Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/UGktEro8SC-Xr4ip8ud6T_O6h1w.roa
File:                     UGktEro8SC-Xr4ip8ud6T_O6h1w.roa (raw, json)
Hash identifier:          9ghGXgKMX4iMGcDJzg8Fa7QgpQG51iPdGwvGJcVnhms=
Subject key identifier:   50:69:2D:12:BA:3C:48:2F:97:AF:88:A9:F2:E7:7A:4F:F3:BA:87:5C
Certificate issuer:       /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial:       018E61AA288DCD783F964015769C8FF80BB6
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/UGktEro8SC-Xr4ip8ud6T_O6h1w.roa
Signing time:             Thu 21 Mar 2024 15:38:45 +0000
ROA not before:           Thu 21 Mar 2024 15:38:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42375
IP address blocks:        45.82.82.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 10:28:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:61:aa:28:8d:cd:78:3f:96:40:15:76:9c:8f:f8:0b:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
        Validity
            Not Before: Mar 21 15:38:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=50692d12ba3c482f97af88a9f2e77a4ff3ba875c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ee:2b:e3:8b:6f:8d:ec:4c:12:3a:33:47:28:
                    07:d8:f1:e8:3e:8a:f4:ca:94:32:f4:4f:ed:25:fa:
                    8b:19:c7:4f:29:bd:44:13:9d:c6:c7:09:97:dd:0c:
                    47:ff:53:08:d4:c8:6e:08:bb:42:83:31:7c:24:cd:
                    e0:28:34:e1:ee:14:77:f3:ab:ae:50:50:47:0e:12:
                    50:8a:e7:47:cf:0f:f5:7f:33:03:41:34:b3:58:cd:
                    e0:bc:ea:28:b4:81:9d:0d:2e:ec:03:e9:5f:86:45:
                    27:b1:ca:c5:fc:ee:22:ae:08:d8:0f:cb:9a:5f:d9:
                    fa:77:86:48:e3:e5:b4:cb:ce:2e:47:e7:aa:f8:8a:
                    eb:6f:3e:10:18:91:d7:17:1e:43:2b:7f:29:2a:41:
                    9e:21:46:e3:22:75:67:b7:76:c7:ce:33:5f:ce:f2:
                    8f:9c:17:5d:89:6c:ff:4c:63:d8:45:b7:b5:85:93:
                    cd:92:d5:7e:e8:37:24:8b:53:94:65:a6:d3:5f:d1:
                    13:5d:0d:3e:38:ca:79:12:84:d0:f6:06:fc:7a:ba:
                    0a:54:50:1d:84:1b:20:ee:91:5f:b2:77:5d:59:04:
                    28:83:8f:35:23:77:21:a5:5b:e7:ae:27:b7:7d:51:
                    56:33:09:49:f6:5a:1c:e6:3c:e5:7c:18:4f:fb:72:
                    f5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:69:2D:12:BA:3C:48:2F:97:AF:88:A9:F2:E7:7A:4F:F3:BA:87:5C
            X509v3 Authority Key Identifier:
                keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/UGktEro8SC-Xr4ip8ud6T_O6h1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:f2:0c:7a:e5:e8:07:35:5e:eb:27:01:19:8f:fa:b3:19:c0:
         62:60:da:e6:b0:97:6a:60:7d:ba:9f:64:92:f5:54:62:0d:78:
         e3:51:56:a3:78:27:0e:d6:e7:5b:dd:f7:42:47:a2:79:e5:86:
         74:82:2a:c1:1e:c5:21:cd:03:6f:fe:f1:68:68:b4:1c:82:7c:
         25:d5:b6:1e:48:65:41:23:30:d0:4b:fb:17:69:76:03:3c:82:
         e5:b3:25:d4:30:63:0c:8f:05:fe:99:e2:06:e5:d7:68:7d:1e:
         aa:8d:2c:ae:ac:13:6c:7b:d0:46:1c:09:94:8f:0b:9d:01:68:
         ae:82:7e:46:fd:b0:fa:1e:2d:b6:3a:77:08:b9:ae:58:7d:aa:
         b2:c0:d5:f5:58:e5:03:b5:73:d8:74:87:0a:2d:0d:2f:b0:28:
         1c:78:36:83:bb:ea:90:42:af:c9:fa:4e:ee:3a:8a:8f:d7:b8:
         66:15:ac:2b:c0:42:4a:5a:0f:28:43:fd:e5:c4:d8:d5:3e:19:
         72:69:be:c2:4b:33:1b:b4:0c:e0:63:a9:6d:c0:23:4f:fa:50:
         77:93:6c:59:0d:f4:a9:ba:bc:c6:b9:a7:c5:7a:98:c1:52:1b:
         a2:ae:7f:f6:c0:11:ef:db:ae:f6:b8:54:d3:d3:0a:19:27:f4:
         04:53:95:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5hqiiNzXg/lkAVdpyP+Au2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjQwMzIxMTUzODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY5MmQxMmJhM2M0ODJmOTdhZjg4YTlmMmU3N2E0ZmYzYmE4NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju4r44tvjexMEjozRygH2PHoPor0
ypQy9E/tJfqLGcdPKb1EE53GxwmX3QxH/1MI1MhuCLtCgzF8JM3gKDTh7hR386uu
UFBHDhJQiudHzw/1fzMDQTSzWM3gvOootIGdDS7sA+lfhkUnscrF/O4irgjYD8ua
X9n6d4ZI4+W0y84uR+eq+Irrbz4QGJHXFx5DK38pKkGeIUbjInVnt3bHzjNfzvKP
nBddiWz/TGPYRbe1hZPNktV+6Dcki1OUZabTX9ETXQ0+OMp5EoTQ9gb8eroKVFAd
hBsg7pFfsnddWQQog481I3chpVvnrie3fVFWMwlJ9loc5jzlfBhP+3L1OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBpLRK6PEgvl6+IqfLnek/zuodcMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvVUdrdEVybzhTQy1YcjRpcDh1ZDZUX082aDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVJSMA0G
CSqGSIb3DQEBCwUAA4IBAQCG8gx65egHNV7rJwEZj/qzGcBiYNrmsJdqYH26n2SS
9VRiDXjjUVajeCcO1udb3fdCR6J55YZ0girBHsUhzQNv/vFoaLQcgnwl1bYeSGVB
IzDQS/sXaXYDPILlsyXUMGMMjwX+meIG5ddofR6qjSyurBNse9BGHAmUjwudAWiu
gn5G/bD6Hi22OncIua5YfaqywNX1WOUDtXPYdIcKLQ0vsCgceDaDu+qQQq/J+k7u
OoqP17hmFawrwEJKWg8oQ/3lxNjVPhlyab7CSzMbtAzgY6ltwCNP+lB3k2xZDfSp
urzGuafFepjBUhuirn/2wBHv2672uFTT0woZJ/QEU5Wx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:06 2024 by rpki-client on console-fra.rpki-client.org