Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/uA1FAR0buyFE0po92viqsOGhttg.roa
File:                     uA1FAR0buyFE0po92viqsOGhttg.roa (raw, json)
Hash identifier:          3xc12uQvyOAABbaOhdfXwgN8//M5iqef2XNkIWpmN7w=
Subject key identifier:   B8:0D:45:01:1D:1B:BB:21:44:D2:9A:3D:DA:F8:AA:B0:E1:A1:B6:D8
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       018570671EB50D1893409A5CD02F1659E85E
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/uA1FAR0buyFE0po92viqsOGhttg.roa
Signing time:             Mon 02 Jan 2023 02:54:44 +0000
ROA not before:           Mon 02 Jan 2023 02:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50530
IP address blocks:        109.125.180.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:1e:b5:0d:18:93:40:9a:5c:d0:2f:16:59:e8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  2 02:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b80d45011d1bbb2144d29a3ddaf8aab0e1a1b6d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:12:36:eb:b4:23:16:2d:61:c8:7d:59:e8:bb:
                    1d:05:9c:19:dd:4b:69:bc:88:71:ce:8c:b7:a7:57:
                    bb:12:ff:ef:bb:0f:6e:3c:9d:b0:20:3d:84:02:3b:
                    9d:83:31:f2:36:ab:51:53:61:46:fc:9a:2e:fc:4e:
                    c6:bf:8f:08:a3:ae:17:c5:53:b5:13:75:cf:b4:48:
                    d8:19:c7:e8:44:25:79:ed:e7:dc:61:98:df:e6:f6:
                    8f:aa:1e:cb:54:49:94:5e:e8:13:04:97:fc:f8:5c:
                    7f:01:1a:8b:cc:94:f1:bf:19:3e:43:ec:e9:0f:54:
                    c3:8f:39:5e:1a:58:24:1a:2c:79:05:fc:1b:84:47:
                    f8:bd:02:73:ac:17:47:d8:c9:8e:6d:95:94:5b:73:
                    ee:b5:2f:f1:5f:5d:eb:69:9a:24:b8:c6:00:7f:09:
                    5c:bc:47:c0:dc:19:d6:ec:98:be:4a:b0:70:64:cb:
                    fd:56:97:bc:10:2b:6c:ea:52:61:fc:a0:b7:29:26:
                    b2:bf:03:62:5b:9a:6c:31:00:42:72:e4:8a:db:a3:
                    9f:fe:8b:ba:44:7a:87:5c:04:0d:32:b4:92:11:74:
                    03:84:2a:e2:d2:bd:43:6b:e2:53:7f:39:df:d9:d9:
                    47:c0:dc:07:86:06:c6:5f:46:32:57:c3:66:77:c8:
                    11:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:0D:45:01:1D:1B:BB:21:44:D2:9A:3D:DA:F8:AA:B0:E1:A1:B6:D8
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/uA1FAR0buyFE0po92viqsOGhttg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.125.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:c9:28:a9:87:52:15:d0:53:5d:a5:09:d1:cc:d1:38:8e:95:
         bc:b6:77:5d:d8:76:8e:6b:8e:58:68:8f:3f:36:8d:28:9a:93:
         0b:57:73:13:c2:16:c7:7f:ef:78:ec:f1:33:53:9d:01:68:99:
         e6:9a:2b:93:ae:37:ef:65:3b:97:83:51:4a:fa:f5:b1:ee:22:
         b0:f6:17:90:66:63:b1:85:44:bb:c0:dc:1a:af:7d:3c:9a:77:
         d3:57:9a:d9:a2:26:9a:3a:fc:a9:01:76:4b:50:c0:03:08:17:
         37:26:4f:5a:da:60:ae:3e:93:b7:f7:27:ea:0a:66:d6:b5:f8:
         b4:a3:23:aa:06:99:b1:fa:47:1c:9e:02:79:1a:bb:84:a4:d8:
         c0:85:ab:50:55:70:86:a3:e4:b0:a7:47:6a:42:34:3e:3e:fc:
         64:4c:e6:d3:1a:60:86:f0:92:da:ed:3f:ac:c2:1a:4c:05:40:
         f1:c6:62:07:5a:6e:d1:06:a5:16:9e:93:9a:cc:dd:26:60:ee:
         f5:bb:a0:1f:0d:a7:90:2d:9d:a4:25:25:9c:8f:44:e5:a6:6b:
         3f:d1:4d:d7:32:0b:d0:7a:30:e0:6e:65:a2:53:3d:67:2c:13:
         e8:7f:7f:6a:45:86:2e:42:d7:fe:88:de:31:10:29:06:ee:63:
         d3:3c:e7:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZx61DRiTQJpc0C8WWeheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODBkNDUwMTFkMWJiYjIxNDRkMjlhM2RkYWY4YWFiMGUxYTFiNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghI267QjFi1hyH1Z6LsdBZwZ3Utp
vIhxzoy3p1e7Ev/vuw9uPJ2wID2EAjudgzHyNqtRU2FG/Jou/E7Gv48Io64XxVO1
E3XPtEjYGcfoRCV57efcYZjf5vaPqh7LVEmUXugTBJf8+Fx/ARqLzJTxvxk+Q+zp
D1TDjzleGlgkGix5BfwbhEf4vQJzrBdH2MmObZWUW3PutS/xX13raZokuMYAfwlc
vEfA3BnW7Ji+SrBwZMv9Vpe8ECts6lJh/KC3KSayvwNiW5psMQBCcuSK26Of/ou6
RHqHXAQNMrSSEXQDhCri0r1Da+JTfznf2dlHwNwHhgbGX0YyV8Nmd8gRNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgNRQEdG7shRNKaPdr4qrDhobbYMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvdUExRkFSMGJ1eUZFMHBvOTJ2aXFzT0dodHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbX20MA0G
CSqGSIb3DQEBCwUAA4IBAQCcySiph1IV0FNdpQnRzNE4jpW8tndd2HaOa45YaI8/
No0ompMLV3MTwhbHf+947PEzU50BaJnmmiuTrjfvZTuXg1FK+vWx7iKw9heQZmOx
hUS7wNwar308mnfTV5rZoiaaOvypAXZLUMADCBc3Jk9a2mCuPpO39yfqCmbWtfi0
oyOqBpmx+kccngJ5GruEpNjAhatQVXCGo+Swp0dqQjQ+PvxkTObTGmCG8JLa7T+s
whpMBUDxxmIHWm7RBqUWnpOazN0mYO71u6AfDaeQLZ2kJSWcj0Tlpms/0U3XMgvQ
ejDgbmWiUz1nLBPof39qRYYuQtf+iN4xECkG7mPTPOeM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:34 2024 by rpki-client on console-ams.rpki-client.org