Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/UmwxRX7CxoeFUwSpC9YHKf8MJQM.roa
File:                     UmwxRX7CxoeFUwSpC9YHKf8MJQM.roa (raw, json)
Hash identifier:          wHALK4Cn+gh06d0229We35/a/CadK/7h7F1qqFsIte4=
Subject key identifier:   52:6C:31:45:7E:C2:C6:87:85:53:04:A9:0B:D6:07:29:FF:0C:25:03
Certificate issuer:       /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial:       018C8D6D4748FEF087E46527208ED74B606E
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/UmwxRX7CxoeFUwSpC9YHKf8MJQM.roa
Signing time:             Thu 21 Dec 2023 17:29:58 +0000
ROA not before:           Thu 21 Dec 2023 17:29:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209202
IP address blocks:        2.57.128.0/22 maxlen: 22
                          2a09:d940::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8d:6d:47:48:fe:f0:87:e4:65:27:20:8e:d7:4b:60:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
        Validity
            Not Before: Dec 21 17:29:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=526c31457ec2c687855304a90bd60729ff0c2503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:dc:2d:73:8c:0d:8c:f1:55:0d:13:e0:a1:99:
                    db:5c:d2:93:8d:55:e3:82:c0:76:23:5a:75:83:32:
                    6c:92:c0:9d:fe:68:f6:ea:2a:ac:46:a9:65:1c:6b:
                    7e:bf:86:06:0f:d2:5b:57:cc:f5:f9:48:c0:1d:1f:
                    67:9a:14:76:b6:e7:6b:04:f8:23:93:b8:a6:31:12:
                    48:4e:9b:f2:11:03:52:27:3e:7c:78:a0:8b:a6:63:
                    6b:c1:45:84:b5:3d:99:5b:42:59:07:0e:32:f7:70:
                    94:3d:c3:c6:58:82:2e:5e:d4:65:b3:34:69:5b:db:
                    a7:a7:e1:a0:a7:8e:d6:88:68:8f:cd:41:91:44:a9:
                    f2:d6:f6:14:54:62:e4:de:7d:88:5f:74:b1:c3:64:
                    d9:a4:8f:f1:6a:0f:a7:2e:35:8f:50:b2:58:5e:92:
                    d4:f1:bf:ee:6f:a0:90:7b:79:f5:e7:5a:57:6e:50:
                    c0:d7:10:7f:0c:ff:c2:65:b0:a7:85:9f:1c:11:59:
                    b3:7d:da:82:54:51:54:e8:5b:b5:72:25:39:77:fd:
                    94:2e:8d:71:cd:88:b1:3a:be:31:6d:16:ac:d2:6b:
                    18:c6:73:d2:fb:bf:7b:73:a3:be:35:d8:37:06:a3:
                    91:b7:c0:4b:5a:7d:7a:02:26:5d:8e:35:f9:da:fb:
                    80:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:6C:31:45:7E:C2:C6:87:85:53:04:A9:0B:D6:07:29:FF:0C:25:03
            X509v3 Authority Key Identifier:
                keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/UmwxRX7CxoeFUwSpC9YHKf8MJQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.128.0/22
                IPv6:
                  2a09:d940::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:ba:c1:28:44:84:9e:ba:b0:44:ce:65:20:30:7e:78:2f:cc:
         1c:7d:04:c3:14:f4:86:31:96:f4:b4:02:c2:c7:97:ad:ec:ef:
         d9:bd:4b:29:62:cf:fe:76:78:a9:d9:d7:eb:98:c1:37:a2:8b:
         e0:c2:24:a3:b1:f1:47:fa:e4:0a:3b:2e:e4:a1:67:21:95:18:
         43:7c:af:96:56:bc:bd:52:c1:7c:5e:de:fc:31:4a:34:36:ed:
         1a:d7:ab:4d:18:e3:41:cd:72:65:7f:87:24:c6:e9:07:10:f0:
         59:85:d5:b0:35:6c:37:b8:c7:c0:ea:e3:41:b9:57:65:61:b1:
         89:f2:58:83:37:f6:6c:2f:a8:b7:1c:0e:52:ef:03:1b:2f:1f:
         41:db:67:1d:d6:ab:71:3d:32:f4:ec:e5:b8:2c:2f:70:13:07:
         8b:46:55:10:f8:4f:cd:08:dc:0e:2c:86:2c:71:47:1c:a6:a7:
         a8:f4:f1:61:55:85:b8:f5:9d:73:cb:25:9e:fb:4b:71:ad:db:
         bf:05:d0:e9:10:14:a9:9b:32:f3:50:78:21:50:2d:58:ef:c7:
         87:35:31:c8:c1:24:80:cb:af:cc:9d:7d:3a:12:ca:37:b0:30:
         a5:a2:2c:4a:9c:21:2d:8f:31:4b:37:e0:50:bd:2f:e3:98:4e:
         31:f9:16:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyNbUdI/vCH5GUnII7XS2BuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjMxMjIxMTcyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZjMzE0NTdlYzJjNjg3ODU1MzA0YTkwYmQ2MDcyOWZmMGMyNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidwtc4wNjPFVDRPgoZnbXNKTjVXj
gsB2I1p1gzJsksCd/mj26iqsRqllHGt+v4YGD9JbV8z1+UjAHR9nmhR2tudrBPgj
k7imMRJITpvyEQNSJz58eKCLpmNrwUWEtT2ZW0JZBw4y93CUPcPGWIIuXtRlszRp
W9unp+Ggp47WiGiPzUGRRKny1vYUVGLk3n2IX3Sxw2TZpI/xag+nLjWPULJYXpLU
8b/ub6CQe3n151pXblDA1xB/DP/CZbCnhZ8cEVmzfdqCVFFU6Fu1ciU5d/2ULo1x
zYixOr4xbRas0msYxnPS+797c6O+Ndg3BqORt8BLWn16AiZdjjX52vuAxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFJsMUV+wsaHhVMEqQvWByn/DCUDMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvVW13eFJYN0N4b2VGVXdTcEM5WUhLZjhNSlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjmAMA0E
AgACMAcDBQMqCdlAMA0GCSqGSIb3DQEBCwUAA4IBAQBuusEoRISeurBEzmUgMH54
L8wcfQTDFPSGMZb0tALCx5et7O/ZvUspYs/+dnip2dfrmME3oovgwiSjsfFH+uQK
Oy7koWchlRhDfK+WVry9UsF8Xt78MUo0Nu0a16tNGONBzXJlf4ckxukHEPBZhdWw
NWw3uMfA6uNBuVdlYbGJ8liDN/ZsL6i3HA5S7wMbLx9B22cd1qtxPTL07OW4LC9w
EweLRlUQ+E/NCNwOLIYscUccpqeo9PFhVYW49Z1zyyWe+0txrdu/BdDpEBSpmzLz
UHghUC1Y78eHNTHIwSSAy6/MnX06Eso3sDCloixKnCEtjzFLN+BQvS/jmE4x+RaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:02 2024 by rpki-client on console-ams.rpki-client.org