Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/UZCHrHzFCpYCU7W2EAl0B087gFI.roa
File:                     UZCHrHzFCpYCU7W2EAl0B087gFI.roa (raw, json)
Hash identifier:          vXkVlaYfNXQo5Snos/RzoQLMvf44Pxq2SrwWGgMwBm4=
Subject key identifier:   51:90:87:AC:7C:C5:0A:96:02:53:B5:B6:10:09:74:07:4F:3B:80:52
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018829B5B42F482ACBB576DA0846ACD40B0A
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/UZCHrHzFCpYCU7W2EAl0B087gFI.roa
Signing time:             Wed 17 May 2023 12:35:54 +0000
ROA not before:           Wed 17 May 2023 12:35:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397563
IP address blocks:        80.246.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 May 2023 19:57:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:29:b5:b4:2f:48:2a:cb:b5:76:da:08:46:ac:d4:0b:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: May 17 12:35:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=519087ac7cc50a960253b5b6100974074f3b8052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:51:90:a9:b2:0b:f1:bc:e8:81:8e:0d:7b:06:
                    92:a9:d9:bf:8b:dd:b7:63:52:1b:72:8c:ed:bf:69:
                    ae:93:8b:c7:b1:62:f5:00:ff:42:3b:e7:84:ba:1d:
                    65:02:1c:2e:fd:7a:b1:d7:a0:06:cd:5b:1f:c2:50:
                    83:a0:03:85:de:64:df:1a:7c:db:6c:f5:b9:ea:f6:
                    b2:66:10:23:11:cb:1c:85:46:8d:be:f8:29:0f:41:
                    13:8a:23:ff:2b:9a:2b:95:f6:54:06:14:91:9e:ce:
                    36:41:23:76:31:61:d9:18:98:ef:20:06:1a:c5:03:
                    92:f5:ba:47:71:5a:ab:33:72:cb:f6:ac:00:95:76:
                    8c:60:d6:9d:7a:f4:78:7f:05:04:4f:00:a5:ec:82:
                    c5:f6:d5:a2:8a:88:92:ba:8c:88:0b:dd:79:44:76:
                    12:3f:49:f5:05:cb:b6:f0:48:4a:b2:b0:c6:ed:66:
                    ad:65:5a:58:34:0e:ca:a2:a6:af:95:c3:07:99:f9:
                    f7:e3:5d:a8:8d:a9:64:d1:06:9d:4d:4d:df:bb:4a:
                    2e:93:e4:f3:f9:5d:a5:a2:4e:5e:4a:e8:6a:b6:e1:
                    6d:4e:49:94:b0:10:c5:d5:74:8a:02:c5:c5:1a:1d:
                    fd:bf:6e:7e:51:f2:1a:fc:a9:87:5f:98:b8:7c:b8:
                    3f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:90:87:AC:7C:C5:0A:96:02:53:B5:B6:10:09:74:07:4F:3B:80:52
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/UZCHrHzFCpYCU7W2EAl0B087gFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:5b:f9:67:5b:f6:14:10:f3:01:1e:8e:e4:ce:4d:62:24:bd:
         d5:2b:23:90:f0:90:0a:d1:a3:39:df:a3:a7:ce:58:ea:b9:c4:
         e2:57:54:83:ee:1a:d6:7d:6f:61:5d:7f:8e:e3:68:2d:4d:01:
         3f:8b:6f:50:23:23:46:87:04:a9:b8:d6:23:47:c7:67:42:bb:
         e6:f9:7f:e1:8d:ae:47:e1:a7:ef:c4:5c:7a:f7:8b:b5:c9:c1:
         9a:09:ce:32:96:3a:6c:34:bf:05:b3:d6:ac:2d:e7:7a:3b:6c:
         32:3d:2e:40:51:93:a2:97:4d:df:9d:94:38:67:d7:a0:76:de:
         8b:7b:af:6e:7c:71:d6:a6:65:f4:28:9b:d2:e9:ca:e9:49:c9:
         7d:b8:ab:40:40:cf:1e:87:aa:a2:de:f9:dd:6c:ab:52:bd:84:
         91:07:54:75:ad:df:1f:76:25:59:5f:83:05:b6:1b:54:35:91:
         90:5a:b9:42:0c:cc:00:ea:0e:8c:77:cd:35:0a:c1:70:1b:de:
         7f:d2:99:ea:7f:14:51:83:29:0a:f1:52:d1:a2:06:97:c0:67:
         ea:15:a6:b3:2e:98:2c:43:4c:48:b8:a1:35:9d:4d:d9:47:9f:
         66:a8:13:f9:2b:90:bf:20:a7:9b:d0:8c:ef:0a:ab:e3:3c:cf:
         5e:9a:6a:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgptbQvSCrLtXbaCEas1AsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwNTE3MTIzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTkwODdhYzdjYzUwYTk2MDI1M2I1YjYxMDA5NzQwNzRmM2I4MDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVGQqbIL8bzogY4NewaSqdm/i923
Y1Ibcoztv2muk4vHsWL1AP9CO+eEuh1lAhwu/Xqx16AGzVsfwlCDoAOF3mTfGnzb
bPW56vayZhAjEcschUaNvvgpD0ETiiP/K5orlfZUBhSRns42QSN2MWHZGJjvIAYa
xQOS9bpHcVqrM3LL9qwAlXaMYNadevR4fwUETwCl7ILF9tWiioiSuoyIC915RHYS
P0n1Bcu28EhKsrDG7WatZVpYNA7KoqavlcMHmfn3412ojalk0QadTU3fu0ouk+Tz
+V2lok5eSuhqtuFtTkmUsBDF1XSKAsXFGh39v25+UfIa/KmHX5i4fLg/kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGQh6x8xQqWAlO1thAJdAdPO4BSMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvVVpDSHJIekZDcFlDVTdXMkVBbDBCMDg3Z0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPbpMA0G
CSqGSIb3DQEBCwUAA4IBAQAJW/lnW/YUEPMBHo7kzk1iJL3VKyOQ8JAK0aM536On
zljqucTiV1SD7hrWfW9hXX+O42gtTQE/i29QIyNGhwSpuNYjR8dnQrvm+X/hja5H
4afvxFx694u1ycGaCc4yljpsNL8Fs9asLed6O2wyPS5AUZOil03fnZQ4Z9egdt6L
e69ufHHWpmX0KJvS6crpScl9uKtAQM8eh6qi3vndbKtSvYSRB1R1rd8fdiVZX4MF
thtUNZGQWrlCDMwA6g6Md801CsFwG95/0pnqfxRRgykK8VLRogaXwGfqFaazLpgs
Q0xIuKE1nU3ZR59mqBP5K5C/IKeb0IzvCqvjPM9emmoL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org