Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/UUygQJYsH-SGoql3mjVPQ9-QjXA.roa
File:                     UUygQJYsH-SGoql3mjVPQ9-QjXA.roa (raw, json)
Hash identifier:          /wsbtCSrSGv+NQ/2mobf4I+zTANXwlM92w/VOvQVKrk=
Subject key identifier:   51:4C:A0:40:96:2C:1F:E4:86:A2:A9:77:9A:35:4F:43:DF:90:8D:70
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018581B1A837546DA137B506F7FFA6D8D068
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/UUygQJYsH-SGoql3mjVPQ9-QjXA.roa
Signing time:             Thu 05 Jan 2023 11:29:41 +0000
ROA not before:           Thu 05 Jan 2023 11:29:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57196
IP address blocks:        194.104.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:81:b1:a8:37:54:6d:a1:37:b5:06:f7:ff:a6:d8:d0:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  5 11:29:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=514ca040962c1fe486a2a9779a354f43df908d70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:07:29:4a:53:fa:f2:c4:1b:3e:44:6d:31:d4:
                    89:65:f7:80:3f:2c:9d:15:5d:e1:ae:99:26:fb:30:
                    c0:8b:ac:8e:d6:71:91:83:3e:1f:c5:01:2a:c9:cb:
                    15:c8:5f:fc:2d:9d:1c:f9:43:d4:60:6a:7d:c2:7d:
                    e6:30:4f:c5:e2:37:49:a2:54:92:f3:93:ca:29:08:
                    4e:25:9b:07:f9:78:c0:e3:d3:08:cb:ec:05:e0:b0:
                    f3:5a:7f:d0:43:3d:1c:d9:36:40:6a:4e:5d:cc:9b:
                    a7:bc:c7:4c:ea:c4:31:a7:22:72:a7:05:5a:05:69:
                    61:5a:05:a1:69:89:93:55:38:dd:f1:b0:70:22:cb:
                    89:7f:30:94:a9:f4:47:49:cb:8a:5c:2f:1f:ef:bf:
                    ad:37:19:37:58:b5:9e:77:0d:e2:5b:d3:13:d0:78:
                    1a:cc:6b:51:18:12:31:ed:82:ec:3c:12:e3:e5:31:
                    3c:2e:1d:e7:11:6c:82:79:c3:d9:df:c1:f8:ae:47:
                    d0:a7:61:07:ca:1b:0f:c4:08:72:79:78:e4:b8:26:
                    7b:b1:7c:b0:81:cd:78:2e:49:37:0c:11:f9:6e:31:
                    b5:6e:fb:3f:55:a0:21:22:a8:89:09:fc:c7:b2:90:
                    61:4f:7c:f0:b9:a3:f8:d9:e4:86:2e:05:b8:b4:16:
                    83:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:4C:A0:40:96:2C:1F:E4:86:A2:A9:77:9A:35:4F:43:DF:90:8D:70
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/UUygQJYsH-SGoql3mjVPQ9-QjXA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:93:68:0d:8d:2a:70:77:90:e4:99:f7:52:60:46:bc:41:96:
         fb:1e:35:25:eb:23:11:fc:f8:2d:6b:17:e0:57:a0:9b:35:5c:
         57:5f:94:62:46:9f:fa:a1:d7:d2:86:98:c4:e0:3a:95:56:12:
         3c:d3:82:ed:86:99:33:94:4a:7a:50:2a:1f:f3:9c:43:98:81:
         2a:82:de:46:30:ca:a1:c9:f1:a2:48:2f:fb:95:11:04:33:ee:
         11:d6:d4:4b:6f:2e:b6:6c:1a:a9:7e:91:43:59:da:67:06:83:
         e2:02:7d:45:17:31:5e:2c:2a:fc:76:dc:46:81:a1:f6:39:6c:
         30:73:32:67:27:4d:2d:a4:56:55:f0:7e:57:05:60:7c:a0:c3:
         1b:99:53:5d:01:0f:cf:c2:c2:dd:cb:fb:2f:29:1d:00:fa:c1:
         6f:53:62:b4:71:c9:88:76:d9:ea:b1:99:0a:83:0b:59:14:6c:
         88:3f:c0:b6:bf:61:d3:c2:2f:21:5c:f8:c1:1f:7a:3b:65:97:
         29:51:a5:15:6e:9f:fb:88:d5:1d:6b:89:ea:bc:e9:9b:0b:aa:
         3e:f5:63:b9:c7:75:f0:36:8a:f7:2a:4d:f7:e1:3d:99:0e:75:
         75:ad:5e:04:af:8a:ce:a4:a1:04:ff:cc:5d:b9:5e:21:d9:cb:
         71:71:ef:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWBsag3VG2hN7UG9/+m2NBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTA1MTEyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTRjYTA0MDk2MmMxZmU0ODZhMmE5Nzc5YTM1NGY0M2RmOTA4ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQcpSlP68sQbPkRtMdSJZfeAPyyd
FV3hrpkm+zDAi6yO1nGRgz4fxQEqycsVyF/8LZ0c+UPUYGp9wn3mME/F4jdJolSS
85PKKQhOJZsH+XjA49MIy+wF4LDzWn/QQz0c2TZAak5dzJunvMdM6sQxpyJypwVa
BWlhWgWhaYmTVTjd8bBwIsuJfzCUqfRHScuKXC8f77+tNxk3WLWedw3iW9MT0Hga
zGtRGBIx7YLsPBLj5TE8Lh3nEWyCecPZ38H4rkfQp2EHyhsPxAhyeXjkuCZ7sXyw
gc14Lkk3DBH5bjG1bvs/VaAhIqiJCfzHspBhT3zwuaP42eSGLgW4tBaDOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFMoECWLB/khqKpd5o1T0PfkI1wMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVVV5Z1FKWXNILVNHb3FsM21qVlBROS1RalhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiYMA0G
CSqGSIb3DQEBCwUAA4IBAQAJk2gNjSpwd5DkmfdSYEa8QZb7HjUl6yMR/Pgtaxfg
V6CbNVxXX5RiRp/6odfShpjE4DqVVhI804LthpkzlEp6UCof85xDmIEqgt5GMMqh
yfGiSC/7lREEM+4R1tRLby62bBqpfpFDWdpnBoPiAn1FFzFeLCr8dtxGgaH2OWww
czJnJ00tpFZV8H5XBWB8oMMbmVNdAQ/PwsLdy/svKR0A+sFvU2K0ccmIdtnqsZkK
gwtZFGyIP8C2v2HTwi8hXPjBH3o7ZZcpUaUVbp/7iNUda4nqvOmbC6o+9WO5x3Xw
Nor3Kk334T2ZDnV1rV4Er4rOpKEE/8xduV4h2ctxce/U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org