Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/uBe8Zt57dNT8KIBEDXIelJVvKFw.roa
File:                     uBe8Zt57dNT8KIBEDXIelJVvKFw.roa (raw, json)
Hash identifier:          Z4iKASB8KOD82/9g0Hk+TT6eJ+kO2R4sOJ5sFD6fyPE=
Subject key identifier:   B8:17:BC:66:DE:7B:74:D4:FC:28:80:44:0D:72:1E:94:95:6F:28:5C
Certificate issuer:       /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial:       018C2EC07610BFCBF06BB0D91A3DF03A16EF
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/uBe8Zt57dNT8KIBEDXIelJVvKFw.roa
Signing time:             Sun 03 Dec 2023 08:16:54 +0000
ROA not before:           Sun 03 Dec 2023 08:16:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212330
IP address blocks:        185.21.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:2e:c0:76:10:bf:cb:f0:6b:b0:d9:1a:3d:f0:3a:16:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
        Validity
            Not Before: Dec  3 08:16:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b817bc66de7b74d4fc2880440d721e94956f285c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:2b:05:83:8c:8c:8d:59:56:c8:f6:bf:45:f7:
                    3f:bb:90:56:13:26:6c:0b:80:39:44:0d:32:61:25:
                    2d:71:96:67:45:62:4c:6f:cc:7a:eb:c6:58:37:9b:
                    c8:50:3c:93:ae:e8:8e:ce:d8:23:d7:b6:5b:d1:42:
                    ef:b1:95:e9:aa:58:87:5f:1e:34:89:05:67:66:d8:
                    d5:39:c7:bc:8b:1d:82:0d:80:e7:39:a1:ac:f9:96:
                    75:b8:09:2b:13:6e:77:f0:86:3b:73:93:2d:08:b8:
                    85:b9:ca:a6:0d:9d:9d:a7:d6:25:d7:35:bf:23:5b:
                    95:d3:7d:81:bc:ef:1a:f2:92:0c:f4:ba:d8:2d:ae:
                    82:45:76:a6:1c:a7:c8:76:98:66:26:71:e3:70:7f:
                    88:22:c4:21:27:ee:57:49:e4:d3:ec:b0:76:61:e1:
                    a9:3a:3a:8d:82:75:04:c4:6a:73:5c:7e:aa:fe:c8:
                    40:82:3c:18:12:64:e0:53:c8:89:08:6d:bf:48:f1:
                    37:1d:a9:37:5f:59:c1:a2:44:4e:0f:a7:07:a7:13:
                    45:02:41:3f:d4:4d:3f:67:c7:44:3f:6e:00:ce:02:
                    36:bc:05:05:2c:b9:c8:36:f9:19:6a:66:92:0f:94:
                    6d:4f:8a:ae:79:85:c1:6c:dc:5b:7d:92:47:1d:13:
                    35:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:17:BC:66:DE:7B:74:D4:FC:28:80:44:0D:72:1E:94:95:6F:28:5C
            X509v3 Authority Key Identifier:
                keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/uBe8Zt57dNT8KIBEDXIelJVvKFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.21.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:4e:14:88:af:d6:02:68:08:68:c0:f0:97:70:d9:05:93:e7:
         f1:c8:0c:af:ab:94:0b:60:c2:3b:78:0f:f8:c8:0c:8d:60:6a:
         3f:ae:ec:4f:79:21:19:0f:8b:d4:c3:df:1f:4f:9d:fb:05:ae:
         75:7b:d3:b4:ad:cb:67:fd:ff:6c:d0:5a:e9:bc:19:3b:5b:e8:
         1d:4d:93:41:35:f1:1c:b3:07:1e:c9:d1:74:be:1e:8b:1a:c7:
         bc:37:de:41:7c:bb:a2:1c:c1:bb:8a:98:89:ff:a9:f8:f4:64:
         be:e5:26:a7:96:ae:c6:82:99:13:71:d3:bf:30:e8:43:a6:29:
         39:29:94:6b:3e:8a:1b:42:3d:dd:e3:6f:de:ce:a2:b9:b4:c6:
         ce:1a:08:19:69:ae:3d:95:32:a0:4c:26:c0:c5:43:fd:70:7b:
         db:ee:96:b6:c5:26:d6:fd:5a:3b:94:a4:cc:6e:3c:24:58:71:
         b0:78:ab:33:e8:40:6f:a5:00:7b:c8:15:37:c5:4d:dd:07:c6:
         bc:65:54:ab:09:11:a1:dd:bb:f1:38:cd:f5:30:bc:5d:8b:49:
         16:32:df:4d:2f:e3:a2:3e:33:ab:2c:bc:9e:18:f8:66:02:57:
         4a:65:bd:1c:36:ff:a9:8c:73:db:22:04:0b:21:68:e1:52:1e:
         e9:b7:2d:ba
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYwuwHYQv8vwa7DZGj3wOhbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjMxMjAzMDgxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODE3YmM2NmRlN2I3NGQ0ZmMyODgwNDQwZDcyMWU5NDk1NmYyODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SsFg4yMjVlWyPa/Rfc/u5BWEyZs
C4A5RA0yYSUtcZZnRWJMb8x668ZYN5vIUDyTruiOztgj17Zb0ULvsZXpqliHXx40
iQVnZtjVOce8ix2CDYDnOaGs+ZZ1uAkrE2538IY7c5MtCLiFucqmDZ2dp9Yl1zW/
I1uV032BvO8a8pIM9LrYLa6CRXamHKfIdphmJnHjcH+IIsQhJ+5XSeTT7LB2YeGp
OjqNgnUExGpzXH6q/shAgjwYEmTgU8iJCG2/SPE3Hak3X1nBokROD6cHpxNFAkE/
1E0/Z8dEP24AzgI2vAUFLLnINvkZamaSD5RtT4queYXBbNxbfZJHHRM1rQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLgXvGbee3TU/CiARA1yHpSVbyhcMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL3VCZThadDU3ZE5UOEtJQkVEWEllbEpWdktGdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5FYsw
DQYJKoZIhvcNAQELBQADggEBAENOFIiv1gJoCGjA8Jdw2QWT5/HIDK+rlAtgwjt4
D/jIDI1gaj+u7E95IRkPi9TD3x9PnfsFrnV707Sty2f9/2zQWum8GTtb6B1Nk0E1
8RyzBx7J0XS+Hosax7w33kF8u6IcwbuKmIn/qfj0ZL7lJqeWrsaCmRNx078w6EOm
KTkplGs+ihtCPd3jb97Oorm0xs4aCBlprj2VMqBMJsDFQ/1we9vulrbFJtb9WjuU
pMxuPCRYcbB4qzPoQG+lAHvIFTfFTd0HxrxlVKsJEaHdu/E4zfUwvF2LSRYy300v
46I+M6ssvJ4Y+GYCV0plvRw2/6mMc9siBAshaOFSHum3Lbo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:32 2024 by rpki-client on console-ams.rpki-client.org