Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/U5piwimIR4_q3rc6cUSci5uEuDM.roa
File:                     U5piwimIR4_q3rc6cUSci5uEuDM.roa (raw, json)
Hash identifier:          wnk+U4qW5A/5cO5OC57lg+Hw9aR0Zq8hogQie+J78Gk=
Subject key identifier:   53:9A:62:C2:29:88:47:8F:EA:DE:B7:3A:71:44:9C:8B:9B:84:B8:33
Certificate issuer:       /CN=cef38f48568833a5f7157eef59787833a01f53f5
Certificate serial:       0188D90F46CA6E9FB18BA3017AAC4B61346B
Authority key identifier: CE:F3:8F:48:56:88:33:A5:F7:15:7E:EF:59:78:78:33:A0:1F:53:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zvOPSFaIM6X3FX7vWXh4M6AfU_U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/U5piwimIR4_q3rc6cUSci5uEuDM.roa
Signing time:             Tue 20 Jun 2023 13:47:16 +0000
ROA not before:           Tue 20 Jun 2023 13:47:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200428
IP address blocks:        185.92.60.0/22 maxlen: 22
                          2a05:ef40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d9:0f:46:ca:6e:9f:b1:8b:a3:01:7a:ac:4b:61:34:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cef38f48568833a5f7157eef59787833a01f53f5
        Validity
            Not Before: Jun 20 13:47:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=539a62c22988478feadeb73a71449c8b9b84b833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6f:ad:26:7b:8f:54:d8:78:00:20:ea:45:e1:
                    bc:6c:d3:17:6d:05:ea:72:a5:7f:f2:7c:75:3f:83:
                    82:8f:36:8c:ab:f0:61:9d:ae:1b:7e:56:94:6a:19:
                    85:e1:6a:f6:b4:10:82:7f:55:cc:d0:c6:dc:8e:8e:
                    02:57:d5:20:21:5f:98:57:d6:5e:01:a7:3e:c7:d4:
                    63:91:c0:72:09:c7:4f:eb:c5:a0:a0:e4:2d:ac:6d:
                    e6:16:d6:ce:bb:43:bb:04:0b:60:9b:d7:3c:dd:1e:
                    40:ca:66:b4:a6:18:31:2f:16:5a:27:fb:49:73:d9:
                    a8:3e:5b:54:19:94:d7:a1:4d:91:2b:93:dd:b4:40:
                    97:21:bc:04:a6:24:60:9c:17:e6:cb:a6:ba:9d:91:
                    16:27:f5:67:02:57:8f:ac:88:a1:b7:a3:60:3c:2b:
                    7c:fc:d2:08:32:84:ac:b8:b5:10:30:4f:bf:b5:de:
                    5c:c7:99:de:4b:f4:d2:5f:00:93:d1:7d:09:cc:e5:
                    50:42:50:3e:0c:65:a0:cf:8f:06:3d:4f:0d:b7:10:
                    74:31:56:1b:6f:b5:b9:68:2d:fe:fd:33:03:8d:a4:
                    2e:a1:3a:27:03:a9:24:93:1b:e9:db:23:68:68:fc:
                    e9:03:93:c2:81:10:b2:20:4c:a0:f9:f6:9e:ff:5e:
                    3c:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:9A:62:C2:29:88:47:8F:EA:DE:B7:3A:71:44:9C:8B:9B:84:B8:33
            X509v3 Authority Key Identifier:
                keyid:CE:F3:8F:48:56:88:33:A5:F7:15:7E:EF:59:78:78:33:A0:1F:53:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvOPSFaIM6X3FX7vWXh4M6AfU_U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/U5piwimIR4_q3rc6cUSci5uEuDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/zvOPSFaIM6X3FX7vWXh4M6AfU_U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.60.0/22
