Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/UaREjYzKH8kTTsToMsXo50tbz5k.roa
File:                     UaREjYzKH8kTTsToMsXo50tbz5k.roa (raw, json)
Hash identifier:          8F2JSsotYwlFLA3IEJ9SeOH+0/b4F432/fRoDvyd4Mc=
Subject key identifier:   51:A4:44:8D:8C:CA:1F:C9:13:4E:C4:E8:32:C5:E8:E7:4B:5B:CF:99
Certificate issuer:       /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial:       01856F795C3F19255B6010EBC3F0204F1625
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/UaREjYzKH8kTTsToMsXo50tbz5k.roa
Signing time:             Sun 01 Jan 2023 22:35:02 +0000
ROA not before:           Sun 01 Jan 2023 22:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15377
IP address blocks:        94.240.160.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:5c:3f:19:25:5b:60:10:eb:c3:f0:20:4f:16:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
        Validity
            Not Before: Jan  1 22:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51a4448d8cca1fc9134ec4e832c5e8e74b5bcf99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:bb:b7:65:c9:6b:74:15:c2:ef:64:84:fc:be:
                    c9:87:16:ea:8a:e5:a2:11:48:e6:b8:7d:36:0a:c9:
                    cc:97:cc:c0:80:d6:2c:04:dc:f3:ef:18:d9:dd:7d:
                    9f:e7:89:b4:23:35:9e:7f:f6:7c:62:15:cf:6b:15:
                    81:30:cf:a0:0f:f6:2c:69:2a:3b:4c:64:f5:f4:f5:
                    d3:ac:81:1f:91:18:10:9c:f4:6f:31:ce:75:56:2d:
                    9f:7c:3d:e7:04:3d:06:c0:cf:48:83:1a:fb:9b:23:
                    4c:d4:6b:4c:16:3b:f8:ac:00:45:2d:d6:5f:6d:bd:
                    5d:08:c4:3a:ec:dc:70:99:ae:f0:47:d7:47:f3:61:
                    a6:e1:b5:2f:31:99:74:d3:44:bd:07:aa:05:f0:49:
                    63:ce:44:b4:59:ce:69:a1:f1:4f:d8:6a:95:3c:9c:
                    03:ef:4b:be:da:7e:79:fe:d0:62:94:e9:40:a0:f2:
                    0c:10:ce:bb:db:dc:5d:1f:8c:25:a4:b0:e7:4c:8e:
                    49:09:8b:c7:1c:91:59:85:8a:ef:71:8c:3f:a5:bf:
                    37:17:5e:de:61:a9:7c:ad:6a:bd:c6:7d:b4:54:b7:
                    82:78:40:db:03:d0:0b:0d:58:ac:44:da:5c:bc:da:
                    96:56:03:eb:7d:f5:ed:89:a8:75:dc:dd:37:45:ae:
                    9d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:A4:44:8D:8C:CA:1F:C9:13:4E:C4:E8:32:C5:E8:E7:4B:5B:CF:99
            X509v3 Authority Key Identifier:
                keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/UaREjYzKH8kTTsToMsXo50tbz5k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.240.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         42:9d:ec:53:84:3c:bc:e3:78:10:28:eb:f2:54:6f:15:58:76:
         c8:54:76:0d:38:51:a8:a2:9f:d9:56:0f:96:8f:f0:6d:91:72:
         a2:34:a2:10:22:28:3f:23:78:78:dd:fe:54:ff:96:38:62:16:
         b3:17:28:1c:66:1d:ef:ce:30:74:87:96:ab:65:08:a9:2e:e8:
         74:0d:14:a5:93:7b:3f:af:90:be:28:22:76:27:5c:c6:d8:d1:
         a3:07:82:9d:17:95:27:85:63:f0:d9:96:cf:d8:5b:c2:3c:97:
         a3:b3:9c:10:9b:2f:6b:b5:c7:aa:f9:fb:36:f1:a5:7f:37:78:
         af:bf:71:33:bc:4e:64:0a:54:5b:23:36:c0:f1:e7:b1:25:39:
         a2:df:00:44:69:b8:cd:8b:20:c8:74:6b:eb:f5:a3:cf:02:19:
         3e:a0:21:55:bb:33:d9:33:f1:27:23:ee:bb:a6:5d:ab:c6:f5:
         c1:ad:41:0d:80:64:4e:70:b7:96:1c:b6:fd:dd:96:e9:fb:d1:
         c7:a2:b1:34:7b:06:83:4b:c6:10:36:a6:6c:04:4d:4f:00:c1:
         88:c0:f4:a1:fd:46:28:42:ba:7e:38:c6:29:46:ae:ef:97:22:
         09:3e:90:b7:25:5e:60:4f:9c:97:e1:8a:9e:58:25:c7:38:72:
         16:02:ed:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveVw/GSVbYBDrw/AgTxYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjMwMTAxMjIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWE0NDQ4ZDhjY2ExZmM5MTM0ZWM0ZTgzMmM1ZThlNzRiNWJjZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bu3ZclrdBXC72SE/L7JhxbqiuWi
EUjmuH02CsnMl8zAgNYsBNzz7xjZ3X2f54m0IzWef/Z8YhXPaxWBMM+gD/YsaSo7
TGT19PXTrIEfkRgQnPRvMc51Vi2ffD3nBD0GwM9Igxr7myNM1GtMFjv4rABFLdZf
bb1dCMQ67Nxwma7wR9dH82Gm4bUvMZl000S9B6oF8EljzkS0Wc5pofFP2GqVPJwD
70u+2n55/tBilOlAoPIMEM6729xdH4wlpLDnTI5JCYvHHJFZhYrvcYw/pb83F17e
Yal8rWq9xn20VLeCeEDbA9ALDVisRNpcvNqWVgPrffXtiah13N03Ra6dwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGkRI2Myh/JE07E6DLF6OdLW8+ZMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEvVWFSRWpZektIOGtUVHNUb01zWG81MHRiejVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFXvCgMA0G
CSqGSIb3DQEBCwUAA4IBAQBCnexThDy843gQKOvyVG8VWHbIVHYNOFGoop/ZVg+W
j/BtkXKiNKIQIig/I3h43f5U/5Y4YhazFygcZh3vzjB0h5arZQipLuh0DRSlk3s/
r5C+KCJ2J1zG2NGjB4KdF5UnhWPw2ZbP2FvCPJejs5wQmy9rtceq+fs28aV/N3iv
v3EzvE5kClRbIzbA8eexJTmi3wBEabjNiyDIdGvr9aPPAhk+oCFVuzPZM/EnI+67
pl2rxvXBrUENgGROcLeWHLb93Zbp+9HHorE0ewaDS8YQNqZsBE1PAMGIwPSh/UYo
Qrp+OMYpRq7vlyIJPpC3JV5gT5yX4YqeWCXHOHIWAu0P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:01 2024 by rpki-client on console-fra.rpki-client.org