Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/WUcOkTcxffXlsm-t3C3QvQrmNAQ.roa
File:                     WUcOkTcxffXlsm-t3C3QvQrmNAQ.roa (raw, json)
Hash identifier:          EA++K3uKQ/JYXL9i8zXBWvTtumM0igYQ/d9D3SwCa9Q=
Subject key identifier:   59:47:0E:91:37:31:7D:F5:E5:B2:6F:AD:DC:2D:D0:BD:0A:E6:34:04
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       01873FDF0BB77BC31223A0A9D03E5F1DB251
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/WUcOkTcxffXlsm-t3C3QvQrmNAQ.roa
Signing time:             Sun 02 Apr 2023 02:49:54 +0000
ROA not before:           Sun 02 Apr 2023 02:49:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.214.234.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Apr 2023 02:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:3f:df:0b:b7:7b:c3:12:23:a0:a9:d0:3e:5f:1d:b2:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Apr  2 02:49:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=59470e9137317df5e5b26faddc2dd0bd0ae63404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c3:3d:27:f7:49:7f:00:86:c7:1a:cc:6c:18:
                    2a:a9:76:85:2c:d9:1d:91:18:67:39:23:4d:3d:9d:
                    fd:69:b9:7a:eb:b1:25:3c:b0:c2:12:f5:55:c0:b2:
                    df:08:6d:9d:e5:64:aa:54:9b:48:2f:54:06:ad:c7:
                    ff:eb:c8:d1:17:e8:24:ba:f2:18:1c:a2:6c:0e:a7:
                    67:ba:d4:93:5e:a2:fb:be:64:f3:ed:d4:72:ba:ac:
                    50:17:1b:e3:d0:df:26:82:64:03:0e:88:63:e4:ac:
                    26:98:ff:c9:96:23:87:87:e8:6f:82:e8:81:97:67:
                    57:58:ba:3e:ae:f4:5f:ae:5d:4b:65:51:61:76:db:
                    71:05:a1:bc:a4:05:89:8a:93:f6:26:8b:4a:5c:b2:
                    12:68:ac:af:52:28:df:46:3e:19:03:2a:b4:54:55:
                    f5:58:3e:95:9a:d0:a5:01:28:9e:ce:24:9f:7f:85:
                    a7:d3:46:a7:73:5c:d2:a0:a4:19:84:a0:6b:db:41:
                    a2:cf:8e:a2:05:64:40:9a:42:96:00:bb:fa:a5:7a:
                    d7:82:08:80:ec:5c:11:9f:5f:c0:d4:5b:95:e0:50:
                    f8:d5:e0:2e:7c:9e:1f:9e:ae:56:59:b3:9e:9f:ab:
                    c5:8d:b2:99:b7:78:e4:be:a9:57:0d:9e:65:d7:32:
                    c9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:47:0E:91:37:31:7D:F5:E5:B2:6F:AD:DC:2D:D0:BD:0A:E6:34:04
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/WUcOkTcxffXlsm-t3C3QvQrmNAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:b3:4a:e4:61:3f:9f:a7:77:7f:fe:6e:89:4f:88:e4:ec:10:
         01:96:5a:f2:a3:69:61:47:1b:87:e9:65:2f:09:54:19:f9:cb:
         ec:d3:a2:e9:33:bb:0b:e3:80:d6:d3:9e:76:f5:85:6e:c4:96:
         2d:d8:f8:49:fc:82:c4:00:e6:bd:09:5a:57:7f:ab:fe:de:00:
         64:78:7e:69:4b:35:62:23:f5:ac:61:61:8c:42:15:49:2a:df:
         94:4a:11:8f:3d:5d:ee:ae:cc:d8:5d:98:c4:89:fb:bd:04:af:
         27:82:19:fc:56:c0:8d:e3:75:35:0d:eb:c3:23:91:5b:16:2f:
         cd:4b:83:61:ca:c1:0f:ed:9d:8a:a0:84:ee:17:de:16:ad:db:
         94:d6:a2:de:61:8b:a8:f5:1a:bf:12:2c:d0:a6:e7:5c:4c:e6:
         49:f2:c4:ec:2c:97:c1:16:7e:a3:53:85:ca:f9:93:16:4a:f8:
         fa:5b:de:a3:b0:f8:6f:c0:00:c9:1e:58:6c:5d:52:69:e0:5d:
         8d:3a:98:bd:18:cb:e2:0d:30:dd:cc:ef:ed:a8:6f:ff:d3:9d:
         cb:2d:11:54:a4:e0:1c:30:1a:d6:e7:20:d5:ed:07:76:8e:18:
         cc:0b:14:7c:7a:b9:53:fd:bf:82:0a:94:cf:17:97:3a:d3:c1:
         77:a8:bc:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc/3wu3e8MSI6Cp0D5fHbJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwNDAyMDI0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQ3MGU5MTM3MzE3ZGY1ZTViMjZmYWRkYzJkZDBiZDBhZTYzNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycM9J/dJfwCGxxrMbBgqqXaFLNkd
kRhnOSNNPZ39abl667ElPLDCEvVVwLLfCG2d5WSqVJtIL1QGrcf/68jRF+gkuvIY
HKJsDqdnutSTXqL7vmTz7dRyuqxQFxvj0N8mgmQDDohj5KwmmP/JliOHh+hvguiB
l2dXWLo+rvRfrl1LZVFhdttxBaG8pAWJipP2JotKXLISaKyvUijfRj4ZAyq0VFX1
WD6VmtClASieziSff4Wn00anc1zSoKQZhKBr20Giz46iBWRAmkKWALv6pXrXggiA
7FwRn1/A1FuV4FD41eAufJ4fnq5WWbOen6vFjbKZt3jkvqlXDZ5l1zLJIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlHDpE3MX315bJvrdwt0L0K5jQEMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvV1VjT2tUY3hmZlhsc20tdDNDM1F2UXJtTkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNbqMA0G
CSqGSIb3DQEBCwUAA4IBAQBIs0rkYT+fp3d//m6JT4jk7BABllryo2lhRxuH6WUv
CVQZ+cvs06LpM7sL44DW05529YVuxJYt2PhJ/ILEAOa9CVpXf6v+3gBkeH5pSzVi
I/WsYWGMQhVJKt+UShGPPV3urszYXZjEifu9BK8nghn8VsCN43U1DevDI5FbFi/N
S4NhysEP7Z2KoITuF94WrduU1qLeYYuo9Rq/EizQpudcTOZJ8sTsLJfBFn6jU4XK
+ZMWSvj6W96jsPhvwADJHlhsXVJp4F2NOpi9GMviDTDdzO/tqG//053LLRFUpOAc
MBrW5yDV7Qd2jhjMCxR8erlT/b+CCpTPF5c608F3qLww
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org