                IPv6:
                  2a05:ef40::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:ca:5c:3c:e8:27:5e:8f:b6:df:40:fe:a1:79:77:ad:a7:18:
         dc:73:57:b6:20:ef:15:bb:4b:e1:9c:47:9c:1c:6c:de:26:87:
         b2:ff:b1:30:6c:e5:7c:63:1f:3a:ff:fd:ea:28:d6:c8:4b:46:
         50:66:d4:df:ed:72:1b:93:6f:29:0d:d2:e9:f7:af:10:37:55:
         d0:95:61:ab:e1:40:9c:e4:86:07:15:71:12:63:46:73:4d:5a:
         4f:f9:96:f1:fb:f2:fa:32:aa:5f:2a:7d:af:34:2f:46:4e:e9:
         96:69:68:74:c1:23:dd:d8:eb:95:2b:53:91:55:95:96:93:e3:
         38:b0:b4:50:0d:a9:ee:92:c2:e4:ca:6c:90:51:3c:34:96:8c:
         c5:b7:91:95:e2:4f:45:54:82:72:20:40:6c:d3:43:dd:d7:af:
         34:69:3c:1f:e3:40:cf:58:c9:a1:56:75:da:d5:46:94:a4:fe:
         8c:e8:83:60:91:b8:cb:86:d3:eb:41:6c:e3:9d:5e:47:64:b3:
         61:e4:5e:dd:9d:41:2a:8a:21:37:e8:f6:c2:46:9a:91:70:9e:
         e8:6c:29:fe:6a:14:49:ab:1e:0f:2d:06:4d:54:88:ba:b5:c6:
         2c:a5:73:fc:00:3a:2e:e6:23:41:81:5d:7b:06:11:ad:dd:61:
         09:55:f6:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjZD0bKbp+xi6MBeqxLYTRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZjM4ZjQ4NTY4ODMzYTVmNzE1N2VlZjU5Nzg3ODMzYTAx
ZjUzZjUwHhcNMjMwNjIwMTM0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzlhNjJjMjI5ODg0NzhmZWFkZWI3M2E3MTQ0OWM4YjliODRiODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum+tJnuPVNh4ACDqReG8bNMXbQXq
cqV/8nx1P4OCjzaMq/Bhna4bflaUahmF4Wr2tBCCf1XM0Mbcjo4CV9UgIV+YV9Ze
Aac+x9RjkcByCcdP68WgoOQtrG3mFtbOu0O7BAtgm9c83R5Ayma0phgxLxZaJ/tJ
c9moPltUGZTXoU2RK5PdtECXIbwEpiRgnBfmy6a6nZEWJ/VnAlePrIiht6NgPCt8
/NIIMoSsuLUQME+/td5cx5neS/TSXwCT0X0JzOVQQlA+DGWgz48GPU8NtxB0MVYb
b7W5aC3+/TMDjaQuoTonA6kkkxvp2yNoaPzpA5PCgRCyIEyg+fae/1480wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFOaYsIpiEeP6t63OnFEnIubhLgzMB8GA1UdIwQY
MBaAFM7zj0hWiDOl9xV+71l4eDOgH1P1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenZPUFNGYUlNNlgzRlg3dldYaDRNNkFmVV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMTBhYmUtNDE0OC00NTFiLTk0ZjUt
Zjk1YzYwOTdhNTBkLzEvVTVwaXdpbUlSNF9xM3JjNmNVU2NpNXVFdURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMTBhYmUtNDE0OC00NTFiLTk0ZjUtZjk1YzYwOTdhNTBk
LzEvenZPUFNGYUlNNlgzRlg3dldYaDRNNkFmVV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVw8MA0E
AgACMAcDBQMqBe9AMA0GCSqGSIb3DQEBCwUAA4IBAQApylw86Cdej7bfQP6heXet
pxjcc1e2IO8Vu0vhnEecHGzeJoey/7EwbOV8Yx86//3qKNbIS0ZQZtTf7XIbk28p
DdLp968QN1XQlWGr4UCc5IYHFXESY0ZzTVpP+Zbx+/L6MqpfKn2vNC9GTumWaWh0
wSPd2OuVK1ORVZWWk+M4sLRQDanuksLkymyQUTw0lozFt5GV4k9FVIJyIEBs00Pd
1680aTwf40DPWMmhVnXa1UaUpP6M6INgkbjLhtPrQWzjnV5HZLNh5F7dnUEqiiE3
6PbCRpqRcJ7obCn+ahRJqx4PLQZNVIi6tcYspXP8ADou5iNBgV17BhGt3WEJVfZ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:45 2024 by rpki-client on console-fra.rpki-client.org