Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/UCdhdlCYzQ2o4YKHAQ_5ChDSjEw.roa
File:                     UCdhdlCYzQ2o4YKHAQ_5ChDSjEw.roa (raw, json)
Hash identifier:          gIq67wp1JhILvAL4P9fzLcCouIkt+kOMXvzYG2l17TY=
Subject key identifier:   50:27:61:76:50:98:CD:0D:A8:E1:82:87:01:0F:F9:0A:10:D2:8C:4C
Certificate issuer:       /CN=719e59b5017bfe634411949eff2d70ba0a07c540
Certificate serial:       01856EB918BF10EF4F0805FBD55298B3DDC0
Authority key identifier: 71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/UCdhdlCYzQ2o4YKHAQ_5ChDSjEw.roa
Signing time:             Sun 01 Jan 2023 19:05:02 +0000
ROA not before:           Sun 01 Jan 2023 19:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        46.28.58.0/24 maxlen: 24
                          46.28.59.0/24 maxlen: 24
                          46.28.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:b9:18:bf:10:ef:4f:08:05:fb:d5:52:98:b3:dd:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=719e59b5017bfe634411949eff2d70ba0a07c540
        Validity
            Not Before: Jan  1 19:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=502761765098cd0da8e18287010ff90a10d28c4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:21:c3:cb:8a:1b:00:37:e3:82:d1:81:92:04:
                    d3:c6:ec:54:4e:b9:d5:42:27:16:a6:71:2f:5e:df:
                    3a:b6:57:7a:4d:dd:39:f1:ca:38:f6:9a:34:3a:3d:
                    b5:1e:08:8f:d9:ae:bd:f3:6a:77:19:d8:72:c2:f0:
                    3d:91:af:d6:a4:47:ae:f6:b2:76:e9:b1:20:19:2b:
                    0b:5f:1f:77:5a:fa:b5:29:59:1b:bf:b3:b3:47:52:
                    4b:a5:dd:3d:d2:b2:4f:05:2e:05:7e:a6:e1:1f:cf:
                    42:f0:35:a2:0d:c3:8c:05:cd:28:2d:a7:b2:48:2c:
                    64:83:1e:7d:9e:bb:48:67:3f:97:38:1c:59:c8:c0:
                    e4:87:b6:88:3b:3f:5e:7a:ec:0f:b9:fd:f1:0c:a5:
                    93:2d:28:34:1b:80:67:0c:45:b8:f9:c7:07:86:ff:
                    f8:84:e8:58:19:84:4a:d5:8b:1d:5d:17:be:25:f8:
                    90:f6:21:2e:14:20:06:d2:0e:59:37:df:5b:c1:60:
                    49:ea:4a:b0:2c:71:64:65:c4:ca:a8:9a:c0:2d:ae:
                    aa:6b:db:d9:93:b5:c2:1c:ee:4d:4d:f8:1d:07:5d:
                    b9:20:02:0a:fb:00:09:dd:ab:2e:b6:8a:28:52:bf:
                    13:18:d8:7b:3a:e3:78:11:55:bb:62:55:f0:44:ae:
                    32:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:27:61:76:50:98:CD:0D:A8:E1:82:87:01:0F:F9:0A:10:D2:8C:4C
            X509v3 Authority Key Identifier:
                keyid:71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/UCdhdlCYzQ2o4YKHAQ_5ChDSjEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.28.58.0/23
                  46.28.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:8a:4d:88:b2:43:80:b8:98:ae:4d:55:25:c3:99:7d:f5:58:
         81:2d:55:78:90:03:9b:8e:23:fa:1b:85:20:f0:9b:68:a3:a6:
         6a:69:cd:4e:2e:ff:ac:37:30:67:05:58:23:ac:3b:01:d9:7e:
         25:b8:c8:a0:d3:b5:bf:26:38:cf:d1:93:7f:9f:66:e6:12:0b:
         9c:8d:13:2a:da:47:2e:9c:36:1e:c7:7e:d6:c1:e3:00:db:20:
         ed:93:8e:59:b0:41:2e:f1:97:4c:4c:85:87:d9:b7:89:bb:c2:
         01:6e:30:d9:21:ed:0d:21:84:9b:4f:b6:d9:23:75:f6:da:4b:
         3f:d4:9b:cd:ff:78:b7:0c:25:fe:ff:64:fd:b0:2d:0c:e8:0a:
         15:83:ec:05:2c:6c:be:04:7c:b3:3b:57:7c:72:32:f1:f4:47:
         24:f2:4b:e3:68:c8:74:9a:be:80:f4:19:54:c6:bd:9a:24:c8:
         6c:9a:de:40:67:d9:c8:69:58:e4:95:31:ab:03:ad:14:f9:f0:
         9e:76:25:28:04:dc:d2:dd:18:91:17:50:85:a4:f8:0b:b0:68:
         7d:37:d4:66:c8:87:78:a3:41:2a:90:5b:79:9d:33:2e:63:a0:
         21:95:61:aa:41:d1:33:1d:2b:ba:52:13:4d:81:ac:45:ab:6a:
         d0:71:d4:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuuRi/EO9PCAX71VKYs93AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOWU1OWI1MDE3YmZlNjM0NDExOTQ5ZWZmMmQ3MGJhMGEw
N2M1NDAwHhcNMjMwMTAxMTkwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDI3NjE3NjUwOThjZDBkYThlMTgyODcwMTBmZjkwYTEwZDI4YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiHDy4obADfjgtGBkgTTxuxUTrnV
QicWpnEvXt86tld6Td058co49po0Oj21HgiP2a6982p3GdhywvA9ka/WpEeu9rJ2
6bEgGSsLXx93Wvq1KVkbv7OzR1JLpd090rJPBS4FfqbhH89C8DWiDcOMBc0oLaey
SCxkgx59nrtIZz+XOBxZyMDkh7aIOz9eeuwPuf3xDKWTLSg0G4BnDEW4+ccHhv/4
hOhYGYRK1YsdXRe+JfiQ9iEuFCAG0g5ZN99bwWBJ6kqwLHFkZcTKqJrALa6qa9vZ
k7XCHO5NTfgdB125IAIK+wAJ3asutoooUr8TGNh7OuN4EVW7YlXwRK4yIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFAnYXZQmM0NqOGChwEP+QoQ0oxMMB8GA1UdIwQY
MBaAFHGeWbUBe/5jRBGUnv8tcLoKB8VAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEt
ZjQ2ZjlkNjc0ZjZjLzEvVUNkaGRsQ1l6UTJvNFlLSEFRXzVDaERTakV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEtZjQ2ZjlkNjc0ZjZj
LzEvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhw6AwQA
Lhw/MA0GCSqGSIb3DQEBCwUAA4IBAQAEik2IskOAuJiuTVUlw5l99ViBLVV4kAOb
jiP6G4Ug8Jtoo6Zqac1OLv+sNzBnBVgjrDsB2X4luMig07W/JjjP0ZN/n2bmEguc
jRMq2kcunDYex37WweMA2yDtk45ZsEEu8ZdMTIWH2beJu8IBbjDZIe0NIYSbT7bZ
I3X22ks/1JvN/3i3DCX+/2T9sC0M6AoVg+wFLGy+BHyzO1d8cjLx9Eck8kvjaMh0
mr6A9BlUxr2aJMhsmt5AZ9nIaVjklTGrA60U+fCediUoBNzS3RiRF1CFpPgLsGh9
N9RmyId4o0EqkFt5nTMuY6AhlWGqQdEzHSu6UhNNgaxFq2rQcdRK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:10 2024 by rpki-client on console-fra.rpki-client.org