Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/uFJz_H7TsZClKsefFhZC4Yyb0fo.roa
File:                     uFJz_H7TsZClKsefFhZC4Yyb0fo.roa (raw, json)
Hash identifier:          6+c6jLFrjciJbVSPpoAnpK9Vf/h7WTLLN6iZYu9quys=
Subject key identifier:   B8:52:73:FC:7E:D3:B1:90:A5:2A:C7:9F:16:16:42:E1:8C:9B:D1:FA
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018D5A16CB724ABE30F496E4FEC8BDF71828
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/uFJz_H7TsZClKsefFhZC4Yyb0fo.roa
Signing time:             Tue 30 Jan 2024 11:17:39 +0000
ROA not before:           Tue 30 Jan 2024 11:17:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209973
IP address blocks:        188.130.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Oct 2024 10:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5a:16:cb:72:4a:be:30:f4:96:e4:fe:c8:bd:f7:18:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan 30 11:17:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b85273fc7ed3b190a52ac79f161642e18c9bd1fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:90:2b:e0:42:e5:d6:aa:2b:98:f1:fc:23:69:
                    85:6f:39:2d:4a:c8:b5:63:8f:ea:26:24:dc:4d:20:
                    30:eb:d2:b3:5e:44:ef:f8:05:b9:8c:e9:07:65:0f:
                    9a:32:ab:f6:d1:e3:70:4b:30:60:38:c0:fa:dc:6a:
                    02:a3:5f:4e:6d:66:0b:c6:6a:78:9f:63:db:aa:31:
                    9b:e2:a8:cd:fb:97:e5:26:ea:0c:08:d7:a0:40:b5:
                    6c:37:d3:95:ed:84:89:e1:d7:7e:70:19:28:7d:70:
                    f0:cd:33:d2:f2:ab:91:9a:c3:8e:6e:32:ca:09:ed:
                    d3:d1:7e:ea:82:27:ec:0a:87:c9:0a:59:b1:41:72:
                    ae:11:4b:99:71:7a:20:6d:0d:4b:b3:73:1e:93:4b:
                    5d:d7:fc:de:78:c0:d8:b1:f3:f3:59:50:27:d0:0c:
                    7c:2e:c5:41:50:a4:07:69:84:ee:43:c3:49:4c:f3:
                    2a:9d:69:e9:3a:6b:87:91:1f:4a:11:55:ea:44:de:
                    e7:26:2e:8d:ed:4e:c5:eb:13:8e:c5:61:cd:f1:c3:
                    9f:5f:01:cd:59:51:ca:a5:3b:7a:99:96:3c:4b:0a:
                    ff:db:65:af:2e:98:fe:83:53:5e:10:c4:3c:c1:89:
                    0a:82:a9:5b:a7:33:76:f9:85:56:99:17:b1:05:30:
                    60:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:52:73:FC:7E:D3:B1:90:A5:2A:C7:9F:16:16:42:E1:8C:9B:D1:FA
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/uFJz_H7TsZClKsefFhZC4Yyb0fo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:e4:98:bd:67:d2:05:d6:66:7a:b4:22:8d:fa:84:a5:0f:60:
         27:3c:be:ca:19:49:cc:25:50:a9:04:fd:f0:61:ce:41:5e:cc:
         98:9e:e9:11:86:dc:09:4e:5b:9b:8a:fc:29:2c:cf:33:ee:82:
         fd:eb:9d:51:5f:56:81:8b:26:e4:cf:a3:0d:78:3d:a7:0a:e4:
         f2:f1:71:f4:48:a3:2e:2f:c6:3f:42:92:ba:d1:49:9d:b2:ad:
         e1:60:cf:62:92:f8:72:b0:49:9e:c6:e7:69:2c:55:1d:da:f0:
         55:8a:97:8c:d5:eb:3f:bd:49:53:81:64:a2:79:9c:76:90:a1:
         01:bc:03:be:c4:a4:c7:4f:e9:20:ba:06:1c:49:d1:93:d3:f4:
         29:75:34:e6:c7:9c:42:87:a1:fe:ae:8c:eb:7d:ef:97:30:64:
         33:cd:82:37:de:28:0a:24:36:ad:c5:09:a9:11:92:83:ff:64:
         bb:85:97:33:12:67:18:89:d7:e3:ce:20:30:c8:a7:ad:7b:09:
         13:a7:ab:52:0e:db:39:b4:dd:3e:23:02:32:8b:38:da:d8:8d:
         4d:ea:54:3d:08:48:0c:50:90:71:37:bb:ae:26:1c:1b:1a:c6:
         f4:3b:8f:ba:15:aa:2c:fa:83:42:c4:7e:2f:52:c4:fd:0f:d0:
         d2:b4:a8:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1aFstySr4w9Jbk/si99xgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTMwMTExNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODUyNzNmYzdlZDNiMTkwYTUyYWM3OWYxNjE2NDJlMThjOWJkMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75Ar4ELl1qormPH8I2mFbzktSsi1
Y4/qJiTcTSAw69KzXkTv+AW5jOkHZQ+aMqv20eNwSzBgOMD63GoCo19ObWYLxmp4
n2PbqjGb4qjN+5flJuoMCNegQLVsN9OV7YSJ4dd+cBkofXDwzTPS8quRmsOObjLK
Ce3T0X7qgifsCofJClmxQXKuEUuZcXogbQ1Ls3Mek0td1/zeeMDYsfPzWVAn0Ax8
LsVBUKQHaYTuQ8NJTPMqnWnpOmuHkR9KEVXqRN7nJi6N7U7F6xOOxWHN8cOfXwHN
WVHKpTt6mZY8Swr/22WvLpj+g1NeEMQ8wYkKgqlbpzN2+YVWmRexBTBgqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhSc/x+07GQpSrHnxYWQuGMm9H6MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvdUZKel9IN1RzWkNsS3NlZkZoWkM0WXliMGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIL0MA0G
CSqGSIb3DQEBCwUAA4IBAQCa5Ji9Z9IF1mZ6tCKN+oSlD2AnPL7KGUnMJVCpBP3w
Yc5BXsyYnukRhtwJTlubivwpLM8z7oL9651RX1aBiybkz6MNeD2nCuTy8XH0SKMu
L8Y/QpK60Umdsq3hYM9ikvhysEmexudpLFUd2vBVipeM1es/vUlTgWSieZx2kKEB
vAO+xKTHT+kgugYcSdGT0/QpdTTmx5xCh6H+rozrfe+XMGQzzYI33igKJDatxQmp
EZKD/2S7hZczEmcYidfjziAwyKetewkTp6tSDts5tN0+IwIyizja2I1N6lQ9CEgM
UJBxN7uuJhwbGsb0O4+6Faos+oNCxH4vUsT9D9DStKgz
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:42:55 2024 by rpki-client on console-ams.rpki-client.org