Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Ugb4rGZIcxUqjFRaUS9lfYf7-Uo.roa
File:                     Ugb4rGZIcxUqjFRaUS9lfYf7-Uo.roa (raw, json)
Hash identifier:          zDCmyV3Y2LtR5WobEOL7ZMtnsFdf5D/kLywkSJqwNKY=
Subject key identifier:   52:06:F8:AC:66:48:73:15:2A:8C:54:5A:51:2F:65:7D:87:FB:F9:4A
Certificate issuer:       /CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
Certificate serial:       018CC8DF06A9475BC0B9C13E160DE82A46C9
Authority key identifier: 0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Ugb4rGZIcxUqjFRaUS9lfYf7-Uo.roa
Signing time:             Tue 02 Jan 2024 06:31:48 +0000
ROA not before:           Tue 02 Jan 2024 06:31:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60670
IP address blocks:        195.110.184.0/24 maxlen: 24
                          195.110.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Aug 2024 10:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:06:a9:47:5b:c0:b9:c1:3e:16:0d:e8:2a:46:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
        Validity
            Not Before: Jan  2 06:31:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5206f8ac664873152a8c545a512f657d87fbf94a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:bd:bf:45:8d:52:04:d4:bd:d1:ee:89:6c:a8:
                    eb:cd:f2:55:64:73:e0:ce:34:93:47:f9:3d:a1:86:
                    55:0c:8f:9a:7a:7e:4d:fb:17:12:9b:65:ec:20:e2:
                    59:9e:d6:23:33:5f:08:1c:a7:37:11:ed:0f:74:b1:
                    c1:b1:4a:7c:9f:2a:9c:bd:c7:18:08:fa:41:72:73:
                    09:18:47:0c:8b:da:59:29:13:ef:c3:79:32:d8:99:
                    92:7f:ef:4a:a7:f4:07:38:32:57:e1:a2:7d:86:05:
                    42:3b:87:ce:0c:40:cc:97:cc:a2:a3:3e:06:b5:0c:
                    00:92:1d:74:d7:b2:3f:21:bf:31:b9:0d:eb:20:3f:
                    12:c8:9f:82:ce:85:38:cf:58:43:cc:0d:f4:08:42:
                    e0:e5:53:37:c1:d5:bf:f4:26:29:27:56:0a:95:7f:
                    7b:61:01:1b:25:11:2d:6f:c8:dc:3f:de:e1:c1:67:
                    92:a6:7f:7f:0c:5f:01:a9:1e:cd:76:41:6e:21:ec:
                    0e:b2:b9:54:a8:6c:52:2a:f2:81:a3:ad:c1:66:be:
                    bb:74:65:e6:7d:9d:77:97:c4:9e:ba:20:66:78:8d:
                    f9:4a:73:87:e2:72:26:0c:b8:4b:ad:94:49:5f:53:
                    6d:c8:2f:30:ff:2a:b9:d5:56:ad:60:7e:39:2f:40:
                    d3:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:06:F8:AC:66:48:73:15:2A:8C:54:5A:51:2F:65:7D:87:FB:F9:4A
            X509v3 Authority Key Identifier:
                keyid:0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Ugb4rGZIcxUqjFRaUS9lfYf7-Uo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Dm2P132t49P5bLSZMZSMJymtoN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.110.184.0/23

    Signature Algorithm: sha256WithRSAEncryption
         34:d1:37:d1:ba:22:2f:23:77:3d:4d:fe:5f:24:20:ad:46:57:
         35:88:ef:30:d5:1d:de:a7:c2:41:c8:29:53:17:ad:13:14:fa:
         37:78:05:1a:47:52:6c:cc:15:cb:3e:4c:51:00:20:a7:fd:6b:
         01:61:b3:ce:3e:0d:1d:e7:e1:96:c3:2a:8a:5d:3d:f3:04:96:
         65:79:c4:ed:be:cc:38:5e:2e:85:47:ee:9e:95:31:72:3f:8e:
         9b:24:33:82:0d:cb:a6:3f:88:3d:32:55:b8:6d:30:ba:c5:f5:
         43:e0:60:82:e2:7c:7f:f7:9f:2d:d0:bc:dc:f6:0a:0d:24:00:
         7d:ed:09:20:70:b8:a9:71:ad:6b:c7:79:45:07:c8:c9:ec:29:
         0f:86:08:78:ad:46:48:d4:dd:49:4d:d2:65:25:e5:4d:58:1a:
         4f:38:58:d9:b2:cf:58:12:99:48:35:c0:c0:1b:e7:56:d9:ea:
         ae:a6:12:70:b8:67:4c:a8:c7:d0:3a:7e:2f:86:6c:61:29:f0:
         ed:72:0b:a5:65:fd:94:be:53:7a:a6:92:39:9b:da:1c:4b:90:
         bc:21:79:49:7c:c8:b2:7b:7f:59:67:9e:27:4e:ab:03:d2:90:
         3e:6a:ce:05:82:d7:87:17:c1:05:07:66:e1:7d:1a:6e:e5:aa:
         6a:33:18:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wapR1vAucE+Fg3oKkbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmQ4ZmQ3N2RhZGUzZDNmOTZjYjQ5OTMxOTQ4YzI3Mjlh
ZGEwZGUwHhcNMjQwMTAyMDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA2ZjhhYzY2NDg3MzE1MmE4YzU0NWE1MTJmNjU3ZDg3ZmJmOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob2/RY1SBNS90e6JbKjrzfJVZHPg
zjSTR/k9oYZVDI+aen5N+xcSm2XsIOJZntYjM18IHKc3Ee0PdLHBsUp8nyqcvccY
CPpBcnMJGEcMi9pZKRPvw3ky2JmSf+9Kp/QHODJX4aJ9hgVCO4fODEDMl8yioz4G
tQwAkh1017I/Ib8xuQ3rID8SyJ+CzoU4z1hDzA30CELg5VM3wdW/9CYpJ1YKlX97
YQEbJREtb8jcP97hwWeSpn9/DF8BqR7NdkFuIewOsrlUqGxSKvKBo63BZr67dGXm
fZ13l8SeuiBmeI35SnOH4nImDLhLrZRJX1NtyC8w/yq51VatYH45L0DTaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIG+KxmSHMVKoxUWlEvZX2H+/lKMB8GA1UdIwQY
MBaAFA5tj9d9rePT+Wy0mTGUjCcpraDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEt
YmQzNWMwNDhiOTMwLzEvVWdiNHJHWkljeFVxakZSYVVTOWxmWWY3LVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEtYmQzNWMwNDhiOTMw
LzEvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw264MA0G
CSqGSIb3DQEBCwUAA4IBAQA00TfRuiIvI3c9Tf5fJCCtRlc1iO8w1R3ep8JByClT
F60TFPo3eAUaR1JszBXLPkxRACCn/WsBYbPOPg0d5+GWwyqKXT3zBJZlecTtvsw4
Xi6FR+6elTFyP46bJDOCDcumP4g9MlW4bTC6xfVD4GCC4nx/958t0Lzc9goNJAB9
7QkgcLipca1rx3lFB8jJ7CkPhgh4rUZI1N1JTdJlJeVNWBpPOFjZss9YEplINcDA
G+dW2equphJwuGdMqMfQOn4vhmxhKfDtcgulZf2UvlN6ppI5m9ocS5C8IXlJfMiy
e39ZZ54nTqsD0pA+as4FgteHF8EFB2bhfRpu5apqMxhE
-----END CERTIFICATE-----
Generated at Mon Aug 5 12:53:52 2024 by rpki-client on console-ams.rpki-client.org