Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/bd7780-eb53-4c1d-acce-cfe7e3f9f92d/1/UT4pDTJkrsWrz_HLg1aWsLI0kUc.roa
File:                     UT4pDTJkrsWrz_HLg1aWsLI0kUc.roa (raw, json)
Hash identifier:          JswGMR8h3Lcvq61iDb5H15DC5NafSg6Nwb6zqn2tXyY=
Subject key identifier:   51:3E:29:0D:32:64:AE:C5:AB:CF:F1:CB:83:56:96:B0:B2:34:91:47
Certificate issuer:       /CN=54ce2445a2e8874318bf249b73a654c990919ee0
Certificate serial:       01857094F08D551D47CCFCCA798D46C3B572
Authority key identifier: 54:CE:24:45:A2:E8:87:43:18:BF:24:9B:73:A6:54:C9:90:91:9E:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VM4kRaLoh0MYvySbc6ZUyZCRnuA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/bd7780-eb53-4c1d-acce-cfe7e3f9f92d/1/UT4pDTJkrsWrz_HLg1aWsLI0kUc.roa
Signing time:             Mon 02 Jan 2023 03:44:47 +0000
ROA not before:           Mon 02 Jan 2023 03:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48154
IP address blocks:        94.125.152.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:94:f0:8d:55:1d:47:cc:fc:ca:79:8d:46:c3:b5:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54ce2445a2e8874318bf249b73a654c990919ee0
        Validity
            Not Before: Jan  2 03:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=513e290d3264aec5abcff1cb835696b0b2349147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:13:c6:7c:15:f1:d2:c3:84:64:a8:20:bf:ba:
                    82:95:f2:6a:94:77:f1:75:32:a2:e4:07:b6:b6:73:
                    d9:95:6a:d9:09:20:32:e7:ba:1f:71:6c:37:86:69:
                    2c:54:49:a7:13:f2:3e:38:c7:54:56:56:d4:1c:17:
                    aa:a2:4f:45:5e:ae:d7:6a:0c:99:9d:f6:f8:c0:02:
                    b5:03:ea:1c:12:fe:98:d1:18:66:eb:df:85:8b:c2:
                    73:68:5b:a7:16:af:fe:30:e0:fb:92:38:6e:95:95:
                    c6:05:6d:de:ba:f5:97:18:6f:76:dd:f9:35:73:cc:
                    35:fe:a6:7d:47:a9:a7:1b:c3:d6:7c:01:4c:af:84:
                    ef:96:75:86:0f:df:1e:e4:3c:7d:d6:ff:9e:ff:54:
                    14:cb:29:d8:21:4a:2b:e2:7c:4e:fc:9e:8f:c0:f4:
                    8f:d4:a0:15:ae:00:43:13:39:57:09:93:db:df:4a:
                    c8:ec:a7:ed:2f:8e:9d:e4:f3:20:fa:63:f5:66:92:
                    69:b0:5d:b9:8b:90:4e:35:5e:b5:d5:59:a7:7f:8a:
                    b3:bd:90:4a:fb:aa:1f:2c:d5:4b:a6:0a:87:6f:ff:
                    42:bf:b4:92:fc:b7:10:6a:40:c7:38:34:b4:93:4b:
                    a4:e3:5d:9f:23:d7:29:fa:17:e8:b8:a8:c0:db:30:
                    da:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:3E:29:0D:32:64:AE:C5:AB:CF:F1:CB:83:56:96:B0:B2:34:91:47
            X509v3 Authority Key Identifier:
