Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/UK4RIKJ-KRnqoZEVHnQ8Qm_EAOg.roa
File:                     UK4RIKJ-KRnqoZEVHnQ8Qm_EAOg.roa (raw, json)
Hash identifier:          EAgeuOuL0taEtFsukdDc86wjo28SORayRPGlHfzuV+U=
Subject key identifier:   50:AE:11:20:A2:7E:29:19:EA:A1:91:15:1E:74:3C:42:6F:C4:00:E8
Certificate issuer:       /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial:       01856D13D48D6DF87A3BEF677FF8CAB27EE2
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/UK4RIKJ-KRnqoZEVHnQ8Qm_EAOg.roa
Signing time:             Sun 01 Jan 2023 11:24:54 +0000
ROA not before:           Sun 01 Jan 2023 11:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210392
IP address blocks:        88.135.33.0/24 maxlen: 24
                          88.135.35.0/24 maxlen: 24
                          88.135.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:d4:8d:6d:f8:7a:3b:ef:67:7f:f8:ca:b2:7e:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
        Validity
            Not Before: Jan  1 11:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50ae1120a27e2919eaa191151e743c426fc400e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:84:9a:ba:d7:fb:c7:f0:4a:82:e1:bc:87:ef:
                    88:ec:03:34:b7:5c:29:43:b2:c9:7f:fa:1c:7b:03:
                    d2:a5:32:4d:20:f8:4a:ed:51:11:c0:34:4c:0c:5a:
                    a5:3a:87:79:24:bb:7e:a8:d9:34:f2:4c:da:86:64:
                    1f:d7:9c:60:0d:9f:62:10:42:c6:46:a6:66:49:4e:
                    0b:47:ff:c0:c1:83:b3:97:42:1d:70:a8:8b:5f:6c:
                    80:8c:a4:a4:df:3c:dc:59:a2:d0:b0:df:5b:b2:98:
                    c9:c9:a3:46:ac:e4:30:50:31:90:85:f1:33:63:6e:
                    41:60:cc:96:89:27:cc:0f:2b:81:e7:e0:9f:39:a5:
                    eb:1d:09:66:8b:8d:72:7e:07:ac:2e:28:f1:56:02:
                    65:01:dc:3e:0c:df:65:8e:ce:4c:cf:da:30:ed:36:
                    c7:b4:74:8a:1b:4c:fc:04:dd:82:c1:1d:8b:bc:d5:
                    59:bb:ff:75:b3:dc:67:55:e0:57:46:34:91:3e:57:
                    89:02:3e:3b:20:c8:36:a2:ce:5b:c2:0e:05:91:0e:
                    81:50:55:d8:1c:49:61:e7:6c:47:b3:71:2c:15:46:
                    e2:d2:50:ff:eb:cb:60:3f:bc:c9:f6:9e:dc:c7:f5:
                    89:92:b6:50:26:e7:e7:c8:c8:c4:62:2d:c7:b7:42:
                    c1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:AE:11:20:A2:7E:29:19:EA:A1:91:15:1E:74:3C:42:6F:C4:00:E8
            X509v3 Authority Key Identifier:
                keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/UK4RIKJ-KRnqoZEVHnQ8Qm_EAOg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.135.33.0-88.135.35.255

    Signature Algorithm: sha256WithRSAEncryption
         6f:c1:66:5d:df:f1:7d:81:79:6b:dd:d8:ee:79:31:8e:26:25:
         cf:82:90:d0:41:1b:94:12:c1:e0:af:95:98:99:63:dc:4b:28:
         73:4c:bf:82:e7:7c:63:9d:d3:d3:16:af:7f:ca:66:82:cc:a6:
         ac:0f:2e:4d:ff:c2:bb:4f:cf:92:41:77:03:33:ec:26:e1:b5:
         2d:d6:08:2e:c5:78:8b:63:ed:92:17:11:d9:92:8c:2e:37:4b:
         0e:4a:79:d5:85:ad:2f:b6:89:ff:b0:6c:26:3d:e8:8b:e5:b3:
         dc:30:11:0b:6a:17:5d:5f:8f:87:72:bf:eb:38:da:ae:56:8c:
         13:55:21:dc:9b:eb:bb:c9:2b:fd:ba:94:9c:67:9c:3e:2f:da:
         33:20:7a:c7:6c:7e:63:7e:13:f7:fd:6d:ab:33:c2:b0:5c:2e:
         f7:f7:c6:c4:7a:83:95:b9:54:58:e2:30:c6:02:94:ea:d2:e9:
         99:d8:5b:7c:6e:83:c0:a3:dc:1e:3d:a6:b1:93:3f:d3:a8:59:
         cf:f1:72:52:72:f0:fb:bb:95:5a:ed:83:cc:30:9c:55:d7:91:
         0d:72:e8:99:b1:97:f1:30:85:ca:5f:b7:8d:50:a9:d7:41:6c:
         5a:0e:a5:9f:35:b0:17:df:6e:6a:dd:3c:1c:28:bc:c2:a4:dd:
         01:d1:60:14
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtE9SNbfh6O+9nf/jKsn7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWMyNDY3NTQ2ZjRiMDc4YTAyMjRkYTFjY2FjNWMyODdl
OTM0NTMwHhcNMjMwMTAxMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFlMTEyMGEyN2UyOTE5ZWFhMTkxMTUxZTc0M2M0MjZmYzQwMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoSautf7x/BKguG8h++I7AM0t1wp
Q7LJf/ocewPSpTJNIPhK7VERwDRMDFqlOod5JLt+qNk08kzahmQf15xgDZ9iEELG
RqZmSU4LR//AwYOzl0IdcKiLX2yAjKSk3zzcWaLQsN9bspjJyaNGrOQwUDGQhfEz
Y25BYMyWiSfMDyuB5+CfOaXrHQlmi41yfgesLijxVgJlAdw+DN9ljs5Mz9ow7TbH
tHSKG0z8BN2CwR2LvNVZu/91s9xnVeBXRjSRPleJAj47IMg2os5bwg4FkQ6BUFXY
HElh52xHs3EsFUbi0lD/68tgP7zJ9p7cx/WJkrZQJufnyMjEYi3Ht0LBHQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFCuESCifikZ6qGRFR50PEJvxADoMB8GA1UdIwQY
MBaAFDtcJGdUb0sHigIk2hzKxcKH6TRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQt
NWMwOTZhODdiYjA3LzEvVUs0UklLSi1LUm5xb1pFVkhuUThRbV9FQU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQtNWMwOTZhODdiYjA3
LzEvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABYhyED
BAJYhyAwDQYJKoZIhvcNAQELBQADggEBAG/BZl3f8X2BeWvd2O55MY4mJc+CkNBB
G5QSweCvlZiZY9xLKHNMv4LnfGOd09MWr3/KZoLMpqwPLk3/wrtPz5JBdwMz7Cbh
tS3WCC7FeItj7ZIXEdmSjC43Sw5KedWFrS+2if+wbCY96Ivls9wwEQtqF11fj4dy
v+s42q5WjBNVIdyb67vJK/26lJxnnD4v2jMgesdsfmN+E/f9baszwrBcLvf3xsR6
g5W5VFjiMMYClOrS6ZnYW3xug8Cj3B49prGTP9OoWc/xclJy8Pu7lVrtg8wwnFXX
kQ1y6Jmxl/Ewhcpft41QqddBbFoOpZ81sBffbmrdPBwovMKk3QHRYBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:14 2024 by rpki-client on console-fra.rpki-client.org