Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/OUgMW0LtDJW5-9RnVI8XVCWDeNw.roa
File:                     OUgMW0LtDJW5-9RnVI8XVCWDeNw.roa (raw, json)
Hash identifier:          zE/OFQ+beazGE27shGW0RNWPLJb+QHokWG4YEQKneKc=
Subject key identifier:   39:48:0C:5B:42:ED:0C:95:B9:FB:D4:67:54:8F:17:54:25:83:78:DC
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01856F5DCED7A4A64720B9C1B5995541B2A9
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/OUgMW0LtDJW5-9RnVI8XVCWDeNw.roa
Signing time:             Sun 01 Jan 2023 22:04:56 +0000
ROA not before:           Sun 01 Jan 2023 22:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200724
IP address blocks:        213.33.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:ce:d7:a4:a6:47:20:b9:c1:b5:99:55:41:b2:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jan  1 22:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=39480c5b42ed0c95b9fbd467548f1754258378dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:50:d9:96:9c:35:2f:78:49:98:5d:ae:d9:e2:
                    c4:0f:90:70:35:76:ca:d4:d1:19:ca:b7:84:96:14:
                    ec:db:cd:f2:1d:22:37:08:28:eb:61:1a:66:6d:e3:
                    38:5c:c5:87:23:21:fc:35:b3:5b:9e:38:07:6c:02:
                    6c:b4:db:e6:01:98:4a:4c:95:18:b6:69:0c:3c:64:
                    d5:7b:38:b1:b3:dd:54:22:57:9c:b5:3a:98:8b:51:
                    90:77:14:1b:0b:e3:8a:cd:5e:d5:60:2e:f5:1a:d0:
                    99:f4:fe:a0:55:00:61:d5:7b:65:2c:7d:e5:a1:10:
                    a7:84:a3:e3:99:ba:19:7d:15:85:58:56:84:41:1a:
                    7e:9c:48:3b:09:5b:ae:52:2d:11:2d:c7:8a:97:5c:
                    13:d0:e3:39:84:c4:34:db:0a:46:ce:ce:3b:78:e7:
                    62:61:aa:2d:0a:9b:9f:e0:01:7c:a0:5f:aa:16:7c:
                    ff:38:f2:9c:fe:39:ae:64:1b:4a:cc:03:a7:27:ed:
                    31:01:ca:8b:39:d0:69:2d:9e:f1:cc:6c:7c:a2:35:
                    cb:0e:16:92:83:81:d5:eb:9a:4e:ba:39:26:b5:3f:
                    2e:1d:d5:92:ed:55:a7:22:d0:59:a9:5d:b9:b1:ef:
                    51:83:8b:ab:e2:19:18:ad:30:90:5e:93:86:0c:b8:
                    e3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:48:0C:5B:42:ED:0C:95:B9:FB:D4:67:54:8F:17:54:25:83:78:DC
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/OUgMW0LtDJW5-9RnVI8XVCWDeNw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.33.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:db:d8:b8:e2:06:7b:46:ef:c7:ef:a6:3b:59:19:24:8a:c9:
         1e:11:76:6b:bb:3c:7e:d9:b4:55:0d:71:88:7e:71:06:5d:b8:
         c2:f7:e8:26:d0:47:2a:8a:60:66:5f:08:72:77:b9:f1:88:8b:
         88:cd:32:23:da:06:55:1e:76:de:39:cc:c1:49:60:1e:9c:4c:
         6b:01:5f:17:e4:7c:63:46:32:c8:1b:5b:1e:3b:54:cf:e7:cc:
         67:4e:12:5c:7e:b1:a6:89:4a:f5:98:ca:a2:7c:fe:5d:2a:df:
         4c:d6:3d:07:c9:ff:0f:3b:a1:48:04:14:0b:ae:ff:08:02:c4:
         96:40:e0:5a:e7:37:4d:30:f7:1f:dc:dd:1a:1a:02:fa:ed:7c:
         d9:70:5f:c5:6d:e6:43:f6:8e:20:03:36:48:7c:e0:62:29:66:
         79:5e:b9:40:6e:a8:66:56:41:56:65:82:87:03:45:48:4f:e6:
         75:31:58:f7:12:6c:74:b0:97:87:b6:84:03:ea:89:9d:8e:54:
         bf:e8:c9:26:ab:33:40:7a:41:0b:00:2c:1f:80:18:fb:06:7a:
         78:07:8c:0b:bf:72:5f:2d:aa:a3:fa:aa:50:28:be:d6:1f:53:
         5b:bc:5c:77:b7:5d:da:ac:ce:70:dd:97:1f:a9:46:42:06:c0:
         82:75:13:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXc7XpKZHILnBtZlVQbKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQ4MGM1YjQyZWQwYzk1YjlmYmQ0Njc1NDhmMTc1NDI1ODM3OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFDZlpw1L3hJmF2u2eLED5BwNXbK
1NEZyreElhTs283yHSI3CCjrYRpmbeM4XMWHIyH8NbNbnjgHbAJstNvmAZhKTJUY
tmkMPGTVezixs91UIlectTqYi1GQdxQbC+OKzV7VYC71GtCZ9P6gVQBh1XtlLH3l
oRCnhKPjmboZfRWFWFaEQRp+nEg7CVuuUi0RLceKl1wT0OM5hMQ02wpGzs47eOdi
YaotCpuf4AF8oF+qFnz/OPKc/jmuZBtKzAOnJ+0xAcqLOdBpLZ7xzGx8ojXLDhaS
g4HV65pOujkmtT8uHdWS7VWnItBZqV25se9Rg4ur4hkYrTCQXpOGDLjjIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlIDFtC7QyVufvUZ1SPF1Qlg3jcMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvT1VnTVcwTHRESlc1LTlSblZJOFhWQ1dEZU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1SE1MA0G
CSqGSIb3DQEBCwUAA4IBAQCp29i44gZ7Ru/H76Y7WRkkiskeEXZruzx+2bRVDXGI
fnEGXbjC9+gm0EcqimBmXwhyd7nxiIuIzTIj2gZVHnbeOczBSWAenExrAV8X5Hxj
RjLIG1seO1TP58xnThJcfrGmiUr1mMqifP5dKt9M1j0Hyf8PO6FIBBQLrv8IAsSW
QOBa5zdNMPcf3N0aGgL67XzZcF/FbeZD9o4gAzZIfOBiKWZ5XrlAbqhmVkFWZYKH
A0VIT+Z1MVj3Emx0sJeHtoQD6omdjlS/6MkmqzNAekELACwfgBj7Bnp4B4wLv3Jf
Laqj+qpQKL7WH1NbvFx3t13arM5w3ZcfqUZCBsCCdRPv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org