                keyid:54:CE:24:45:A2:E8:87:43:18:BF:24:9B:73:A6:54:C9:90:91:9E:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VM4kRaLoh0MYvySbc6ZUyZCRnuA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/bd7780-eb53-4c1d-acce-cfe7e3f9f92d/1/UT4pDTJkrsWrz_HLg1aWsLI0kUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/bd7780-eb53-4c1d-acce-cfe7e3f9f92d/1/VM4kRaLoh0MYvySbc6ZUyZCRnuA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.125.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         59:6a:a9:46:a3:1b:4f:03:f5:5b:9f:8f:dc:8a:3b:67:dd:e9:
         c0:a5:d9:95:38:69:d3:b6:84:c7:03:83:80:ba:00:77:7a:dc:
         e0:21:85:07:1b:3e:62:51:80:70:50:aa:b4:cf:5e:8d:6a:37:
         11:82:a0:3d:8b:63:ff:3f:08:d1:49:0e:b3:b1:42:b4:fc:b4:
         ae:89:e2:f8:0e:e0:09:56:88:1c:05:56:fb:9a:b6:55:35:c9:
         d5:d2:7e:35:aa:38:05:9f:7d:07:0d:39:a3:0c:f7:68:97:76:
         06:64:46:c3:3c:b1:ea:4c:99:c1:a7:2c:5f:0b:bb:91:92:d0:
         dd:76:61:73:86:a5:73:a1:83:dc:8f:a1:8e:32:eb:16:f6:85:
         79:be:0a:05:23:5d:4e:4c:85:70:ae:ae:73:2f:b7:4b:ed:bc:
         fb:c3:45:72:7d:22:02:ac:26:76:ab:98:89:04:78:89:36:fd:
         2c:87:b1:d4:1a:a4:c1:f0:d6:5a:2a:07:d8:97:aa:f6:0e:62:
         bf:e5:63:6c:29:ae:3c:37:d1:40:d7:b0:e3:64:6b:9b:b4:38:
         1e:2e:0f:ac:a1:ef:53:ad:c9:08:4b:11:6f:e4:e2:f1:3a:5f:
         dd:a3:7b:a6:d3:89:e1:68:11:37:73:7c:6a:dc:66:38:61:28:
         45:a9:dc:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlPCNVR1HzPzKeY1Gw7VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2UyNDQ1YTJlODg3NDMxOGJmMjQ5YjczYTY1NGM5OTA5
MTllZTAwHhcNMjMwMTAyMDM0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTNlMjkwZDMyNjRhZWM1YWJjZmYxY2I4MzU2OTZiMGIyMzQ5MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBPGfBXx0sOEZKggv7qClfJqlHfx
dTKi5Ae2tnPZlWrZCSAy57ofcWw3hmksVEmnE/I+OMdUVlbUHBeqok9FXq7XagyZ
nfb4wAK1A+ocEv6Y0Rhm69+Fi8JzaFunFq/+MOD7kjhulZXGBW3euvWXGG923fk1
c8w1/qZ9R6mnG8PWfAFMr4TvlnWGD98e5Dx91v+e/1QUyynYIUor4nxO/J6PwPSP
1KAVrgBDEzlXCZPb30rI7KftL46d5PMg+mP1ZpJpsF25i5BONV611Vmnf4qzvZBK
+6ofLNVLpgqHb/9Cv7SS/LcQakDHODS0k0uk412fI9cp+hfouKjA2zDaKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFE+KQ0yZK7Fq8/xy4NWlrCyNJFHMB8GA1UdIwQY
MBaAFFTOJEWi6IdDGL8km3OmVMmQkZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk00a1JhTG9oME1ZdnlTYmM2WlV5WkNSbnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iZDc3ODAtZWI1My00YzFkLWFjY2Ut
Y2ZlN2UzZjlmOTJkLzEvVVQ0cERUSmtyc1dyel9ITGcxYVdzTEkwa1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iZDc3ODAtZWI1My00YzFkLWFjY2UtY2ZlN2UzZjlmOTJk
LzEvVk00a1JhTG9oME1ZdnlTYmM2WlV5WkNSbnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn2YMA0G
CSqGSIb3DQEBCwUAA4IBAQBZaqlGoxtPA/Vbn4/cijtn3enApdmVOGnTtoTHA4OA
ugB3etzgIYUHGz5iUYBwUKq0z16NajcRgqA9i2P/PwjRSQ6zsUK0/LSuieL4DuAJ
VogcBVb7mrZVNcnV0n41qjgFn30HDTmjDPdol3YGZEbDPLHqTJnBpyxfC7uRktDd
dmFzhqVzoYPcj6GOMusW9oV5vgoFI11OTIVwrq5zL7dL7bz7w0VyfSICrCZ2q5iJ
BHiJNv0sh7HUGqTB8NZaKgfYl6r2DmK/5WNsKa48N9FA17DjZGubtDgeLg+soe9T
rckISxFv5OLxOl/do3um04nhaBE3c3xq3GY4YShFqdyy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:03 2024 by rpki-client on console-fra.rpki-client.org