Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/UFQwYKjl_bgjW6O7bXXoBovrEP4.roa
File:                     UFQwYKjl_bgjW6O7bXXoBovrEP4.roa (raw, json)
Hash identifier:          wS2Feyi4D4qmnemYcwEEM/25dTskJxeKNmWYUcdw/3k=
Subject key identifier:   50:54:30:60:A8:E5:FD:B8:23:5B:A3:BB:6D:75:E8:06:8B:EB:10:FE
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0186081E5AF1D02919BEB5777052A37D60F7
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/UFQwYKjl_bgjW6O7bXXoBovrEP4.roa
Signing time:             Tue 31 Jan 2023 13:57:32 +0000
ROA not before:           Tue 31 Jan 2023 13:57:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25369
IP address blocks:        80.71.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 12:21:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:08:1e:5a:f1:d0:29:19:be:b5:77:70:52:a3:7d:60:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan 31 13:57:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50543060a8e5fdb8235ba3bb6d75e8068beb10fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a0:f6:f9:0c:e4:b6:b5:0e:4b:74:b9:53:04:
                    35:0b:64:45:42:df:b5:38:49:a6:90:49:bc:2f:88:
                    ca:38:b8:08:ec:ad:e0:57:78:17:a4:85:ea:5f:db:
                    6b:91:9b:82:61:87:ed:20:07:c6:13:19:6e:77:66:
                    02:c0:7b:53:1f:9d:16:eb:bc:33:6d:5d:30:52:34:
                    d5:20:a6:9b:2d:f7:db:d7:ef:08:93:4a:a0:5e:c0:
                    a1:61:34:80:76:d8:10:cf:50:27:84:23:07:7a:cd:
                    fa:30:6a:35:f8:b5:40:12:ee:1e:81:59:12:c8:be:
                    0a:42:49:f2:69:bd:93:b6:ed:fe:cb:ea:88:6c:ae:
                    46:df:ea:87:5a:68:e5:1b:11:cb:35:64:86:e9:8c:
                    da:0d:fe:e5:f4:2c:31:e0:3a:72:4d:88:c5:18:20:
                    92:f0:58:3e:2b:38:04:2f:57:44:53:29:5e:52:20:
                    1e:d9:ac:36:6d:e2:09:6c:b1:97:6a:ec:5c:d5:f3:
                    ee:ce:6f:c5:40:3c:73:64:c7:a5:1b:e5:6e:bd:1c:
                    7d:48:2b:42:e7:3a:07:6f:93:ee:3d:99:79:a9:10:
                    02:8d:eb:59:f4:52:bd:42:88:d2:6e:cb:c3:2d:b6:
                    53:e9:16:f5:8c:2d:eb:af:e9:55:c8:c5:9d:e7:8d:
                    e6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:54:30:60:A8:E5:FD:B8:23:5B:A3:BB:6D:75:E8:06:8B:EB:10:FE
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/UFQwYKjl_bgjW6O7bXXoBovrEP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:56:c5:07:a6:08:8f:71:7c:00:81:5e:d3:ae:35:54:32:97:
         f5:ab:7c:12:13:18:81:f2:10:60:3e:ac:77:ba:92:97:53:71:
         8e:86:6d:e2:f7:66:7b:17:8c:66:ff:5d:d6:28:f5:de:4f:ea:
         c7:a4:73:cf:1c:d4:39:1e:b0:08:29:15:5b:ca:42:34:6c:2a:
         53:98:14:c5:b5:d5:e6:cc:39:d1:ec:a2:17:7a:a4:31:9a:f7:
         55:88:63:f1:c4:88:14:c5:a5:0b:12:64:ba:41:ef:c9:a7:59:
         c6:d3:6a:19:60:f2:5a:18:78:5f:3a:87:93:cb:e9:1e:0f:1f:
         22:d9:05:ab:3e:a5:b6:46:6d:a0:e8:bd:c3:b3:e8:ad:53:39:
         86:97:52:8c:20:70:16:e4:f4:eb:02:67:f7:51:4a:63:75:32:
         72:53:fe:56:c8:5b:45:e3:d2:7b:0a:9d:28:5e:52:a1:0e:1a:
         38:6c:50:ed:3a:f4:14:4e:19:87:21:db:e4:df:1e:12:5b:d9:
         aa:b1:c6:6a:11:25:3b:9a:e2:e4:c6:38:9f:92:4b:54:fd:fa:
         de:74:e6:45:c8:6f:3c:40:5d:04:18:09:18:41:23:d6:de:2e:
         ec:1d:ef:7d:40:a3:8a:cf:b8:2b:d7:79:ab:5f:b2:36:29:a8:
         26:03:0d:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYIHlrx0CkZvrV3cFKjfWD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTMxMTM1NzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDU0MzA2MGE4ZTVmZGI4MjM1YmEzYmI2ZDc1ZTgwNjhiZWIxMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqD2+QzktrUOS3S5UwQ1C2RFQt+1
OEmmkEm8L4jKOLgI7K3gV3gXpIXqX9trkZuCYYftIAfGExlud2YCwHtTH50W67wz
bV0wUjTVIKabLffb1+8Ik0qgXsChYTSAdtgQz1AnhCMHes36MGo1+LVAEu4egVkS
yL4KQknyab2Ttu3+y+qIbK5G3+qHWmjlGxHLNWSG6YzaDf7l9Cwx4DpyTYjFGCCS
8Fg+KzgEL1dEUyleUiAe2aw2beIJbLGXauxc1fPuzm/FQDxzZMelG+VuvRx9SCtC
5zoHb5PuPZl5qRACjetZ9FK9QojSbsvDLbZT6Rb1jC3rr+lVyMWd543mGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBUMGCo5f24I1uju2116AaL6xD+MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvVUZRd1lLamxfYmdqVzZPN2JYWG9Cb3ZyRVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfmMA0G
CSqGSIb3DQEBCwUAA4IBAQAyVsUHpgiPcXwAgV7TrjVUMpf1q3wSExiB8hBgPqx3
upKXU3GOhm3i92Z7F4xm/13WKPXeT+rHpHPPHNQ5HrAIKRVbykI0bCpTmBTFtdXm
zDnR7KIXeqQxmvdViGPxxIgUxaULEmS6Qe/Jp1nG02oZYPJaGHhfOoeTy+keDx8i
2QWrPqW2Rm2g6L3Ds+itUzmGl1KMIHAW5PTrAmf3UUpjdTJyU/5WyFtF49J7Cp0o
XlKhDho4bFDtOvQUThmHIdvk3x4SW9mqscZqESU7muLkxjifkktU/fredOZFyG88
QF0EGAkYQSPW3i7sHe99QKOKz7gr13mrX7I2KagmAw0y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org