
                    06:be:87:c9:51:74:bb:a3:4d:6a:79:46:1c:6f:50:
                    ff:ae:0d:6b:d7:8d:2c:8d:8e:1f:c9:8f:8c:65:93:
                    66:bb:bf:07:14:df:9b:e6:32:5d:a6:5f:bf:8f:57:
                    92:3f:fe:e7:14:df:93:95:9b:08:62:f9:eb:6b:8c:
                    9f:9b:a0:e0:05:2f:f3:4f:4d:e3:51:ea:9d:4d:5c:
                    08:b5:9c:07:ef:b6:cf:0f:fb:c1:47:b6:6a:58:17:
                    66:e5:5b:14:c2:0c:ab:e6:37:45:ce:b1:17:ef:06:
                    af:50:cf:7e:17:3d:20:ea:a3:37:a8:cd:6b:49:67:
                    45:ff:9f:c7:ac:74:64:a2:db:09:ec:97:c4:e8:1b:
                    c4:2d:56:95:28:10:e8:e8:4a:da:04:4c:d6:70:67:
                    d5:cb:96:46:1a:d9:4b:db:46:80:94:67:2c:3e:43:
                    44:f0:fa:48:fd:5b:35:63:15:69:08:5a:73:54:a6:
                    16:0a:b5:ea:ae:86:2a:05:7e:85:b5:81:f7:e2:ea:
                    b7:c5:ed:5f:63:43:f1:9f:56:99:f0:cb:21:cf:b5:
                    a5:78:19:cb:6f:0b:d2:f1:09:cd:b0:a9:0e:c4:9b:
                    40:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:5A:53:92:8F:28:A4:DB:00:6E:93:14:F3:87:A0:B3:17:5A:89:E5
            X509v3 Authority Key Identifier:
                keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/UVpTko8opNsAbpMU84egsxdaieU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.229.243.0/24
                  46.229.253.0/24
                  85.204.107.0/24
                  195.74.93.0/24
                IPv6:
                  2a12:3200::-2a12:3200:2fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         71:f7:71:66:a3:75:46:9e:a1:09:a4:bb:c9:a7:c4:40:ed:0b:
         04:50:bf:5f:f6:c6:bb:67:9c:fd:42:4d:a2:3a:82:58:26:21:
         d7:7a:79:51:8c:ed:cf:a6:10:f7:80:c9:d2:e2:b7:cb:69:b5:
         af:15:55:91:17:5c:8d:48:67:7d:74:df:cf:33:84:a0:39:fb:
         ac:e6:2a:d7:4c:bf:c3:15:95:c3:7c:da:52:fd:4a:8c:61:0a:
         e0:3b:9e:75:89:b6:6c:f7:ac:6d:13:b6:f1:e0:1b:7e:94:63:
         42:95:68:4c:7d:9f:91:d9:10:36:6e:98:2c:ed:86:6a:78:1a:
         c0:23:1f:b5:93:34:bb:3c:01:45:c5:02:4e:23:a2:17:4e:a5:
         a8:57:6d:9b:6d:c1:5e:e9:f9:10:b4:70:9f:1b:f6:76:bb:58:
         57:cf:b3:0c:3c:ca:b7:f7:2d:17:1e:9e:01:0f:cb:a0:f7:1a:
         cf:59:88:f5:8c:16:65:cd:d4:35:aa:cf:db:bd:f6:6e:9c:fc:
         3f:38:71:51:71:4e:ec:22:24:ea:f9:c7:f8:73:14:a6:4a:6a:
         f5:d0:f2:32:26:45:7d:c2:f1:39:1d:3a:65:ea:4a:f3:c8:7a:
         65:6c:b6:37:b6:12:81:bc:17:90:79:6c:8a:9e:7f:33:59:61:
         0d:56:b1:ea
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYl0kGOzFqqXXtzeMCg+YXGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMwNzIwMTgyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTVhNTM5MjhmMjhhNGRiMDA2ZTkzMTRmMzg3YTBiMzE3NWE4OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH+zgXmGmLDBqt3b/zexSNHZhUtU
Ep0hSHRG3KQGvofJUXS7o01qeUYcb1D/rg1r140sjY4fyY+MZZNmu78HFN+b5jJd
pl+/j1eSP/7nFN+TlZsIYvnra4yfm6DgBS/zT03jUeqdTVwItZwH77bPD/vBR7Zq
WBdm5VsUwgyr5jdFzrEX7wavUM9+Fz0g6qM3qM1rSWdF/5/HrHRkotsJ7JfE6BvE
LVaVKBDo6EraBEzWcGfVy5ZGGtlL20aAlGcsPkNE8PpI/Vs1YxVpCFpzVKYWCrXq
roYqBX6FtYH34uq3xe1fY0Pxn1aZ8Mshz7WleBnLbwvS8QnNsKkOxJtAcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFFaU5KPKKTbAG6TFPOHoLMXWonlMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvVVZwVGtvOG9wTnNBYnBNVTg0ZWdzeGRhaWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQALuXzAwQA
LuX9AwQAVcxrAwQAw0pdMBYEAgACMBAwDgMEASoSMgMGBCoSMgAgMA0GCSqGSIb3
DQEBCwUAA4IBAQBx93Fmo3VGnqEJpLvJp8RA7QsEUL9f9sa7Z5z9Qk2iOoJYJiHX
enlRjO3PphD3gMnS4rfLabWvFVWRF1yNSGd9dN/PM4SgOfus5irXTL/DFZXDfNpS
/UqMYQrgO551ibZs96xtE7bx4Bt+lGNClWhMfZ+R2RA2bpgs7YZqeBrAIx+1kzS7
PAFFxQJOI6IXTqWoV22bbcFe6fkQtHCfG/Z2u1hXz7MMPMq39y0XHp4BD8ug9xrP
WYj1jBZlzdQ1qs/bvfZunPw/OHFRcU7sIiTq+cf4cxSmSmr10PIyJkV9wvE5HTpl
6krzyHplbLY3thKBvBeQeWyKnn8zWWENVrHq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:15 2024 by rpki-client on console-ams.rpki-client.org