Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/uNguDNVz-44QfL2rfM1fYcdeF80.roa
File:                     uNguDNVz-44QfL2rfM1fYcdeF80.roa (raw, json)
Hash identifier:          JGQfjvHMZymKC160IxutOmX/er4rPMDvLFebE4t15Bc=
Subject key identifier:   B8:D8:2E:0C:D5:73:FB:8E:10:7C:BD:AB:7C:CD:5F:61:C7:5E:17:CD
Certificate issuer:       /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial:       018C87A1356CCDF33A2871AD241CF939F13E
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/uNguDNVz-44QfL2rfM1fYcdeF80.roa
Signing time:             Wed 20 Dec 2023 14:28:58 +0000
ROA not before:           Wed 20 Dec 2023 14:28:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        192.53.136.0/21 maxlen: 21
                          192.53.64.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:87:a1:35:6c:cd:f3:3a:28:71:ad:24:1c:f9:39:f1:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
        Validity
            Not Before: Dec 20 14:28:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8d82e0cd573fb8e107cbdab7ccd5f61c75e17cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f5:8c:3d:c8:f8:dd:4e:60:d2:02:89:da:09:
                    54:88:26:8a:75:90:2b:07:83:cb:be:2c:4a:4c:2e:
                    40:6e:4c:56:82:bf:c8:68:a6:7a:39:fa:a9:41:71:
                    ea:92:71:1f:12:4e:7b:92:9c:88:17:12:33:9e:db:
                    3c:34:de:93:bc:28:c9:fd:62:07:4c:e8:a2:08:bf:
                    07:c6:d1:55:8f:04:9f:e9:12:27:d1:d8:9e:40:32:
                    6f:6c:9b:18:64:89:61:cc:52:5e:b2:25:86:d5:fe:
                    0b:b7:e0:c2:e4:c4:b0:b1:c1:f1:97:fe:4d:31:a7:
                    9f:c0:18:b1:8c:b9:48:40:53:55:5b:3d:0c:20:0a:
                    d3:b4:e9:b6:89:1a:4e:01:72:8c:db:dc:e7:2b:78:
                    fb:d2:48:ce:78:8c:98:a1:3b:c2:32:81:01:47:33:
                    e0:a7:cc:1c:76:b9:39:ce:d0:1c:a1:42:94:14:1e:
                    02:71:66:58:cd:a8:42:72:04:bc:21:ff:2b:2c:4d:
                    c2:5b:42:12:2c:8e:7e:f1:4e:e5:96:2a:3c:32:c6:
                    f9:8e:82:75:59:f8:4f:66:68:e3:fc:b5:e5:30:7b:
                    1d:c0:1e:81:b8:e7:fc:9d:35:e7:30:da:c2:89:dd:
                    a5:20:22:90:17:dc:b6:f8:c4:99:29:aa:4c:aa:82:
                    78:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:D8:2E:0C:D5:73:FB:8E:10:7C:BD:AB:7C:CD:5F:61:C7:5E:17:CD
            X509v3 Authority Key Identifier:
                keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/uNguDNVz-44QfL2rfM1fYcdeF80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.53.64.0/21
                  192.53.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         67:9a:7c:30:4a:3d:1a:9a:63:88:82:0f:d8:e2:5a:90:8f:f8:
         49:50:db:74:60:c8:e1:2e:85:80:00:5f:1e:a9:48:a3:38:74:
         dd:22:ac:c6:50:72:09:65:b4:f7:d7:91:cd:54:61:9b:f4:83:
         0b:30:47:df:d8:8d:24:65:d3:07:36:2c:b3:8e:8c:ae:a1:19:
         ec:cf:73:f7:c9:2b:c4:94:bf:ba:10:25:77:d4:49:e9:5e:bd:
         ac:f8:ff:a5:9d:cd:cb:b4:1b:0d:82:fb:4d:3c:c0:60:cf:88:
         62:8c:68:7c:34:de:e7:81:2f:4a:ea:9c:a8:59:b4:f6:67:12:
         ec:b7:55:0a:07:3d:26:1f:89:ce:13:c8:d9:a0:26:98:34:3c:
         ef:55:20:74:f2:29:7c:3e:4f:66:4f:76:04:0f:18:2b:76:df:
         ab:0c:ed:46:50:9e:41:24:0a:8a:49:0f:4f:61:18:be:f9:e3:
         35:41:bb:60:3a:72:ec:80:b3:65:f1:b7:9f:41:07:47:50:3b:
         f7:66:21:36:2c:7b:73:bf:6e:d7:7c:07:20:60:e0:3d:2a:6c:
         c8:e2:27:24:dc:d9:22:53:48:35:79:0c:3a:de:6b:d2:29:ce:
         9b:7b:7d:9e:6b:73:6e:73:11:d8:46:d0:31:20:35:fb:61:5b:
         91:09:8f:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyHoTVszfM6KHGtJBz5OfE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMxMjIwMTQyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ4MmUwY2Q1NzNmYjhlMTA3Y2JkYWI3Y2NkNWY2MWM3NWUxN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPWMPcj43U5g0gKJ2glUiCaKdZAr
B4PLvixKTC5AbkxWgr/IaKZ6OfqpQXHqknEfEk57kpyIFxIznts8NN6TvCjJ/WIH
TOiiCL8HxtFVjwSf6RIn0dieQDJvbJsYZIlhzFJesiWG1f4Lt+DC5MSwscHxl/5N
MaefwBixjLlIQFNVWz0MIArTtOm2iRpOAXKM29znK3j70kjOeIyYoTvCMoEBRzPg
p8wcdrk5ztAcoUKUFB4CcWZYzahCcgS8If8rLE3CW0ISLI5+8U7llio8Msb5joJ1
WfhPZmjj/LXlMHsdwB6BuOf8nTXnMNrCid2lICKQF9y2+MSZKapMqoJ4aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLjYLgzVc/uOEHy9q3zNX2HHXhfNMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvdU5ndUROVnotNDRRZkwycmZNMWZZY2RlRjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDwDVAAwQD
wDWIMA0GCSqGSIb3DQEBCwUAA4IBAQBnmnwwSj0ammOIgg/Y4lqQj/hJUNt0YMjh
LoWAAF8eqUijOHTdIqzGUHIJZbT315HNVGGb9IMLMEff2I0kZdMHNiyzjoyuoRns
z3P3ySvElL+6ECV31EnpXr2s+P+lnc3LtBsNgvtNPMBgz4hijGh8NN7ngS9K6pyo
WbT2ZxLst1UKBz0mH4nOE8jZoCaYNDzvVSB08il8Pk9mT3YEDxgrdt+rDO1GUJ5B
JAqKSQ9PYRi++eM1QbtgOnLsgLNl8befQQdHUDv3ZiE2LHtzv27XfAcgYOA9KmzI
4ick3NkiU0g1eQw63mvSKc6be32ea3NucxHYRtAxIDX7YVuRCY+O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org