Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/50d9c6-f24a-44af-8ae0-54f6bc85aac0/1/UWKwnKUQQkgSjrqBBnGAr5OToAc.roa
File:                     UWKwnKUQQkgSjrqBBnGAr5OToAc.roa (raw, json)
Hash identifier:          iataKwz+xnvTAQD8dKzUtmwE9I0L7hc4+ibZaWSjMdA=
Subject key identifier:   51:62:B0:9C:A5:10:42:48:12:8E:BA:81:06:71:80:AF:93:93:A0:07
Certificate issuer:       /CN=84d60d2dc6ad82a2570e0000fdd993948bc454d8
Certificate serial:       01856E6670B948E45E8A9318EA937F8857E5
Authority key identifier: 84:D6:0D:2D:C6:AD:82:A2:57:0E:00:00:FD:D9:93:94:8B:C4:54:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNYNLcatgqJXDgAA_dmTlIvEVNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/50d9c6-f24a-44af-8ae0-54f6bc85aac0/1/UWKwnKUQQkgSjrqBBnGAr5OToAc.roa
Signing time:             Sun 01 Jan 2023 17:34:45 +0000
ROA not before:           Sun 01 Jan 2023 17:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.98.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:70:b9:48:e4:5e:8a:93:18:ea:93:7f:88:57:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84d60d2dc6ad82a2570e0000fdd993948bc454d8
        Validity
            Not Before: Jan  1 17:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5162b09ca5104248128eba81067180af9393a007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f0:32:06:3d:51:76:18:1b:0c:18:3f:07:6d:
                    e7:d8:12:ce:f6:db:bb:0f:3e:da:97:dd:f7:03:18:
                    3c:1d:90:79:08:59:a8:83:87:73:99:09:e7:01:da:
                    63:34:ea:84:d6:3b:a1:0d:61:0d:63:62:ff:b0:ee:
                    5c:df:7c:fb:4b:ee:ce:ba:15:ee:7f:10:bb:41:5b:
                    f4:e1:bd:8e:6a:11:8b:17:c1:ab:44:82:7a:22:ba:
                    0a:c1:47:18:d8:22:86:6a:5b:30:ac:93:d8:02:eb:
                    bb:64:6f:dd:43:94:ef:50:18:4d:ad:a8:ad:13:b4:
                    62:bc:02:ba:26:3c:65:67:5c:13:0e:af:b5:a8:85:
                    91:40:b9:67:a8:35:1e:f7:6e:d5:80:41:de:00:3d:
                    17:1c:e0:9c:6a:1e:3b:53:fe:20:e8:14:a3:87:47:
                    b8:e7:28:a7:0c:47:6a:e8:08:02:23:90:0d:63:89:
                    7c:15:ff:23:e2:f0:f3:70:c1:f5:d8:4f:e8:93:f3:
                    48:7d:e0:de:11:28:58:37:0f:e2:69:d9:12:f2:97:
                    cc:ec:6d:79:60:80:7a:5e:a2:92:10:fd:51:25:8e:
                    00:6a:65:60:f8:10:59:9c:34:8a:9d:64:30:21:5e:
                    0c:a3:70:b6:f4:a2:a9:fd:9a:ca:9c:7e:89:b5:c6:
                    d9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:62:B0:9C:A5:10:42:48:12:8E:BA:81:06:71:80:AF:93:93:A0:07
            X509v3 Authority Key Identifier:
