Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/U1GC5H9YE9mgs8uZFcf8IrQMAbc.roa
File:                     U1GC5H9YE9mgs8uZFcf8IrQMAbc.roa (raw, json)
Hash identifier:          5SqlX+u6glh//0AQ7rmOUbaFjXXH5Yj2mD+U3dkTaTE=
Subject key identifier:   53:51:82:E4:7F:58:13:D9:A0:B3:CB:99:15:C7:FC:22:B4:0C:01:B7
Certificate issuer:       /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial:       0187DAB53CBBD651ED9F03443711D87361E1
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/U1GC5H9YE9mgs8uZFcf8IrQMAbc.roa
Signing time:             Tue 02 May 2023 04:25:23 +0000
ROA not before:           Tue 02 May 2023 04:25:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.138.235.0/24 maxlen: 24
                          91.239.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:da:b5:3c:bb:d6:51:ed:9f:03:44:37:11:d8:73:61:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
        Validity
            Not Before: May  2 04:25:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=535182e47f5813d9a0b3cb9915c7fc22b40c01b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a4:f4:b0:8d:6b:13:46:0d:02:5b:1e:fe:f7:
                    7d:cd:37:a5:65:ce:55:85:d8:bb:b2:be:43:14:40:
                    fb:97:ab:6c:31:22:ea:c9:a4:22:fd:11:95:30:26:
                    59:8b:2a:c2:3e:f8:c1:73:27:3d:48:02:d8:2a:7e:
                    c5:f3:ac:3b:60:17:b2:03:16:92:4d:fd:f5:15:da:
                    5a:73:cf:1e:91:3c:f4:20:59:18:b6:e5:79:da:33:
                    9c:a2:84:4f:d9:7c:dd:0c:38:89:61:41:66:72:09:
                    05:25:e6:0a:6f:4f:c3:d3:f9:19:8f:07:af:d7:0b:
                    39:34:20:cc:35:44:47:4e:3c:00:25:33:02:e2:31:
                    35:b0:6e:00:44:f5:01:0a:3d:6d:9a:73:aa:05:0e:
                    ff:4e:54:2a:82:83:cb:8d:cf:c5:d4:18:d2:8e:a0:
                    8a:ac:94:af:02:0b:af:32:85:c9:60:d9:6a:a3:9f:
                    48:1f:2e:00:7d:69:7b:f7:02:af:9d:11:19:49:e8:
                    0b:d7:98:33:4f:84:3e:05:2c:51:9d:a9:ec:17:f4:
                    b0:26:d7:27:b7:b8:7a:f4:a4:88:75:57:c6:da:c5:
                    4c:10:c9:6d:c1:f1:d6:b4:2b:ae:2b:5a:74:91:9b:
                    d4:fe:20:3d:4e:b5:29:bf:79:76:95:f1:18:6d:3b:
                    53:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:51:82:E4:7F:58:13:D9:A0:B3:CB:99:15:C7:FC:22:B4:0C:01:B7
            X509v3 Authority Key Identifier:
                keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/U1GC5H9YE9mgs8uZFcf8IrQMAbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.62.0/24
                  185.138.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:53:d7:d0:95:d6:f5:b7:f8:84:a5:39:cf:b1:8d:3a:92:fa:
         e5:d6:74:c5:37:63:43:49:7d:b2:3c:bc:8a:f7:61:36:08:cd:
         3e:7e:27:9a:fa:c0:b8:7b:6b:42:d2:61:aa:90:5d:1c:4a:c0:
         c4:1c:b5:93:cd:ba:3d:eb:09:b0:46:0d:4f:3e:61:ec:55:f1:
         ed:d4:55:1f:71:33:e0:aa:22:56:29:b2:97:fa:91:48:bf:ab:
         6d:57:8d:ea:fa:c3:15:ee:ef:8b:d0:03:63:56:f0:43:6b:9d:
         af:fa:36:a2:33:a7:3c:1e:88:9e:4c:53:6e:67:ed:e5:1a:cb:
         31:cf:00:6a:cf:0a:e7:13:07:8b:47:e0:f9:58:68:8b:f8:06:
         47:3b:c6:eb:7c:9b:f6:41:71:40:33:98:d8:eb:07:5d:68:d9:
         be:2b:60:5b:77:b7:f1:66:0e:ee:64:a1:8f:45:bc:ae:bd:3a:
         b4:5a:ba:b3:c7:31:40:67:a9:9c:74:5f:58:88:d9:e1:6d:2c:
         50:0d:2f:28:23:c8:1e:33:92:73:33:04:78:50:2e:d3:97:c6:
         2d:b2:45:b7:0c:8b:39:d1:ae:c4:1b:0d:92:c7:d2:1b:76:dd:
         29:d2:06:b9:ea:df:75:48:38:91:93:5b:cb:ce:c5:23:1a:3d:
         4d:dc:5d:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfatTy71lHtnwNENxHYc2HhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjMwNTAyMDQyNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUxODJlNDdmNTgxM2Q5YTBiM2NiOTkxNWM3ZmMyMmI0MGMwMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6T0sI1rE0YNAlse/vd9zTelZc5V
hdi7sr5DFED7l6tsMSLqyaQi/RGVMCZZiyrCPvjBcyc9SALYKn7F86w7YBeyAxaS
Tf31Fdpac88ekTz0IFkYtuV52jOcooRP2XzdDDiJYUFmcgkFJeYKb0/D0/kZjwev
1ws5NCDMNURHTjwAJTMC4jE1sG4ARPUBCj1tmnOqBQ7/TlQqgoPLjc/F1BjSjqCK
rJSvAguvMoXJYNlqo59IHy4AfWl79wKvnREZSegL15gzT4Q+BSxRnansF/SwJtcn
t7h69KSIdVfG2sVMEMltwfHWtCuuK1p0kZvU/iA9TrUpv3l2lfEYbTtTPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNRguR/WBPZoLPLmRXH/CK0DAG3MB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvVTFHQzVIOVlFOW1nczh1WkZjZjhJclFNQWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+8+AwQA
uYrrMA0GCSqGSIb3DQEBCwUAA4IBAQBcU9fQldb1t/iEpTnPsY06kvrl1nTFN2ND
SX2yPLyK92E2CM0+fiea+sC4e2tC0mGqkF0cSsDEHLWTzbo96wmwRg1PPmHsVfHt
1FUfcTPgqiJWKbKX+pFIv6ttV43q+sMV7u+L0ANjVvBDa52v+jaiM6c8HoieTFNu
Z+3lGssxzwBqzwrnEweLR+D5WGiL+AZHO8brfJv2QXFAM5jY6wddaNm+K2Bbd7fx
Zg7uZKGPRbyuvTq0WrqzxzFAZ6mcdF9YiNnhbSxQDS8oI8geM5JzMwR4UC7Tl8Yt
skW3DIs50a7EGw2Sx9Ibdt0p0ga56t91SDiRk1vLzsUjGj1N3F25
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:46 2023 by rpki-client on console-ams.rpki-client.org