Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/961939-ac8e-4d12-b12f-da5cb0fb19e7/1/cUBQ46bezUw42ttEEgPbTLViR84.roa
File:                     cUBQ46bezUw42ttEEgPbTLViR84.roa (raw, json)
Hash identifier:          V0GL+01LmHrnq1ir2ntMWUh74AZTSGnjfhQe/Ghs2Hg=
Subject key identifier:   71:40:50:E3:A6:DE:CD:4C:38:DA:DB:44:12:03:DB:4C:B5:62:47:CE
Certificate issuer:       /CN=857f4c122e4f8c601f21c5c868716d46089d85e1
Certificate serial:       01856DCB0AD8EECB0B8BF2F7EB8E0B0F7F82
Authority key identifier: 85:7F:4C:12:2E:4F:8C:60:1F:21:C5:C8:68:71:6D:46:08:9D:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hX9MEi5PjGAfIcXIaHFtRgidheE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/961939-ac8e-4d12-b12f-da5cb0fb19e7/1/cUBQ46bezUw42ttEEgPbTLViR84.roa
Signing time:             Sun 01 Jan 2023 14:45:01 +0000
ROA not before:           Sun 01 Jan 2023 14:45:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50320
IP address blocks:        193.104.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:cb:0a:d8:ee:cb:0b:8b:f2:f7:eb:8e:0b:0f:7f:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=857f4c122e4f8c601f21c5c868716d46089d85e1
        Validity
            Not Before: Jan  1 14:45:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=714050e3a6decd4c38dadb441203db4cb56247ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:55:d1:03:e2:40:dd:d9:41:cd:74:a3:05:3c:
                    59:b9:e1:3e:8c:c4:b2:50:0f:6d:4d:e1:1e:b4:84:
                    8a:db:bd:34:26:27:0d:d3:be:b8:42:b9:3c:b0:6d:
                    c9:da:f4:4b:02:5c:d4:da:78:79:c8:07:85:b2:26:
                    3f:6f:b7:6e:95:98:97:2a:fd:37:fd:94:6c:87:70:
                    bb:38:35:f4:80:81:a0:83:8e:73:46:4a:f7:9a:34:
                    84:bf:1b:9a:37:a9:af:a2:c4:c8:ed:00:6d:07:a6:
                    b6:e4:7b:25:1a:af:21:0a:74:97:3c:72:20:67:49:
                    fc:9d:75:4a:50:35:4a:ab:ec:0e:fe:05:cc:3c:a4:
                    2d:68:54:f6:8d:81:a9:80:e7:6c:8a:3b:0a:92:51:
                    6a:86:31:b6:6d:11:54:0d:69:d9:7b:2f:c0:bf:e4:
                    6f:50:2c:7b:19:00:3d:ff:9d:10:75:53:a6:b2:ba:
                    92:c3:0d:8b:80:7c:8a:85:88:1f:3e:ba:f1:87:73:
                    81:f4:f5:ba:e3:4d:cc:9b:20:96:a4:ac:e1:1f:16:
                    f8:1f:17:1c:20:77:58:80:fd:6c:c5:2c:5f:3a:d1:
                    ab:f4:23:61:9e:3b:ca:c0:c6:a7:3f:30:20:8e:a5:
                    ae:13:a9:92:28:62:17:69:2b:00:3e:60:35:83:47:
                    fa:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:40:50:E3:A6:DE:CD:4C:38:DA:DB:44:12:03:DB:4C:B5:62:47:CE
            X509v3 Authority Key Identifier:
