Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/uFXgrl68p4Axbc2DrvHUXkap6Lg.roa
File:                     uFXgrl68p4Axbc2DrvHUXkap6Lg.roa (raw, json)
Hash identifier:          kzlbpfLSSQvKaoFyGGzVzk98ag1nOVQYuVLP+WE0wf0=
Subject key identifier:   B8:55:E0:AE:5E:BC:A7:80:31:6D:CD:83:AE:F1:D4:5E:46:A9:E8:B8
Certificate issuer:       /CN=4a97bc504f3075fb4f39236408c1c2d547b44c26
Certificate serial:       0185704BB68E2F47A5F7389189F6014FF291
Authority key identifier: 4A:97:BC:50:4F:30:75:FB:4F:39:23:64:08:C1:C2:D5:47:B4:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Spe8UE8wdftPOSNkCMHC1Ue0TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/uFXgrl68p4Axbc2DrvHUXkap6Lg.roa
Signing time:             Mon 02 Jan 2023 02:24:48 +0000
ROA not before:           Mon 02 Jan 2023 02:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15580
IP address blocks:        193.108.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:b6:8e:2f:47:a5:f7:38:91:89:f6:01:4f:f2:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a97bc504f3075fb4f39236408c1c2d547b44c26
        Validity
            Not Before: Jan  2 02:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b855e0ae5ebca780316dcd83aef1d45e46a9e8b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:05:2a:00:96:f0:7e:26:9b:2d:b0:5f:ca:47:
                    fb:d7:bf:e1:7d:bb:c9:72:b5:1e:a3:53:1e:b5:76:
                    4f:1f:4c:35:e6:53:da:12:2f:4f:c5:f7:61:db:ca:
                    2d:35:be:27:42:74:e8:54:d4:72:1a:a0:fa:b9:fd:
                    27:24:5d:b8:6c:b8:bb:bb:16:33:5e:47:7b:d0:84:
                    9e:8e:39:a2:10:1c:8c:31:26:99:38:c1:0c:a0:e8:
                    3b:b6:03:7b:75:16:19:dc:5f:76:89:d1:e4:4a:1e:
                    9f:2a:8d:17:f2:31:7d:d8:4e:43:5f:a9:58:b3:d0:
                    7e:e1:07:4b:3b:b6:61:b4:79:5a:d0:e1:98:9b:22:
                    d5:9f:e2:93:7e:cc:e3:10:8c:8d:88:ea:22:f5:9a:
                    62:bf:8b:fd:c7:21:bf:ce:62:0b:8e:9a:5e:e9:ca:
                    4b:c4:55:15:c6:34:c5:54:24:e6:58:23:48:ff:20:
                    35:12:76:2c:75:b1:d7:9b:f0:3f:7d:63:61:9e:59:
                    5e:07:0a:71:e8:cd:6a:b3:64:7b:d5:71:07:08:05:
                    d3:f3:95:2e:92:7f:09:9c:fa:f3:69:4c:d8:32:a4:
                    84:34:c7:2e:1b:94:72:33:0c:68:c2:7f:e7:0b:b2:
                    30:a1:6b:8b:5f:46:f8:d8:4f:c4:cc:47:ce:86:e8:
                    18:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:55:E0:AE:5E:BC:A7:80:31:6D:CD:83:AE:F1:D4:5E:46:A9:E8:B8
            X509v3 Authority Key Identifier:
                keyid:4A:97:BC:50:4F:30:75:FB:4F:39:23:64:08:C1:C2:D5:47:B4:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Spe8UE8wdftPOSNkCMHC1Ue0TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/uFXgrl68p4Axbc2DrvHUXkap6Lg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/Spe8UE8wdftPOSNkCMHC1Ue0TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:0f:c5:ce:9b:f6:d2:e3:ab:a2:57:4c:c2:91:4d:88:d3:d4:
         85:83:1e:62:3b:bd:55:8b:4b:6c:8f:bb:f7:0c:9e:77:91:2d:
         93:eb:01:db:75:49:24:95:2b:cf:de:7f:c8:11:fd:bf:16:ed:
         3f:3d:0b:aa:ef:a6:31:37:f9:40:44:90:26:47:29:10:4b:54:
         16:3e:7a:36:86:b4:e8:66:3c:b0:2a:4a:3e:b9:14:bc:00:27:
         c7:4c:6f:c7:50:c7:3c:cb:4d:00:02:54:94:11:29:2e:81:f8:
         69:af:6d:c4:64:13:8e:8b:74:75:df:a8:fd:4d:25:e6:d8:c9:
         34:16:e6:75:94:8b:b9:66:07:21:6c:e0:55:24:fb:af:53:a4:
         c7:99:b8:eb:04:ca:9c:b0:22:1a:53:74:a1:1e:14:fb:38:c7:
         a2:f3:43:88:84:65:31:61:f2:dc:ba:54:8c:86:31:10:83:83:
         12:c4:fc:16:c8:28:33:c1:9c:13:f7:53:9e:7e:31:89:79:08:
         93:17:ed:85:93:cc:44:de:df:23:2f:32:20:f7:d0:73:25:a9:
         42:a5:f8:b9:28:f8:31:d6:7e:d2:c3:90:01:98:c3:0d:bf:3a:
         d3:02:41:24:1e:3e:4a:9d:94:80:3a:3d:01:24:d3:4f:0a:c9:
         78:d1:dd:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS7aOL0el9ziRifYBT/KRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOTdiYzUwNGYzMDc1ZmI0ZjM5MjM2NDA4YzFjMmQ1NDdi
NDRjMjYwHhcNMjMwMTAyMDIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU1ZTBhZTVlYmNhNzgwMzE2ZGNkODNhZWYxZDQ1ZTQ2YTllOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgUqAJbwfiabLbBfykf717/hfbvJ
crUeo1MetXZPH0w15lPaEi9Pxfdh28otNb4nQnToVNRyGqD6uf0nJF24bLi7uxYz
Xkd70ISejjmiEByMMSaZOMEMoOg7tgN7dRYZ3F92idHkSh6fKo0X8jF92E5DX6lY
s9B+4QdLO7ZhtHla0OGYmyLVn+KTfszjEIyNiOoi9Zpiv4v9xyG/zmILjppe6cpL
xFUVxjTFVCTmWCNI/yA1EnYsdbHXm/A/fWNhnlleBwpx6M1qs2R71XEHCAXT85Uu
kn8JnPrzaUzYMqSENMcuG5RyMwxown/nC7IwoWuLX0b42E/EzEfOhugYQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhV4K5evKeAMW3Ng67x1F5Gqei4MB8GA1UdIwQY
MBaAFEqXvFBPMHX7TzkjZAjBwtVHtEwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3BlOFVFOHdkZnRQT1NOa0NNSEMxVWUwVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDUwMWItMThlYS00MjgwLTg1YTQt
OTMyOWY5MTc5ZmRhLzEvdUZYZ3JsNjhwNEF4YmMyRHJ2SFVYa2FwNkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDUwMWItMThlYS00MjgwLTg1YTQtOTMyOWY5MTc5ZmRh
LzEvU3BlOFVFOHdkZnRQT1NOa0NNSEMxVWUwVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWyvMA0G
CSqGSIb3DQEBCwUAA4IBAQCJD8XOm/bS46uiV0zCkU2I09SFgx5iO71Vi0tsj7v3
DJ53kS2T6wHbdUkklSvP3n/IEf2/Fu0/PQuq76YxN/lARJAmRykQS1QWPno2hrTo
ZjywKko+uRS8ACfHTG/HUMc8y00AAlSUESkugfhpr23EZBOOi3R136j9TSXm2Mk0
FuZ1lIu5ZgchbOBVJPuvU6THmbjrBMqcsCIaU3ShHhT7OMei80OIhGUxYfLculSM
hjEQg4MSxPwWyCgzwZwT91OefjGJeQiTF+2Fk8xE3t8jLzIg99BzJalCpfi5KPgx
1n7Sw5ABmMMNvzrTAkEkHj5KnZSAOj0BJNNPCsl40d29
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:14 2024 by rpki-client on console-ams.rpki-client.org