                keyid:84:D6:0D:2D:C6:AD:82:A2:57:0E:00:00:FD:D9:93:94:8B:C4:54:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNYNLcatgqJXDgAA_dmTlIvEVNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/50d9c6-f24a-44af-8ae0-54f6bc85aac0/1/UWKwnKUQQkgSjrqBBnGAr5OToAc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/50d9c6-f24a-44af-8ae0-54f6bc85aac0/1/hNYNLcatgqJXDgAA_dmTlIvEVNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.98.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:33:1a:69:ae:24:7d:0c:2d:69:8d:9b:53:6a:ae:ba:3e:5c:
         a2:7f:6b:b9:ab:29:22:90:bf:be:2c:40:bb:77:f8:0c:fe:f3:
         a3:b7:f7:e4:fb:03:44:a4:a8:07:f9:df:ed:1d:33:7a:33:21:
         55:cc:d3:ec:99:0b:5d:93:34:1b:aa:0d:60:9d:77:46:7e:82:
         33:23:67:8c:f9:cb:a3:43:dd:d8:62:ec:02:fc:15:8e:4b:b8:
         ac:93:e5:ab:cd:00:68:54:2b:8d:c2:08:bf:48:bb:dc:7a:2f:
         bc:46:c3:fa:50:11:ae:05:6c:19:41:74:ea:55:21:64:f4:79:
         5c:d9:89:5d:ed:88:7e:c3:4f:cf:4c:aa:9a:e9:35:9c:aa:ae:
         7c:9e:cb:c4:92:a3:bf:84:18:65:aa:82:47:24:2c:45:4c:b2:
         c6:0c:52:24:3a:c6:1a:96:f1:40:92:82:0a:9c:d8:bb:9f:b0:
         d7:91:dc:65:83:98:15:e0:75:de:4c:1e:c0:7a:4d:f5:8c:f0:
         9b:b5:78:3b:5a:09:5d:c3:13:02:be:d4:95:01:a6:1c:e6:e6:
         01:ad:7a:83:1c:00:19:a6:73:6d:b0:65:d3:95:ae:20:1c:28:
         a6:a2:0b:8b:f1:f7:bf:40:c8:40:ad:c6:ef:b2:fc:a4:56:80:
         c7:02:44:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZnC5SOReipMY6pN/iFflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDYwZDJkYzZhZDgyYTI1NzBlMDAwMGZkZDk5Mzk0OGJj
NDU0ZDgwHhcNMjMwMTAxMTczNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTYyYjA5Y2E1MTA0MjQ4MTI4ZWJhODEwNjcxODBhZjkzOTNhMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofAyBj1RdhgbDBg/B23n2BLO9tu7
Dz7al933Axg8HZB5CFmog4dzmQnnAdpjNOqE1juhDWENY2L/sO5c33z7S+7OuhXu
fxC7QVv04b2OahGLF8GrRIJ6IroKwUcY2CKGalswrJPYAuu7ZG/dQ5TvUBhNrait
E7RivAK6JjxlZ1wTDq+1qIWRQLlnqDUe927VgEHeAD0XHOCcah47U/4g6BSjh0e4
5yinDEdq6AgCI5ANY4l8Ff8j4vDzcMH12E/ok/NIfeDeEShYNw/iadkS8pfM7G15
YIB6XqKSEP1RJY4AamVg+BBZnDSKnWQwIV4Mo3C29KKp/ZrKnH6JtcbZKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFisJylEEJIEo66gQZxgK+Tk6AHMB8GA1UdIwQY
MBaAFITWDS3GrYKiVw4AAP3Zk5SLxFTYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5ZTkxjYXRncUpYRGdBQV9kbVRsSXZFVk5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81MGQ5YzYtZjI0YS00NGFmLThhZTAt
NTRmNmJjODVhYWMwLzEvVVdLd25LVVFRa2dTanJxQkJuR0FyNU9Ub0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni81MGQ5YzYtZjI0YS00NGFmLThhZTAtNTRmNmJjODVhYWMw
LzEvaE5ZTkxjYXRncUpYRGdBQV9kbVRsSXZFVk5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWKfMA0G
CSqGSIb3DQEBCwUAA4IBAQCRMxppriR9DC1pjZtTaq66Plyif2u5qykikL++LEC7
d/gM/vOjt/fk+wNEpKgH+d/tHTN6MyFVzNPsmQtdkzQbqg1gnXdGfoIzI2eM+cuj
Q93YYuwC/BWOS7isk+WrzQBoVCuNwgi/SLvcei+8RsP6UBGuBWwZQXTqVSFk9Hlc
2Yld7Yh+w0/PTKqa6TWcqq58nsvEkqO/hBhlqoJHJCxFTLLGDFIkOsYalvFAkoIK
nNi7n7DXkdxlg5gV4HXeTB7Aek31jPCbtXg7WgldwxMCvtSVAaYc5uYBrXqDHAAZ
pnNtsGXTla4gHCimoguL8fe/QMhArcbvsvykVoDHAkQa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:25 2024 by rpki-client on console-ams.rpki-client.org