Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa
File:                     UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa (raw, json)
Hash identifier:          hKh9RhxSL9SN0z36F2Tqo6QQYBYvzqhM3cUOp5vL1UM=
Subject key identifier:   50:61:ED:CF:4B:A3:DE:F8:74:01:21:27:98:FC:C7:6C:7E:EA:65:E1
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018EC2B4CC6C4E5CD3C1ECA6EE19697B7300
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa
Signing time:             Tue 09 Apr 2024 11:53:32 +0000
ROA not before:           Tue 09 Apr 2024 11:53:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48147
IP address blocks:        212.16.86.0/24 maxlen: 24
                          212.80.18.0/23 maxlen: 23
                          212.80.18.0/24 maxlen: 24
                          212.80.19.0/24 maxlen: 24
                          212.80.20.0/22 maxlen: 22
                          212.80.20.0/24 maxlen: 24
                          212.80.21.0/24 maxlen: 24
                          212.80.22.0/24 maxlen: 24
                          212.80.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Jun 2024 10:12:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c2:b4:cc:6c:4e:5c:d3:c1:ec:a6:ee:19:69:7b:73:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Apr  9 11:53:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5061edcf4ba3def87401212798fcc76c7eea65e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fc:bf:b7:ad:c1:53:43:dc:f3:04:03:21:26:
                    d7:54:af:0e:d5:0f:15:ab:37:0b:7b:8b:99:d9:19:
                    c7:c1:2f:02:5b:52:25:91:ff:3f:20:7c:1f:c3:b0:
                    92:7b:aa:df:a3:7d:d2:78:70:4c:b7:9c:d1:26:14:
                    b6:9e:2c:1c:ff:d2:cb:cf:9f:68:0b:2f:3f:3a:5a:
                    62:24:9b:5c:64:a9:14:3d:c6:1f:c3:94:29:d9:95:
                    52:97:ad:ec:9f:40:66:aa:2c:6e:fa:20:ba:e4:77:
                    b5:11:bb:c9:2f:97:a1:24:b6:e6:92:98:f5:05:d3:
                    e6:b0:15:8a:3c:5a:8c:f1:ef:c3:d3:ea:1e:45:e5:
                    5c:cd:9d:92:46:e6:ab:bf:dd:6e:fc:f3:7b:7b:3d:
                    c4:22:1c:b3:69:bd:0b:5f:0c:96:c0:dc:3b:b3:76:
                    9b:ce:a8:f8:e0:fd:a7:f3:2b:14:be:b1:73:98:1e:
                    e1:84:a0:77:d7:c1:a3:2f:b1:a5:0e:c4:bc:38:8a:
                    2c:60:31:0d:73:b7:e1:44:08:6e:c1:fd:95:ce:6f:
                    43:cb:31:5b:e7:d9:1f:97:4a:85:f1:4d:5c:67:5b:
                    d8:9b:dc:51:15:d5:f3:5c:db:dd:33:1b:0a:1c:17:
                    82:2a:b9:b1:96:f8:b3:90:1d:f3:f2:2f:9f:e8:ae:
                    cc:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:61:ED:CF:4B:A3:DE:F8:74:01:21:27:98:FC:C7:6C:7E:EA:65:E1
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.16.86.0/24
                  212.80.18.0-212.80.23.255

    Signature Algorithm: sha256WithRSAEncryption
         7e:b1:77:a8:02:40:92:7f:41:41:bb:f3:5f:f0:d7:5a:2f:28:
         7c:cc:2b:13:2f:0c:03:d4:aa:e3:91:c8:69:c4:84:36:a7:bd:
         1d:da:4c:e9:d3:06:e5:b1:1a:fc:46:2f:0f:f3:c3:45:49:18:
         3d:19:53:42:ec:95:92:7a:17:ee:74:23:c2:a9:c1:53:bb:fe:
         20:b6:71:10:3e:b2:3b:14:98:09:41:f1:96:a2:cf:0e:2c:01:
         a9:a6:0b:09:4b:b6:5a:60:03:44:14:af:2a:96:b5:5a:9e:0b:
         3d:7f:55:0b:b9:8a:0d:2e:4c:3f:7a:8f:20:81:87:60:c8:de:
         88:9d:33:94:7f:8e:44:02:e9:f8:24:09:ad:5e:27:04:5a:e0:
         9a:4f:6c:15:05:13:74:9b:2c:d7:59:bd:10:83:ef:72:73:f7:
         d5:61:e9:83:83:2f:62:72:e3:ec:fe:23:ac:91:c2:80:da:08:
         c6:51:de:84:3f:cd:86:9a:67:e5:79:53:19:9b:ec:ae:8d:11:
         5a:a0:30:e4:f9:52:f1:92:c0:6c:4f:9f:c9:b6:a3:bf:14:e8:
         bf:23:75:01:6f:76:ef:9e:93:ed:95:a8:dc:37:95:1a:9d:4e:
         d2:da:92:05:10:fa:7b:90:7e:98:48:62:55:67:df:42:06:ae:
         98:b5:73:7c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY7CtMxsTlzTweym7hlpe3MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNDA5MTE1MzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDYxZWRjZjRiYTNkZWY4NzQwMTIxMjc5OGZjYzc2YzdlZWE2NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvy/t63BU0Pc8wQDISbXVK8O1Q8V
qzcLe4uZ2RnHwS8CW1Ilkf8/IHwfw7CSe6rfo33SeHBMt5zRJhS2niwc/9LLz59o
Cy8/OlpiJJtcZKkUPcYfw5Qp2ZVSl63sn0Bmqixu+iC65He1EbvJL5ehJLbmkpj1
BdPmsBWKPFqM8e/D0+oeReVczZ2SRuarv91u/PN7ez3EIhyzab0LXwyWwNw7s3ab
zqj44P2n8ysUvrFzmB7hhKB318GjL7GlDsS8OIosYDENc7fhRAhuwf2Vzm9DyzFb
59kfl0qF8U1cZ1vYm9xRFdXzXNvdMxsKHBeCKrmxlvizkB3z8i+f6K7MMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFBh7c9Lo974dAEhJ5j8x2x+6mXhMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvVUdIdHowdWozdmgwQVNFbm1QekhiSDdxWmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1BBWMAwD
BAHUUBIDBAPUUBAwDQYJKoZIhvcNAQELBQADggEBAH6xd6gCQJJ/QUG781/w11ov
KHzMKxMvDAPUquORyGnEhDanvR3aTOnTBuWxGvxGLw/zw0VJGD0ZU0LslZJ6F+50
I8KpwVO7/iC2cRA+sjsUmAlB8Zaizw4sAammCwlLtlpgA0QUryqWtVqeCz1/VQu5
ig0uTD96jyCBh2DI3oidM5R/jkQC6fgkCa1eJwRa4JpPbBUFE3SbLNdZvRCD73Jz
99Vh6YODL2Jy4+z+I6yRwoDaCMZR3oQ/zYaaZ+V5Uxmb7K6NEVqgMOT5UvGSwGxP
n8m2o78U6L8jdQFvdu+ek+2VqNw3lRqdTtLakgUQ+nuQfphIYlVn30IGrpi1c3w=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:19:02 2024 by rpki-client on console-fra.rpki-client.org