Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa
File:                     Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa (raw, json)
Hash identifier:          75lMYq4S1sFIMJGn51cbNVp/dTja+05kYVGsa4LJr9Y=
Subject key identifier:   52:49:FD:4D:8A:BD:BF:CB:7D:8E:48:6E:D5:5C:CF:60:E7:E1:4D:45
Certificate issuer:       /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial:       01856E0207C58A3ECE6A3D3B45559DEDDE18
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa
Signing time:             Sun 01 Jan 2023 15:45:04 +0000
ROA not before:           Sun 01 Jan 2023 15:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.43.192.0/24 maxlen: 24
                          185.43.195.0/24 maxlen: 24
                          185.43.194.0/24 maxlen: 24
                          185.43.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:02:07:c5:8a:3e:ce:6a:3d:3b:45:55:9d:ed:de:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
        Validity
            Not Before: Jan  1 15:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5249fd4d8abdbfcb7d8e486ed55ccf60e7e14d45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:30:64:6d:2a:5c:83:28:32:2c:c4:b4:de:36:
                    93:63:c5:2a:e6:ac:10:12:47:cc:c4:0e:00:02:5d:
                    32:7a:01:9e:bf:e4:0d:0c:fd:76:cb:2c:56:27:3e:
                    b9:8c:66:44:e7:ca:92:03:0d:da:16:d7:6b:14:e6:
                    0a:1c:50:db:17:34:c0:e9:70:e9:20:ec:6f:a0:6f:
                    5d:f8:07:5e:00:8f:70:bf:b2:2d:c1:2d:9e:04:fc:
                    3c:81:85:7d:b7:76:6c:2c:2e:41:a2:ed:47:ff:7d:
                    87:e3:59:bd:65:e2:d4:d2:d0:ee:bb:ef:00:ae:1d:
                    97:78:b4:89:56:d6:2b:29:cb:4d:09:b5:2b:05:9d:
                    68:ec:87:c3:ef:96:72:30:d8:de:54:e9:c1:50:1e:
                    5b:ac:e2:1a:b6:ab:e4:a6:da:55:b6:e7:28:4d:b0:
                    ee:81:10:9d:0f:c0:7b:ba:ea:50:52:26:1c:65:d1:
                    18:4d:6e:61:d6:41:96:d9:2d:55:7b:32:8a:78:f3:
                    99:71:1a:2a:95:12:c7:21:84:5f:d3:8e:8b:e0:53:
                    7e:fa:2b:5a:42:46:69:25:f8:43:c6:f5:1c:50:7c:
                    b1:fc:30:96:27:18:36:79:a9:e0:a1:03:92:6e:2a:
                    29:f5:59:1f:4c:7b:59:72:81:a4:a6:83:fc:4b:26:
                    24:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:49:FD:4D:8A:BD:BF:CB:7D:8E:48:6E:D5:5C:CF:60:E7:E1:4D:45
            X509v3 Authority Key Identifier:
                keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:66:e5:8f:c0:a6:8d:7f:c7:bf:99:12:9a:c9:90:e7:46:ae:
         59:82:97:5f:96:5a:66:91:51:af:1a:71:1c:a6:32:6e:7b:23:
         b8:9b:eb:be:46:2d:88:9d:cd:31:e3:27:84:f4:b8:9e:f2:37:
         57:3f:57:f4:53:1d:c3:79:7c:59:38:67:e6:aa:20:f4:e2:63:
         dd:84:ff:91:71:ff:fd:f5:06:d2:23:92:8f:fe:ee:11:2b:1e:
         9f:c5:38:df:af:bc:f5:c5:4e:ba:b0:7f:8c:e3:e1:e4:1d:f5:
         64:b4:86:6b:52:9e:42:f0:26:84:4c:bc:20:2d:4b:d3:dd:b2:
         2a:0c:61:b0:c4:4a:42:4c:12:f0:88:b3:71:13:d6:f0:42:34:
         b8:5d:60:80:ab:fa:b5:2b:f8:d9:01:7d:a0:68:b3:6b:5f:2a:
         ad:87:8a:fc:94:53:f9:ee:5d:87:4f:a7:ac:a0:f5:7f:56:b3:
         47:00:d8:af:24:00:f8:20:4f:a6:93:09:5b:ab:c1:ab:0c:90:
         fb:f8:fc:9c:30:cc:8a:69:2b:f2:76:26:1c:bc:2b:44:9b:ef:
         7c:13:d9:5e:c0:3f:ef:65:cb:71:dd:10:5e:fc:48:f0:f7:1d:
         d1:5e:be:e2:6d:ff:2c:b5:30:f4:50:72:a5:74:cf:7b:d6:1d:
         b3:7c:2d:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAgfFij7Oaj07RVWd7d4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDI3MjFmMmUyYmQwMTFiOGE2ODYwYWQyNTcyYzQwNWMw
YjU0MGYwHhcNMjMwMTAxMTU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ5ZmQ0ZDhhYmRiZmNiN2Q4ZTQ4NmVkNTVjY2Y2MGU3ZTE0ZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDBkbSpcgygyLMS03jaTY8Uq5qwQ
EkfMxA4AAl0yegGev+QNDP12yyxWJz65jGZE58qSAw3aFtdrFOYKHFDbFzTA6XDp
IOxvoG9d+AdeAI9wv7ItwS2eBPw8gYV9t3ZsLC5Bou1H/32H41m9ZeLU0tDuu+8A
rh2XeLSJVtYrKctNCbUrBZ1o7IfD75ZyMNjeVOnBUB5brOIatqvkptpVtucoTbDu
gRCdD8B7uupQUiYcZdEYTW5h1kGW2S1VezKKePOZcRoqlRLHIYRf046L4FN++ita
QkZpJfhDxvUcUHyx/DCWJxg2eangoQOSbiop9VkfTHtZcoGkpoP8SyYkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJJ/U2Kvb/LfY5IbtVcz2Dn4U1FMB8GA1UdIwQY
MBaAFOnSch8uK9ARuKaGCtJXLEBcC1QPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTkt
YzQ1OTAzYzNiMzI5LzEvVWtuOVRZcTl2OHQ5amtodTFWelBZT2ZoVFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTktYzQ1OTAzYzNiMzI5
LzEvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSvAMA0G
CSqGSIb3DQEBCwUAA4IBAQBFZuWPwKaNf8e/mRKayZDnRq5ZgpdfllpmkVGvGnEc
pjJueyO4m+u+Ri2Inc0x4yeE9Lie8jdXP1f0Ux3DeXxZOGfmqiD04mPdhP+Rcf/9
9QbSI5KP/u4RKx6fxTjfr7z1xU66sH+M4+HkHfVktIZrUp5C8CaETLwgLUvT3bIq
DGGwxEpCTBLwiLNxE9bwQjS4XWCAq/q1K/jZAX2gaLNrXyqth4r8lFP57l2HT6es
oPV/VrNHANivJAD4IE+mkwlbq8GrDJD7+PycMMyKaSvydiYcvCtEm+98E9lewD/v
Zctx3RBe/Ejw9x3RXr7ibf8stTD0UHKldM971h2zfC2v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org