Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa
File:                     uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa (raw, json)
Hash identifier:          SXzJEw+2ifl6qw67KxcGrvROHN1+Z+Er7RsUgxk6Fh8=
Subject key identifier:   B8:60:87:08:32:00:7E:92:D0:19:D1:A5:5F:03:AD:7D:E8:A1:FD:68
Certificate issuer:       /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial:       018CC3B744AA45CD5DD0958D96BD32F11BFA
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa
Signing time:             Mon 01 Jan 2024 06:30:16 +0000
ROA not before:           Mon 01 Jan 2024 06:30:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210544
IP address blocks:        192.124.252.0/24 maxlen: 24
                          193.28.64.0/23 maxlen: 24
                          193.28.71.0/24 maxlen: 24
                          2a12:6900::/36 maxlen: 64

Validation:               Failed, certificate revoked on Tue 18 Jun 2024 09:57:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:44:aa:45:cd:5d:d0:95:8d:96:bd:32:f1:1b:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
        Validity
            Not Before: Jan  1 06:30:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b860870832007e92d019d1a55f03ad7de8a1fd68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e5:89:d6:88:c2:db:05:b6:c2:e0:b4:95:22:
                    3f:9d:b5:d6:ae:6f:5c:1d:34:19:23:f8:a2:ac:21:
                    47:09:26:ef:36:04:72:d2:bb:51:a6:51:95:a7:9a:
                    7e:2a:3d:a1:f8:f3:64:15:9e:cc:77:2a:0f:4a:3a:
                    44:f0:dd:3d:9a:6a:d8:e0:11:56:76:81:de:36:1a:
                    f8:84:e7:b1:8a:67:9a:6e:8c:bf:98:b2:d2:0e:df:
                    0a:61:7f:96:bd:d6:99:6c:ac:5b:eb:32:29:89:82:
                    68:da:4b:d9:cb:50:85:8e:86:f9:c2:0f:7a:a9:08:
                    cd:65:11:81:96:6a:04:59:a4:77:37:ad:3d:ec:00:
                    8e:a2:23:83:ed:1c:b0:05:bc:a8:75:48:69:96:af:
                    01:8e:ef:dd:41:e2:71:53:70:f5:bf:ed:ec:4c:ad:
                    f3:26:48:40:2b:d9:b4:05:64:12:2e:22:25:d6:19:
                    cf:bc:07:33:b9:49:09:89:67:c3:8c:03:44:10:9e:
                    e4:01:eb:b4:ab:28:85:9d:66:63:aa:0f:7a:d6:13:
                    c2:21:29:28:f3:b1:6f:5f:71:f4:2f:16:d9:ce:17:
                    53:17:9e:c8:44:b6:0d:d6:c9:5e:f5:d2:37:77:87:
                    63:b1:e9:ec:f4:09:d8:42:e7:04:b2:90:49:21:57:
                    0a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:60:87:08:32:00:7E:92:D0:19:D1:A5:5F:03:AD:7D:E8:A1:FD:68
            X509v3 Authority Key Identifier:
                keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.252.0/24
                  193.28.64.0/23
                  193.28.71.0/24
                IPv6:
                  2a12:6900::/36

    Signature Algorithm: sha256WithRSAEncryption
         96:93:83:1b:a4:b2:ef:d5:34:f4:e6:da:33:d9:e4:53:43:a0:
         52:ac:4d:d3:94:34:bc:cf:a9:40:e4:9b:25:38:52:c6:7f:19:
         22:f1:49:19:14:bd:f8:58:07:37:cd:2b:80:9f:87:82:7c:5b:
         90:33:e5:dd:96:f6:ef:57:a3:59:6b:aa:37:bf:ca:8c:00:a9:
         d3:3a:7a:ad:b8:dd:3b:74:94:90:b2:dc:c2:95:d6:e0:84:73:
         7a:0d:ed:77:63:90:50:39:6c:aa:16:7b:4e:8e:8e:5e:fa:e4:
         50:fd:63:e8:99:fb:fb:85:b4:b2:b9:41:90:fb:5f:d7:1d:10:
         d9:32:1c:ba:8e:47:af:6f:72:93:9c:cd:6f:c6:5f:ff:6a:9b:
         d1:90:e6:c3:50:be:ae:ce:ae:77:56:85:62:15:27:02:0f:39:
         9f:ee:cd:ee:69:cf:9a:e6:09:2e:50:9e:2d:a4:e3:43:5c:a3:
         25:2c:0d:0a:92:d2:d8:86:a7:4a:e6:73:48:52:a0:42:8b:23:
         37:8e:ab:f9:25:65:03:b9:da:00:75:8c:1c:fc:a2:d4:79:cd:
         e1:33:15:20:9f:e1:60:a1:f0:66:fa:7b:00:56:29:1f:39:1a:
         51:5c:b5:e1:73:94:fe:ba:47:56:37:3e:33:c4:f6:26:a1:fc:
         fa:29:4f:26
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDt0SqRc1d0JWNlr0y8Rv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYwODcwODMyMDA3ZTkyZDAxOWQxYTU1ZjAzYWQ3ZGU4YTFmZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOWJ1ojC2wW2wuC0lSI/nbXWrm9c
HTQZI/iirCFHCSbvNgRy0rtRplGVp5p+Kj2h+PNkFZ7MdyoPSjpE8N09mmrY4BFW
doHeNhr4hOeximeaboy/mLLSDt8KYX+WvdaZbKxb6zIpiYJo2kvZy1CFjob5wg96
qQjNZRGBlmoEWaR3N6097ACOoiOD7RywBbyodUhplq8Bju/dQeJxU3D1v+3sTK3z
JkhAK9m0BWQSLiIl1hnPvAczuUkJiWfDjANEEJ7kAeu0qyiFnWZjqg961hPCISko
87FvX3H0LxbZzhdTF57IRLYN1sle9dI3d4djsens9AnYQucEspBJIVcKFQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLhghwgyAH6S0BnRpV8DrX3oof1oMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvdUdDSENESUFmcExRR2RHbFh3T3RmZWloX1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAwHz8AwQB
wRxAAwQAwRxHMA4EAgACMAgDBgQqEmkAADANBgkqhkiG9w0BAQsFAAOCAQEAlpOD
G6Sy79U09ObaM9nkU0OgUqxN05Q0vM+pQOSbJThSxn8ZIvFJGRS9+FgHN80rgJ+H
gnxbkDPl3Zb271ejWWuqN7/KjACp0zp6rbjdO3SUkLLcwpXW4IRzeg3td2OQUDls
qhZ7To6OXvrkUP1j6Jn7+4W0srlBkPtf1x0Q2TIcuo5Hr29yk5zNb8Zf/2qb0ZDm
w1C+rs6ud1aFYhUnAg85n+7N7mnPmuYJLlCeLaTjQ1yjJSwNCpLS2IanSuZzSFKg
QosjN46r+SVlA7naAHWMHPyi1HnN4TMVIJ/hYKHwZvp7AFYpHzkaUVy14XOU/rpH
Vjc+M8T2JqH8+ilPJg==
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:54:38 2024 by rpki-client on console-ams.rpki-client.org