Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa
File:                     cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa (raw, json)
Hash identifier:          /Ws7f0aM5y30vPQqdqYW0aAqV8mjDDnUcFcu8UPy+yk=
Subject key identifier:   72:E9:2A:0C:55:B1:DF:0B:8D:CD:5D:D9:29:06:06:A2:DE:59:39:66
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       0188AFE5ADCFA7FDE1B1B4618CC1012A44E1
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa
Signing time:             Mon 12 Jun 2023 13:57:24 +0000
ROA not before:           Mon 12 Jun 2023 13:57:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        86.62.28.0/24 maxlen: 24
                          86.62.29.0/24 maxlen: 24
                          86.62.30.0/24 maxlen: 24
                          194.36.32.0/23 maxlen: 23
                          45.80.30.0/24 maxlen: 24
                          45.80.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Jun 2023 14:53:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:af:e5:ad:cf:a7:fd:e1:b1:b4:61:8c:c1:01:2a:44:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Jun 12 13:57:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=72e92a0c55b1df0b8dcd5dd9290606a2de593966
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:64:d3:dd:58:55:4a:5d:7c:a3:5d:01:f4:1b:
                    7b:45:9a:73:7b:94:a0:cc:b9:e0:90:64:be:51:92:
                    ab:e5:49:5b:86:6d:15:6b:68:1f:3f:0a:dc:0f:87:
                    32:f7:ec:da:38:10:e0:d3:81:68:e7:97:d0:0b:8d:
                    9c:4a:29:55:42:00:94:c4:a4:ff:c6:e7:ff:20:5b:
                    f1:79:10:5e:9b:46:c1:87:b8:c3:bd:70:de:82:cb:
                    59:50:4e:b5:82:7e:2c:3c:52:90:d8:03:1e:37:c7:
                    43:fd:9a:5c:72:92:7c:96:10:bb:c0:27:25:d6:a9:
                    37:f0:05:7f:6d:0d:23:01:5b:5f:2b:28:9e:eb:dd:
                    93:5f:46:d9:e6:07:17:80:55:ef:98:76:c2:09:74:
                    f5:a6:54:2e:3d:8e:e7:45:3d:ab:e4:6e:b5:1e:76:
                    33:4f:ee:94:ac:5b:38:92:08:95:c2:20:78:b9:00:
                    94:03:01:7f:86:37:6d:38:0f:ac:0c:99:fa:61:62:
                    db:18:da:61:06:4d:87:7c:f1:20:f6:71:60:a3:39:
                    90:ba:de:ca:c4:e4:6a:1e:69:2a:49:70:ac:ba:64:
                    6e:69:31:9c:0a:56:14:07:32:56:08:dd:b6:83:19:
                    13:de:f8:1f:0b:10:5d:94:35:79:8e:d9:2a:40:af:
                    23:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E9:2A:0C:55:B1:DF:0B:8D:CD:5D:D9:29:06:06:A2:DE:59:39:66
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.30.0/23
                  86.62.28.0-86.62.30.255
                  194.36.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:25:0a:35:e6:0b:b6:43:0a:b1:0c:66:d5:b5:13:0d:7e:06:
         4b:55:ca:db:1a:6a:3e:49:92:65:ba:d3:58:9b:52:d3:b9:3d:
         ec:56:d1:0d:c9:d3:f7:0c:b1:78:fb:53:d4:cb:93:d8:a1:36:
         b4:f9:12:49:e1:ef:4f:19:4c:77:48:62:5e:29:38:c8:9a:86:
         62:47:b4:19:a4:e1:b8:16:bc:3e:2b:34:15:65:d2:fe:e1:38:
         8e:f3:63:d5:b4:96:55:87:d5:43:5f:ca:9d:ee:1f:24:bd:b6:
         48:a5:1e:e5:4e:32:05:39:9b:ab:1b:8e:50:e2:4d:25:6b:97:
         7c:a6:ee:4b:01:2a:c4:10:7f:c3:85:95:34:fb:bb:70:3f:10:
         a6:03:91:28:ca:2f:13:7f:12:ad:d6:73:a8:b5:c2:8d:fc:8b:
         63:e1:30:f8:b1:99:55:c4:a5:94:2b:be:15:3e:90:0b:fd:99:
         8a:28:d8:ba:57:5f:19:aa:04:76:14:1c:d2:92:9b:2a:91:d2:
         cf:98:15:68:d3:75:2b:8d:95:fa:29:93:f3:84:0e:77:31:67:
         85:a6:0c:08:87:a5:83:5f:53:c9:61:bf:07:39:90:5e:81:f0:
         f0:82:1e:21:df:5d:bc:18:86:cd:58:2f:a6:f2:ac:65:35:a2:
         88:cf:a5:fc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYiv5a3Pp/3hsbRhjMEBKkThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwNjEyMTM1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU5MmEwYzU1YjFkZjBiOGRjZDVkZDkyOTA2MDZhMmRlNTkzOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2TT3VhVSl18o10B9Bt7RZpze5Sg
zLngkGS+UZKr5Ulbhm0Va2gfPwrcD4cy9+zaOBDg04Fo55fQC42cSilVQgCUxKT/
xuf/IFvxeRBem0bBh7jDvXDegstZUE61gn4sPFKQ2AMeN8dD/ZpccpJ8lhC7wCcl
1qk38AV/bQ0jAVtfKyie692TX0bZ5gcXgFXvmHbCCXT1plQuPY7nRT2r5G61HnYz
T+6UrFs4kgiVwiB4uQCUAwF/hjdtOA+sDJn6YWLbGNphBk2HfPEg9nFgozmQut7K
xORqHmkqSXCsumRuaTGcClYUBzJWCN22gxkT3vgfCxBdlDV5jtkqQK8jFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHLpKgxVsd8Ljc1d2SkGBqLeWTlmMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvY3VrcURGV3gzd3VOelYzWktRWUdvdDVaT1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLVAeMAwD
BAJWPhwDBABWPh4DBAHCJCAwDQYJKoZIhvcNAQELBQADggEBAHQlCjXmC7ZDCrEM
ZtW1Ew1+BktVytsaaj5JkmW601ibUtO5PexW0Q3J0/cMsXj7U9TLk9ihNrT5Eknh
708ZTHdIYl4pOMiahmJHtBmk4bgWvD4rNBVl0v7hOI7zY9W0llWH1UNfyp3uHyS9
tkilHuVOMgU5m6sbjlDiTSVrl3ym7ksBKsQQf8OFlTT7u3A/EKYDkSjKLxN/Eq3W
c6i1wo38i2PhMPixmVXEpZQrvhU+kAv9mYoo2LpXXxmqBHYUHNKSmyqR0s+YFWjT
dSuNlfopk/OEDncxZ4WmDAiHpYNfU8lhvwc5kF6B8PCCHiHfXbwYhs1YL6byrGU1
oojPpfw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org