                keyid:85:7F:4C:12:2E:4F:8C:60:1F:21:C5:C8:68:71:6D:46:08:9D:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hX9MEi5PjGAfIcXIaHFtRgidheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/961939-ac8e-4d12-b12f-da5cb0fb19e7/1/cUBQ46bezUw42ttEEgPbTLViR84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/961939-ac8e-4d12-b12f-da5cb0fb19e7/1/hX9MEi5PjGAfIcXIaHFtRgidheE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:29:67:e5:30:28:ae:79:88:10:3d:f6:2c:5a:de:8a:36:9f:
         b2:82:cd:be:c1:af:3a:f6:81:be:ce:c6:cd:9f:21:a3:4a:7b:
         27:b1:ad:12:63:16:96:c5:29:e5:51:a7:08:5a:12:64:0f:1b:
         8b:dc:b7:d7:3f:f9:ee:29:c8:08:f4:f2:7b:23:36:9c:af:e1:
         0a:44:47:15:03:fb:81:db:c0:e1:20:df:ff:3d:d9:8b:5d:f6:
         df:2d:0e:a8:a9:88:d9:7a:c4:8b:09:73:4b:eb:f1:6d:25:05:
         ab:36:a3:39:5b:36:a8:52:c1:99:2b:48:db:0b:3a:d4:1b:70:
         eb:5a:e7:65:d5:eb:f3:7c:df:99:49:2a:4a:33:e0:0d:c3:f7:
         f9:0c:4d:5d:16:9e:52:8d:0e:22:2e:66:1d:38:61:76:1e:d2:
         89:22:a4:11:74:d3:75:f0:04:44:1d:da:11:6f:b8:ed:c5:02:
         f5:22:a1:56:72:4f:3d:e5:38:7c:66:c9:8e:d2:cb:61:ff:8f:
         54:42:70:34:ba:ae:43:eb:94:f0:e1:69:03:11:bb:53:90:04:
         e5:eb:3c:37:96:82:c0:e9:a6:94:d2:b2:4c:a9:e8:01:77:80:
         67:6a:66:4c:35:32:e0:6e:db:5c:b0:91:fb:39:c8:4f:0d:fb:
         a0:40:8a:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtywrY7ssLi/L3644LD3+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2Y0YzEyMmU0ZjhjNjAxZjIxYzVjODY4NzE2ZDQ2MDg5
ZDg1ZTEwHhcNMjMwMTAxMTQ0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQwNTBlM2E2ZGVjZDRjMzhkYWRiNDQxMjAzZGI0Y2I1NjI0N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylXRA+JA3dlBzXSjBTxZueE+jMSy
UA9tTeEetISK2700JicN0764Qrk8sG3J2vRLAlzU2nh5yAeFsiY/b7dulZiXKv03
/ZRsh3C7ODX0gIGgg45zRkr3mjSEvxuaN6mvosTI7QBtB6a25HslGq8hCnSXPHIg
Z0n8nXVKUDVKq+wO/gXMPKQtaFT2jYGpgOdsijsKklFqhjG2bRFUDWnZey/Av+Rv
UCx7GQA9/50QdVOmsrqSww2LgHyKhYgfPrrxh3OB9PW6403MmyCWpKzhHxb4Hxcc
IHdYgP1sxSxfOtGr9CNhnjvKwManPzAgjqWuE6mSKGIXaSsAPmA1g0f66wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFAUOOm3s1MONrbRBID20y1YkfOMB8GA1UdIwQY
MBaAFIV/TBIuT4xgHyHFyGhxbUYInYXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFg5TUVpNVBqR0FmSWNYSWFIRnRSZ2lkaGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85NjE5MzktYWM4ZS00ZDEyLWIxMmYt
ZGE1Y2IwZmIxOWU3LzEvY1VCUTQ2YmV6VXc0MnR0RUVnUGJUTFZpUjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85NjE5MzktYWM4ZS00ZDEyLWIxMmYtZGE1Y2IwZmIxOWU3
LzEvaFg5TUVpNVBqR0FmSWNYSWFIRnRSZ2lkaGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWjOMA0G
CSqGSIb3DQEBCwUAA4IBAQBrKWflMCiueYgQPfYsWt6KNp+ygs2+wa869oG+zsbN
nyGjSnsnsa0SYxaWxSnlUacIWhJkDxuL3LfXP/nuKcgI9PJ7Izacr+EKREcVA/uB
28DhIN//PdmLXfbfLQ6oqYjZesSLCXNL6/FtJQWrNqM5WzaoUsGZK0jbCzrUG3Dr
Wudl1evzfN+ZSSpKM+ANw/f5DE1dFp5SjQ4iLmYdOGF2HtKJIqQRdNN18AREHdoR
b7jtxQL1IqFWck895Th8ZsmO0sth/49UQnA0uq5D65Tw4WkDEbtTkATl6zw3loLA
6aaU0rJMqegBd4BnamZMNTLgbttcsJH7OchPDfugQIrY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org