Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/UqwV7bdu_xe_Pjexcc-VuLTqTVE.roa
File:                     UqwV7bdu_xe_Pjexcc-VuLTqTVE.roa (raw, json)
Hash identifier:          PubZ8WNznl7KtVtCNcRbgfBHssc1NPb0aBmUGh2JWbA=
Subject key identifier:   52:AC:15:ED:B7:6E:FF:17:BF:3E:37:B1:71:CF:95:B8:B4:EA:4D:51
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       01856F66F1728B502AB1F5915B88254DDC9E
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/UqwV7bdu_xe_Pjexcc-VuLTqTVE.roa
Signing time:             Sun 01 Jan 2023 22:14:55 +0000
ROA not before:           Sun 01 Jan 2023 22:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52035
IP address blocks:        158.41.24.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Thu 19 Jan 2023 19:40:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:f1:72:8b:50:2a:b1:f5:91:5b:88:25:4d:dc:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 22:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52ac15edb76eff17bf3e37b171cf95b8b4ea4d51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:5c:32:96:d4:3a:d8:3c:57:36:3a:38:6d:bf:
                    f7:c7:59:49:aa:88:b1:44:b3:60:50:fa:a8:f8:4a:
                    43:6e:f8:4d:af:ca:b3:75:87:82:61:27:55:cf:19:
                    99:90:ca:67:f5:34:0e:63:08:74:f3:f6:1c:8e:cd:
                    2c:65:12:9c:6c:b1:63:2b:eb:3a:13:be:41:db:7b:
                    dc:5c:3d:e2:c2:02:93:84:1c:4c:37:24:9b:3e:2f:
                    97:b7:8f:46:07:6c:bb:f0:c3:c8:56:cd:c7:91:86:
                    d4:28:ad:49:6b:08:d6:ca:a6:6e:8a:05:8f:87:57:
                    d0:34:7a:b2:f6:6b:8b:a0:23:52:46:fb:34:06:bd:
                    dc:f6:0c:36:98:b8:83:05:c6:b5:0d:3f:f2:f9:37:
                    fb:6a:b5:d7:54:8a:62:7c:a0:ad:c4:24:cf:e3:43:
                    ca:40:03:a0:48:99:79:c8:57:45:29:d5:03:6f:e8:
                    e3:8c:2d:0a:3e:cf:d4:cd:c6:2f:57:90:3e:e2:9f:
                    c4:99:17:b2:6d:c7:bc:08:71:86:b6:08:c9:eb:2c:
                    a1:92:f3:1e:10:b7:d9:c1:93:3d:4c:e6:f7:a8:b0:
                    d5:0f:78:e9:e1:9f:7d:7f:3b:c6:98:c5:ef:27:33:
                    dd:7e:2c:9f:5f:97:73:1f:20:7f:40:78:c6:92:05:
                    93:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:AC:15:ED:B7:6E:FF:17:BF:3E:37:B1:71:CF:95:B8:B4:EA:4D:51
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/UqwV7bdu_xe_Pjexcc-VuLTqTVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.41.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         99:9e:23:fb:98:b1:76:68:ec:3f:c4:8d:cb:b7:92:b7:e4:8e:
         54:c0:44:10:b7:08:e4:22:22:01:7d:69:36:f0:34:cf:87:a3:
         7c:fa:b8:66:e6:20:bd:88:ea:43:8f:0d:04:85:4f:9f:99:e8:
         d9:e5:45:7f:6b:a3:bc:67:af:a6:ea:b0:77:ed:bb:6d:27:5d:
         c3:b5:64:e9:93:89:94:74:e6:4d:87:42:7b:00:73:c7:ce:71:
         78:78:17:7c:ca:e5:d1:d5:35:cf:86:6c:2c:3f:25:a9:db:98:
         b4:eb:e5:ca:bc:ab:34:60:fe:f9:81:3e:7a:90:c7:57:87:57:
         7b:eb:23:61:c2:30:1b:f9:e7:c4:19:75:c3:43:65:a0:90:ba:
         10:ac:d3:0c:f0:61:45:05:96:3f:fc:0e:27:0f:84:98:88:d9:
         fb:91:0f:e8:4c:1a:f2:27:cb:45:18:b0:71:6a:d6:c1:e2:09:
         d2:00:5a:51:6c:00:2c:04:ea:a0:99:61:f1:19:e7:e8:02:dc:
         85:5e:df:2c:bc:23:41:ca:35:6d:9b:e7:5f:dc:1c:2e:b4:38:
         3f:62:e9:af:03:91:e6:d3:29:7c:65:09:be:01:a0:7a:d4:90:
         24:58:82:b5:96:80:7e:cb:db:b3:eb:70:cc:5d:54:f5:06:a7:
         21:2e:86:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZvFyi1AqsfWRW4glTdyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwMTAxMjIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFjMTVlZGI3NmVmZjE3YmYzZTM3YjE3MWNmOTViOGI0ZWE0ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolwyltQ62DxXNjo4bb/3x1lJqoix
RLNgUPqo+EpDbvhNr8qzdYeCYSdVzxmZkMpn9TQOYwh08/Ycjs0sZRKcbLFjK+s6
E75B23vcXD3iwgKThBxMNySbPi+Xt49GB2y78MPIVs3HkYbUKK1JawjWyqZuigWP
h1fQNHqy9muLoCNSRvs0Br3c9gw2mLiDBca1DT/y+Tf7arXXVIpifKCtxCTP40PK
QAOgSJl5yFdFKdUDb+jjjC0KPs/UzcYvV5A+4p/EmReybce8CHGGtgjJ6yyhkvMe
ELfZwZM9TOb3qLDVD3jp4Z99fzvGmMXvJzPdfiyfX5dzHyB/QHjGkgWTZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKsFe23bv8Xvz43sXHPlbi06k1RMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvVXF3VjdiZHVfeGVfUGpleGNjLVZ1TFRxVFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnikYMA0G
CSqGSIb3DQEBCwUAA4IBAQCZniP7mLF2aOw/xI3Lt5K35I5UwEQQtwjkIiIBfWk2
8DTPh6N8+rhm5iC9iOpDjw0EhU+fmejZ5UV/a6O8Z6+m6rB37bttJ13DtWTpk4mU
dOZNh0J7AHPHznF4eBd8yuXR1TXPhmwsPyWp25i06+XKvKs0YP75gT56kMdXh1d7
6yNhwjAb+efEGXXDQ2WgkLoQrNMM8GFFBZY//A4nD4SYiNn7kQ/oTBryJ8tFGLBx
atbB4gnSAFpRbAAsBOqgmWHxGefoAtyFXt8svCNByjVtm+df3BwutDg/YumvA5Hm
0yl8ZQm+AaB61JAkWIK1loB+y9uz63DMXVT1BqchLoan
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org