Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/SUUW_AaHZ0JPWNTZmCPxfInE5O8.roa
File:                     SUUW_AaHZ0JPWNTZmCPxfInE5O8.roa (raw, json)
Hash identifier:          +TEp90EbT2y1fbeK2t45MF9FV6x9bxg71WXzgxBtl8M=
Subject key identifier:   49:45:16:FC:06:87:67:42:4F:58:D4:D9:98:23:F1:7C:89:C4:E4:EF
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018572BA4C65FA347D0CC63B5997F96D549D
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/SUUW_AaHZ0JPWNTZmCPxfInE5O8.roa
Signing time:             Mon 02 Jan 2023 13:44:49 +0000
ROA not before:           Mon 02 Jan 2023 13:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44834
IP address blocks:        188.130.236.0/23 maxlen: 24
                          109.248.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 27 Jan 2023 14:14:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:4c:65:fa:34:7d:0c:c6:3b:59:97:f9:6d:54:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  2 13:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=494516fc068767424f58d4d99823f17c89c4e4ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ac:ef:59:77:03:d9:95:5d:ae:7f:87:b0:11:
                    6f:cc:b8:f2:f9:6b:90:40:7e:a8:5c:81:6f:74:38:
                    d6:d4:2d:5c:39:bb:71:23:16:32:a0:6b:bc:92:5c:
                    1a:09:86:e0:38:41:f8:72:8b:49:b3:ba:e7:25:6e:
                    db:dd:d6:ac:48:dd:2c:4b:77:11:cc:92:d1:45:1e:
                    50:e0:1c:63:ba:d4:28:20:d9:c1:73:f4:4d:90:03:
                    ad:ec:23:26:63:b5:a5:4c:45:93:11:13:31:f6:7d:
                    b5:78:e3:52:c8:5e:bd:79:64:7e:17:82:1b:b6:8e:
                    7f:19:12:91:90:1e:8d:d1:f9:1d:21:85:da:cf:ca:
                    89:37:4a:4c:b0:91:af:af:78:62:02:82:76:54:8d:
                    8c:18:60:f4:bb:33:61:34:a1:91:c8:5e:82:46:6b:
                    2b:8f:e9:a0:cf:5d:de:1b:20:07:dc:69:37:bc:95:
                    b9:2b:61:56:12:f5:90:65:9f:e7:f3:7e:22:3b:4a:
                    ff:20:7a:0b:20:f4:3b:b3:7a:82:45:d2:af:d9:43:
                    c9:3f:b3:e7:db:f5:80:7b:cd:ad:b6:aa:fc:ba:6b:
                    c0:fe:87:35:e3:cc:ac:73:91:76:16:be:b8:49:5d:
                    c5:5c:c0:c4:7b:0d:15:78:43:ad:19:be:03:46:bd:
                    51:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:45:16:FC:06:87:67:42:4F:58:D4:D9:98:23:F1:7C:89:C4:E4:EF
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/SUUW_AaHZ0JPWNTZmCPxfInE5O8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.248.255.0/24
                  188.130.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1a:d6:17:ad:f5:9b:64:b7:1e:67:fa:76:bc:c4:c5:80:2f:4b:
         c7:67:16:10:21:9e:01:51:0c:db:b7:5b:f2:d5:9a:6f:63:86:
         57:37:6e:27:bc:9b:4b:39:82:08:18:6b:3f:ae:dd:54:21:e1:
         9b:19:ff:cd:31:c7:a6:60:91:41:2d:29:8b:3f:f1:60:90:c6:
         bf:0b:b3:0e:29:a8:55:8d:52:14:33:46:97:cc:3e:53:25:ca:
         5a:d1:91:7f:e2:0b:74:88:c3:8b:b3:56:48:fe:9d:ee:79:d4:
         2d:4f:b6:b7:a6:9d:78:da:b0:44:2a:f8:60:f4:8f:2b:a2:b5:
         da:b0:a2:3d:b8:79:a2:76:d1:97:ba:0e:d3:4d:be:cd:e5:ab:
         6d:88:77:da:da:7d:29:93:64:c0:31:f7:4f:9b:1c:4a:c9:bd:
         d2:71:37:32:b2:8c:06:0c:71:72:85:3c:0c:49:64:16:bf:0a:
         e9:6e:fc:ee:c8:fd:fe:23:9e:2d:99:33:d6:84:97:45:e3:fe:
         ca:ad:50:d1:fc:e3:ce:cc:28:09:08:e5:09:e8:5b:9a:6b:e8:
         6a:23:6e:17:68:1e:cb:05:a2:96:31:ac:6b:cb:61:f9:da:67:
         71:a4:13:71:5b:c9:28:00:15:f4:9e:39:96:6b:eb:1e:3f:ae:
         d6:69:57:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyukxl+jR9DMY7WZf5bVSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMTAyMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQ1MTZmYzA2ODc2NzQyNGY1OGQ0ZDk5ODIzZjE3Yzg5YzRlNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoazvWXcD2ZVdrn+HsBFvzLjy+WuQ
QH6oXIFvdDjW1C1cObtxIxYyoGu8klwaCYbgOEH4cotJs7rnJW7b3dasSN0sS3cR
zJLRRR5Q4BxjutQoINnBc/RNkAOt7CMmY7WlTEWTERMx9n21eONSyF69eWR+F4Ib
to5/GRKRkB6N0fkdIYXaz8qJN0pMsJGvr3hiAoJ2VI2MGGD0uzNhNKGRyF6CRmsr
j+mgz13eGyAH3Gk3vJW5K2FWEvWQZZ/n834iO0r/IHoLIPQ7s3qCRdKv2UPJP7Pn
2/WAe82ttqr8umvA/oc148ysc5F2Fr64SV3FXMDEew0VeEOtGb4DRr1RMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFElFFvwGh2dCT1jU2Zgj8XyJxOTvMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvU1VVV19BYUhaMEpQV05UWm1DUHhmSW5FNU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbfj/AwQB
vILsMA0GCSqGSIb3DQEBCwUAA4IBAQAa1het9Ztktx5n+na8xMWAL0vHZxYQIZ4B
UQzbt1vy1ZpvY4ZXN24nvJtLOYIIGGs/rt1UIeGbGf/NMcemYJFBLSmLP/FgkMa/
C7MOKahVjVIUM0aXzD5TJcpa0ZF/4gt0iMOLs1ZI/p3uedQtT7a3pp142rBEKvhg
9I8rorXasKI9uHmidtGXug7TTb7N5attiHfa2n0pk2TAMfdPmxxKyb3ScTcysowG
DHFyhTwMSWQWvwrpbvzuyP3+I54tmTPWhJdF4/7KrVDR/OPOzCgJCOUJ6Fuaa+hq
I24XaB7LBaKWMaxry2H52mdxpBNxW8koABX0njmWa+seP67WaVe2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org