Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/UDKUCYYI48ZawFxAxIZBuciBNek.roa
File:                     UDKUCYYI48ZawFxAxIZBuciBNek.roa (raw, json)
Hash identifier:          nYsAyz5R3iUmCqepA2zL6rtF1rzA5n3w2IzTPri0K3Q=
Subject key identifier:   50:32:94:09:86:08:E3:C6:5A:C0:5C:40:C4:86:41:B9:C8:81:35:E9
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       01899C15E0B201D41E477A8214094BB1716A
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/UDKUCYYI48ZawFxAxIZBuciBNek.roa
Signing time:             Fri 28 Jul 2023 10:40:26 +0000
ROA not before:           Fri 28 Jul 2023 10:40:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59651
IP address blocks:        45.155.166.0/24 maxlen: 24
                          45.143.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 22 Aug 2023 14:33:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:9c:15:e0:b2:01:d4:1e:47:7a:82:14:09:4b:b1:71:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Jul 28 10:40:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=503294098608e3c65ac05c40c48641b9c88135e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:38:de:05:c4:31:cc:d8:8d:46:90:0b:92:1d:
                    2d:bb:d9:21:5e:87:23:76:6f:6e:b7:61:bd:67:c7:
                    df:1b:bf:b5:f2:be:25:f0:2a:88:df:ad:f9:fe:84:
                    c4:76:87:75:8e:3a:6a:26:9b:3c:df:f4:93:cf:5d:
                    fb:82:fd:dc:cc:e1:73:dd:cf:7e:9e:51:04:0c:c5:
                    27:fe:64:6e:72:86:fe:37:a9:d6:92:41:94:87:87:
                    76:87:85:44:4a:7e:13:d0:17:1a:d7:f4:5b:72:68:
                    0a:f0:ac:ad:cc:c4:26:13:67:b2:27:4a:57:14:aa:
                    ad:70:88:6a:19:b4:9f:12:c4:2b:ed:d5:f3:51:0e:
                    bc:0f:2e:d2:4f:3e:58:fa:78:9e:67:46:e2:16:ab:
                    26:ec:1f:19:f3:f8:bd:0d:91:6a:2f:1e:8c:0e:bc:
                    2b:99:da:e8:e2:32:e1:59:ce:6e:07:41:e7:dc:72:
                    5f:65:1e:7b:86:84:53:b3:3a:1c:d1:d2:93:8c:19:
                    ce:b2:3f:cc:b7:83:18:07:88:86:44:48:2b:1f:6f:
                    44:6f:f5:cb:37:52:56:b2:0c:73:9d:97:81:01:26:
                    ab:ef:db:7f:0f:dc:ed:a0:0a:8c:d9:06:c1:ca:b8:
                    03:42:b5:32:40:24:54:d3:d6:7b:df:f0:c0:11:ab:
                    fb:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:32:94:09:86:08:E3:C6:5A:C0:5C:40:C4:86:41:B9:C8:81:35:E9
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/UDKUCYYI48ZawFxAxIZBuciBNek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.6.0/24
                  45.155.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:d9:1c:02:b9:db:a2:b3:66:dc:a2:27:ff:16:8b:11:0c:59:
         11:f6:45:ad:95:45:de:93:7b:74:a4:e3:20:0f:14:fd:f1:b3:
         8f:24:90:19:14:9b:7b:09:1b:bb:16:86:ed:4e:c8:89:55:b0:
         89:f9:c0:aa:a6:78:0f:72:c6:17:34:39:bb:0d:1d:ff:a3:5f:
         4d:32:94:44:85:e0:b5:18:b6:57:dd:c1:24:09:0b:a4:80:55:
         1a:49:73:0e:a5:89:04:aa:5a:68:04:c9:df:9e:7d:4e:13:46:
         af:e0:94:ab:1b:18:a4:8c:a0:ab:1a:18:0f:ad:92:2b:de:1e:
         c0:c5:66:47:15:b6:74:88:d2:5f:94:84:92:79:aa:3d:af:49:
         66:c6:98:ad:b9:f7:37:89:63:70:6d:dd:61:82:76:b2:de:60:
         61:63:d6:14:24:78:7c:90:46:48:88:08:58:36:4a:b1:d4:be:
         dc:be:4b:a0:7d:72:01:15:06:d3:63:3c:32:ef:c6:25:86:4d:
         05:0e:05:ae:11:22:67:7b:1b:57:d0:2b:7d:8a:6a:c7:6f:4a:
         4d:a9:9d:9f:12:49:ad:14:03:ba:21:b6:e4:a9:49:bb:7f:09:
         1b:4e:db:81:2f:6b:9c:d4:cb:a3:a2:f0:2b:f1:b1:40:be:c7:
         14:58:37:cd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYmcFeCyAdQeR3qCFAlLsXFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNzI4MTA0MDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDMyOTQwOTg2MDhlM2M2NWFjMDVjNDBjNDg2NDFiOWM4ODEzNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTjeBcQxzNiNRpALkh0tu9khXocj
dm9ut2G9Z8ffG7+18r4l8CqI3635/oTEdod1jjpqJps83/STz137gv3czOFz3c9+
nlEEDMUn/mRucob+N6nWkkGUh4d2h4VESn4T0Bca1/RbcmgK8KytzMQmE2eyJ0pX
FKqtcIhqGbSfEsQr7dXzUQ68Dy7STz5Y+nieZ0biFqsm7B8Z8/i9DZFqLx6MDrwr
mdro4jLhWc5uB0Hn3HJfZR57hoRTszoc0dKTjBnOsj/Mt4MYB4iGREgrH29Eb/XL
N1JWsgxznZeBASar79t/D9ztoAqM2QbByrgDQrUyQCRU09Z73/DAEav7twIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFAylAmGCOPGWsBcQMSGQbnIgTXpMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1VES1VDWVlJNDhaYXdGeEF4SVpCdWNpQk5lay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAtjwYD
BAAtm6YwDQYJKoZIhvcNAQELBQADggEBAF3ZHAK526KzZtyiJ/8WixEMWRH2Ra2V
Rd6Te3Sk4yAPFP3xs48kkBkUm3sJG7sWhu1OyIlVsIn5wKqmeA9yxhc0ObsNHf+j
X00ylESF4LUYtlfdwSQJC6SAVRpJcw6liQSqWmgEyd+efU4TRq/glKsbGKSMoKsa
GA+tkiveHsDFZkcVtnSI0l+UhJJ5qj2vSWbGmK259zeJY3Bt3WGCdrLeYGFj1hQk
eHyQRkiICFg2SrHUvty+S6B9cgEVBtNjPDLvxiWGTQUOBa4RImd7G1fQK32Kasdv
Sk2pnZ8SSa0UA7ohtuSpSbt/CRtO24Eva5zUy6Oi8CvxsUC+xxRYN80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org