Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/UnGLvYpQB0gfYCBFf70VBlj8O2E.roa
File:                     UnGLvYpQB0gfYCBFf70VBlj8O2E.roa (raw, json)
Hash identifier:          CF94fUaK2CxdCaszHIKrfMTz1Oxeak14HDHitjM4aHY=
Subject key identifier:   52:71:8B:BD:8A:50:07:48:1F:60:20:45:7F:BD:15:06:58:FC:3B:61
Certificate issuer:       /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial:       0186EA675AEBAC6FDB57FB42D1A00B4CCB40
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/UnGLvYpQB0gfYCBFf70VBlj8O2E.roa
Signing time:             Thu 16 Mar 2023 12:31:27 +0000
ROA not before:           Thu 16 Mar 2023 12:31:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9137
IP address blocks:        213.204.0.0/19 maxlen: 19
                          2a02:5640::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 28 May 2023 13:36:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ea:67:5a:eb:ac:6f:db:57:fb:42:d1:a0:0b:4c:cb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
        Validity
            Not Before: Mar 16 12:31:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52718bbd8a5007481f6020457fbd150658fc3b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ba:68:b4:eb:f8:0d:cb:56:a6:7e:77:98:0c:
                    90:cf:b5:91:47:93:40:2e:69:77:46:b5:e2:a5:1f:
                    75:ce:88:30:be:4e:1d:4f:20:88:20:1e:11:b5:0f:
                    8e:0e:b6:1d:1a:57:0f:22:fa:99:82:35:8d:35:21:
                    57:3e:83:98:7e:e9:b5:81:a4:67:5f:41:de:13:2c:
                    b1:d8:0d:3b:d7:b9:2c:e9:8f:19:a2:ac:a4:06:c8:
                    ef:00:0d:45:d9:e5:e3:ed:6f:43:80:18:de:97:5a:
                    7a:61:c4:77:46:b4:b2:4d:d3:e0:b1:db:ec:cb:49:
                    fa:30:fb:bd:4c:35:95:e2:04:cd:63:a6:94:8d:bf:
                    71:82:58:f2:67:74:76:2d:6f:39:ae:ff:9c:62:9c:
                    3d:4f:cd:43:e0:39:24:3a:9b:4a:24:1f:f1:49:8b:
                    01:f9:fc:85:1b:a8:db:27:49:89:7a:3c:e2:9a:28:
                    7b:4a:5c:31:8d:03:0f:7e:6d:6e:f7:33:6c:6d:76:
                    d7:da:83:ed:f4:3f:2d:c4:7f:e7:68:a7:e7:a9:43:
                    0a:3d:1a:fa:d8:7b:f7:d3:ef:a1:05:6d:99:85:e3:
                    dd:77:e8:d1:53:3b:e0:29:26:62:4f:03:ae:df:ef:
                    ed:f9:e3:7f:94:3c:4e:ac:fa:96:5b:b5:0d:5d:bd:
                    20:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:71:8B:BD:8A:50:07:48:1F:60:20:45:7F:BD:15:06:58:FC:3B:61
            X509v3 Authority Key Identifier:
                keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/UnGLvYpQB0gfYCBFf70VBlj8O2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.204.0.0/19
                IPv6:
                  2a02:5640::/29

    Signature Algorithm: sha256WithRSAEncryption
         3b:f3:71:60:0b:17:33:37:b9:fb:1d:fe:18:3f:48:b0:a4:11:
         89:28:c1:37:72:ea:12:01:fd:72:ce:60:79:39:80:dd:d7:0e:
         cf:33:53:7b:28:fd:9e:9e:a5:f0:35:d0:4f:13:34:d1:58:0b:
         5b:8f:32:20:b9:25:d2:94:cc:ac:6a:57:ec:d5:fa:2b:4e:ef:
         16:8c:e3:23:dc:86:e1:78:80:9f:aa:b4:91:47:91:05:09:9d:
         85:18:4b:b5:ce:c2:c6:b3:ea:77:22:f7:3b:53:bf:cf:22:f1:
         f1:a4:e0:b2:1a:eb:7c:38:46:06:89:82:f2:e1:f0:9b:78:96:
         e3:46:b3:64:ef:76:21:29:4f:83:80:bb:06:f9:57:56:b0:fa:
         e9:22:76:27:d9:00:d4:2d:f4:7a:0d:0d:22:b0:5b:ec:d7:7f:
         4f:fc:f2:cc:ed:d6:d3:00:0a:dc:69:97:15:4e:90:1a:25:68:
         af:1c:57:d5:a6:1f:3a:ce:66:d6:cd:d7:8e:07:55:4a:a0:f5:
         2b:74:49:78:85:08:6b:4e:10:55:5d:26:0b:c2:c5:05:00:2b:
         11:6e:d9:a3:05:61:ce:91:14:5b:09:19:27:0a:86:6d:88:b1:
         e1:59:d9:68:04:25:8d:cc:c7:f4:e5:a9:cd:aa:1c:8f:88:67:
         07:99:eb:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbqZ1rrrG/bV/tC0aALTMtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjMwMzE2MTIzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcxOGJiZDhhNTAwNzQ4MWY2MDIwNDU3ZmJkMTUwNjU4ZmMzYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbpotOv4DctWpn53mAyQz7WRR5NA
Lml3RrXipR91zogwvk4dTyCIIB4RtQ+ODrYdGlcPIvqZgjWNNSFXPoOYfum1gaRn
X0HeEyyx2A0717ks6Y8ZoqykBsjvAA1F2eXj7W9DgBjel1p6YcR3RrSyTdPgsdvs
y0n6MPu9TDWV4gTNY6aUjb9xgljyZ3R2LW85rv+cYpw9T81D4DkkOptKJB/xSYsB
+fyFG6jbJ0mJejzimih7SlwxjQMPfm1u9zNsbXbX2oPt9D8txH/naKfnqUMKPRr6
2Hv30++hBW2ZhePdd+jRUzvgKSZiTwOu3+/t+eN/lDxOrPqWW7UNXb0gnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFJxi72KUAdIH2AgRX+9FQZY/DthMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvVW5HTHZZcFFCMGdmWUNCRmY3MFZCbGo4TzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1cwAMA0E
AgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IBAQA783FgCxczN7n7Hf4YP0iw
pBGJKME3cuoSAf1yzmB5OYDd1w7PM1N7KP2enqXwNdBPEzTRWAtbjzIguSXSlMys
alfs1forTu8WjOMj3IbheICfqrSRR5EFCZ2FGEu1zsLGs+p3Ivc7U7/PIvHxpOCy
Gut8OEYGiYLy4fCbeJbjRrNk73YhKU+DgLsG+VdWsPrpInYn2QDULfR6DQ0isFvs
139P/PLM7dbTAArcaZcVTpAaJWivHFfVph86zmbWzdeOB1VKoPUrdEl4hQhrThBV
XSYLwsUFACsRbtmjBWHOkRRbCRknCoZtiLHhWdloBCWNzMf05anNqhyPiGcHmetm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org