Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cUBUJ0XtMkedPXRm4CBb2BjBZWI.roa
File:                     cUBUJ0XtMkedPXRm4CBb2BjBZWI.roa (raw, json)
Hash identifier:          lsNXZCWwSdXVtYY6jD+JL3sckyxOsZ37lGjLi/hC1EA=
Subject key identifier:   71:40:54:27:45:ED:32:47:9D:3D:74:66:E0:20:5B:D8:18:C1:65:62
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       01856C5CA00C1879C738BDF7B7633AA09AF3
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cUBUJ0XtMkedPXRm4CBb2BjBZWI.roa
Signing time:             Sun 01 Jan 2023 08:04:47 +0000
ROA not before:           Sun 01 Jan 2023 08:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        194.107.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Mar 2023 12:12:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:5c:a0:0c:18:79:c7:38:bd:f7:b7:63:3a:a0:9a:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Jan  1 08:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7140542745ed32479d3d7466e0205bd818c16562
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e0:1e:4e:89:19:a4:91:5c:c9:7d:2b:5f:5b:
                    62:b7:88:97:d9:10:9b:f4:3f:34:26:b0:71:c7:b1:
                    7c:c2:db:c1:f9:4a:d1:a9:c1:e8:3f:f5:ea:db:b2:
                    a8:f9:3d:07:9a:a2:18:d1:47:24:29:bc:84:bb:e8:
                    07:c6:87:f3:db:ec:42:bd:1b:0f:3d:89:18:34:e7:
                    1f:cf:5d:5a:6c:78:74:ca:a7:95:83:7f:4e:13:35:
                    18:f7:f7:47:46:da:ff:bc:83:5c:e7:f2:3d:5c:25:
                    e2:9b:6d:ba:37:15:3b:94:4f:c4:98:82:17:4a:5a:
                    e6:a6:71:6b:b7:74:3c:90:ae:7b:06:24:66:29:d7:
                    ff:cb:a5:46:2e:8d:51:bb:45:50:7b:85:41:c5:39:
                    18:ef:02:49:aa:72:ba:cb:8b:aa:9e:b4:8d:d8:3d:
                    3d:b8:dc:79:8e:b5:e7:0e:c4:7f:aa:b8:09:38:71:
                    5b:36:d7:e1:7e:d5:46:fe:f6:98:50:e6:00:89:f0:
                    09:bf:25:08:39:ea:7e:fb:18:69:90:af:e0:b2:06:
                    44:a4:44:6d:06:b5:5e:05:98:04:49:e4:56:c1:dd:
                    a5:65:f5:3b:80:48:ec:33:88:9d:bb:cc:a9:47:6e:
                    d9:7a:d1:b9:6b:a5:9b:d7:2c:10:48:d1:9d:a0:b5:
                    89:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:40:54:27:45:ED:32:47:9D:3D:74:66:E0:20:5B:D8:18:C1:65:62
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cUBUJ0XtMkedPXRm4CBb2BjBZWI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.107.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:33:97:8d:40:a8:fc:e9:59:8f:a7:0d:d7:12:5d:a2:9e:62:
         f1:95:bd:cd:75:b2:bd:9c:ef:0b:cf:04:38:59:40:9e:17:ca:
         91:84:6b:bf:01:69:3a:b1:c9:5b:a8:1c:89:5f:e8:22:34:64:
         c5:a9:f6:0b:46:37:35:1b:57:6d:53:c1:d0:ab:1d:83:17:0e:
         11:67:88:d4:1a:87:2e:b7:d0:52:5c:cb:b9:80:0d:00:33:f9:
         29:1b:18:e4:d4:c0:ac:6d:5f:a0:85:f8:8a:0f:d4:69:62:c0:
         41:f8:9b:dc:81:6e:a6:50:3b:1f:68:62:a2:2c:6c:d5:33:7f:
         45:29:42:64:3c:ba:aa:fb:4c:15:2d:6d:25:f5:19:ce:01:1a:
         23:15:12:fc:4c:45:12:51:a3:1d:b2:c1:a8:d9:08:cc:ba:c6:
         2f:43:19:4e:ca:8f:7d:05:41:30:46:ad:15:7d:11:5d:ed:c7:
         d9:5c:bc:99:7e:f4:d1:d6:23:a6:05:75:82:47:ea:13:77:9e:
         db:99:06:7c:8d:d9:9e:1d:08:47:3f:d4:44:ad:13:ad:0b:6d:
         07:61:50:59:d0:c9:44:ea:32:70:7f:b3:75:45:2c:46:24:f3:
         79:e0:05:ef:4d:19:dd:40:f8:55:fa:94:20:e1:9c:a0:36:59:
         3c:42:26:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsXKAMGHnHOL33t2M6oJrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwMTAxMDgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQwNTQyNzQ1ZWQzMjQ3OWQzZDc0NjZlMDIwNWJkODE4YzE2NTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOAeTokZpJFcyX0rX1tit4iX2RCb
9D80JrBxx7F8wtvB+UrRqcHoP/Xq27Ko+T0HmqIY0UckKbyEu+gHxofz2+xCvRsP
PYkYNOcfz11abHh0yqeVg39OEzUY9/dHRtr/vINc5/I9XCXim226NxU7lE/EmIIX
SlrmpnFrt3Q8kK57BiRmKdf/y6VGLo1Ru0VQe4VBxTkY7wJJqnK6y4uqnrSN2D09
uNx5jrXnDsR/qrgJOHFbNtfhftVG/vaYUOYAifAJvyUIOep++xhpkK/gsgZEpERt
BrVeBZgESeRWwd2lZfU7gEjsM4idu8ypR27ZetG5a6Wb1ywQSNGdoLWJXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFAVCdF7TJHnT10ZuAgW9gYwWViMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvY1VCVUowWHRNa2VkUFhSbTRDQmIyQmpCWldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmuiMA0G
CSqGSIb3DQEBCwUAA4IBAQClM5eNQKj86VmPpw3XEl2inmLxlb3NdbK9nO8LzwQ4
WUCeF8qRhGu/AWk6sclbqByJX+giNGTFqfYLRjc1G1dtU8HQqx2DFw4RZ4jUGocu
t9BSXMu5gA0AM/kpGxjk1MCsbV+ghfiKD9RpYsBB+JvcgW6mUDsfaGKiLGzVM39F
KUJkPLqq+0wVLW0l9RnOARojFRL8TEUSUaMdssGo2QjMusYvQxlOyo99BUEwRq0V
fRFd7cfZXLyZfvTR1iOmBXWCR+oTd57bmQZ8jdmeHQhHP9RErROtC20HYVBZ0MlE
6jJwf7N1RSxGJPN54AXvTRndQPhV+pQg4ZygNlk8Qia0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org