Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/U_pi0c9e6vTuhL1bV-SctIKcwYk.roa
File:                     U_pi0c9e6vTuhL1bV-SctIKcwYk.roa (raw, json)
Hash identifier:          WKkZHs94xhzYVGmk7ewNBvDm34AW7UOZLIzoVmqg0XY=
Subject key identifier:   53:FA:62:D1:CF:5E:EA:F4:EE:84:BD:5B:57:E4:9C:B4:82:9C:C1:89
Certificate issuer:       /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial:       01856C1392BCBED3CE22756EE1CCD2B3D665
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/U_pi0c9e6vTuhL1bV-SctIKcwYk.roa
Signing time:             Sun 01 Jan 2023 06:45:00 +0000
ROA not before:           Sun 01 Jan 2023 06:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208976
IP address blocks:        194.147.211.0/24 maxlen: 24
                          2a12:66c6::/32 maxlen: 32
                          2a12:66c7::/48 maxlen: 48
                          2a12:66c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:13:92:bc:be:d3:ce:22:75:6e:e1:cc:d2:b3:d6:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
        Validity
            Not Before: Jan  1 06:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53fa62d1cf5eeaf4ee84bd5b57e49cb4829cc189
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ed:df:6f:21:85:27:78:93:bd:e2:3d:0b:db:
                    ad:70:78:53:03:4a:88:fd:ee:0f:c4:62:28:4b:48:
                    df:a1:7c:42:0a:6a:b8:b4:03:f3:31:61:b5:a9:c5:
                    95:87:36:20:1e:bc:d2:46:42:31:f9:05:f2:8c:33:
                    32:82:3c:30:3f:78:f6:3e:53:2c:13:0a:55:5f:8b:
                    a0:5e:d9:76:8f:66:22:e6:c9:ac:f9:e1:b7:59:bc:
                    fd:3a:1c:aa:70:90:27:5f:fd:12:15:c6:f1:c7:bd:
                    e6:d5:d2:a5:b7:d2:4d:6c:95:bd:f2:a8:8e:d8:f0:
                    f1:1d:3e:34:cb:75:d4:8e:fc:10:ba:27:48:14:8a:
                    42:45:7f:41:27:c6:d7:63:c3:0c:5b:ba:9a:fd:44:
                    05:29:f9:a9:84:ba:a5:42:81:14:80:f8:d3:68:c4:
                    78:4c:87:40:78:c9:0c:b0:1d:99:4b:3f:6e:99:d3:
                    26:8e:27:08:81:72:d2:e4:f3:42:3c:a5:99:b5:bb:
                    1e:65:e8:3f:9a:79:fc:cd:43:87:b3:f7:fa:57:43:
                    e4:14:b4:91:55:59:0d:7c:11:43:0f:3e:86:67:7c:
                    fe:c0:1d:c4:ac:5f:02:64:91:2c:7e:5a:f0:e9:d6:
                    61:39:70:02:8a:ff:90:59:d3:88:e7:46:6f:d3:6b:
                    0c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:FA:62:D1:CF:5E:EA:F4:EE:84:BD:5B:57:E4:9C:B4:82:9C:C1:89
            X509v3 Authority Key Identifier:
                keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/U_pi0c9e6vTuhL1bV-SctIKcwYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.211.0/24
                IPv6:
                  2a12:66c0::/32
                  2a12:66c6::-2a12:66c7:0:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         1d:cf:01:21:88:4e:e4:e0:6d:05:09:ba:ea:e5:78:75:93:c1:
         e4:c5:9e:0c:d9:0a:69:62:55:ff:7c:02:e9:11:69:18:b8:10:
         b6:75:37:0d:0e:e9:a8:48:4f:d9:d4:fc:73:a1:f3:19:5a:01:
         df:db:1b:69:00:cb:12:7a:0f:33:dd:a3:73:49:36:84:bb:54:
         dd:2e:35:a9:07:33:01:d6:3f:d1:14:31:51:4c:45:f1:1b:db:
         34:b1:33:7b:bb:d9:32:07:42:2c:77:51:79:16:69:2c:8c:66:
         87:47:66:48:8e:60:87:5a:88:31:bf:50:6c:a9:b1:65:93:c5:
         f2:5e:ed:13:05:00:13:9e:8c:21:31:be:33:35:92:bd:2a:cc:
         54:cc:c8:dc:02:ec:72:c1:71:86:bc:60:ef:7c:2d:ed:1e:ce:
         c6:e7:de:79:a2:28:a0:eb:ea:2a:0a:a4:47:b2:44:ff:00:af:
         f4:d2:d0:9d:56:25:68:88:0a:52:09:c7:1d:e2:a6:06:2e:d8:
         46:cd:76:e5:6e:54:70:ea:6b:11:bf:e6:bf:eb:88:44:e3:6d:
         6d:df:fd:84:7a:a0:19:18:fd:18:f2:11:a5:e2:06:f0:f8:85:
         80:40:c8:b2:8a:9f:94:28:9f:28:6a:1c:ff:35:57:2c:7a:65:
         1a:39:93:30
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsE5K8vtPOInVu4czSs9ZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjMwMTAxMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZhNjJkMWNmNWVlYWY0ZWU4NGJkNWI1N2U0OWNiNDgyOWNjMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou3fbyGFJ3iTveI9C9utcHhTA0qI
/e4PxGIoS0jfoXxCCmq4tAPzMWG1qcWVhzYgHrzSRkIx+QXyjDMygjwwP3j2PlMs
EwpVX4ugXtl2j2Yi5sms+eG3Wbz9OhyqcJAnX/0SFcbxx73m1dKlt9JNbJW98qiO
2PDxHT40y3XUjvwQuidIFIpCRX9BJ8bXY8MMW7qa/UQFKfmphLqlQoEUgPjTaMR4
TIdAeMkMsB2ZSz9umdMmjicIgXLS5PNCPKWZtbseZeg/mnn8zUOHs/f6V0PkFLSR
VVkNfBFDDz6GZ3z+wB3ErF8CZJEsflrw6dZhOXACiv+QWdOI50Zv02sMGwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFP6YtHPXur07oS9W1fknLSCnMGJMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvVV9waTBjOWU2dlR1aEwxYlYtU2N0SUtjd1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAwpPTMB8E
AgACMBkDBQAqEmbAMBADBQEqEmbGAwcAKhJmxwAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAdzwEhiE7k4G0FCbrq5Xh1k8HkxZ4M2QppYlX/fALpEWkYuBC2dTcNDumoSE/Z
1PxzofMZWgHf2xtpAMsSeg8z3aNzSTaEu1TdLjWpBzMB1j/RFDFRTEXxG9s0sTN7
u9kyB0Isd1F5FmksjGaHR2ZIjmCHWogxv1BsqbFlk8XyXu0TBQATnowhMb4zNZK9
KsxUzMjcAuxywXGGvGDvfC3tHs7G5955oiig6+oqCqRHskT/AK/00tCdViVoiApS
Cccd4qYGLthGzXblblRw6msRv+a/64hE421t3/2EeqAZGP0Y8hGl4gbw+IWAQMiy
ip+UKJ8oahz/NVcsemUaOZMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:16 2024 by rpki-client on console-fra.rpki-client.org