Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/UfpzstpCvZxkQELEVTRo-JUja8g.roa
File:                     UfpzstpCvZxkQELEVTRo-JUja8g.roa (raw, json)
Hash identifier:          GaiCYitc4dYAthMOUBKOON78yT6VZe+99ocQ3HRVK7U=
Subject key identifier:   51:FA:73:B2:DA:42:BD:9C:64:40:42:C4:55:34:68:F8:95:23:6B:C8
Certificate issuer:       /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial:       01856EC220B69A069721A60CF8DE5490A3D1
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/UfpzstpCvZxkQELEVTRo-JUja8g.roa
Signing time:             Sun 01 Jan 2023 19:14:54 +0000
ROA not before:           Sun 01 Jan 2023 19:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211680
IP address blocks:        185.180.143.0/24 maxlen: 24
                          2a10:3c0:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 05 Jan 2023 16:17:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c2:20:b6:9a:06:97:21:a6:0c:f8:de:54:90:a3:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
        Validity
            Not Before: Jan  1 19:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51fa73b2da42bd9c644042c4553468f895236bc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4e:a1:19:e6:2c:36:f4:2a:be:c6:6b:5d:fa:
                    bc:84:4e:5b:3e:e2:d4:bb:be:78:32:27:7f:d9:51:
                    e2:a0:f7:87:bc:05:a3:e7:6b:fc:30:8c:d3:c4:99:
                    fa:f6:95:48:51:f1:1c:4c:a1:e5:dd:10:fc:a9:28:
                    c8:44:52:da:b6:a2:43:3b:a7:ac:c7:d3:7e:8c:ff:
                    19:0f:97:98:00:23:42:ea:98:65:5b:00:b0:3c:c7:
                    dd:99:08:90:c1:6c:02:47:47:95:de:35:80:e5:58:
                    6f:03:9d:d5:69:db:bd:9c:e5:d2:96:24:66:26:85:
                    81:22:cd:4c:e1:ee:4a:c4:99:c0:eb:51:30:8e:0a:
                    b7:4d:20:f6:9b:15:07:50:89:87:a2:9c:c6:c5:7b:
                    b6:26:d6:9e:84:0c:5e:dd:0e:0a:d1:61:74:08:bf:
                    27:36:3f:9f:74:8b:15:6f:83:7d:14:14:2b:1c:7e:
                    2d:c4:de:b3:6a:64:08:54:8b:f0:32:cc:b3:e4:ea:
                    d2:80:9d:ac:c0:17:67:8d:37:74:d2:77:f5:5b:17:
                    e6:3f:d7:b0:35:09:0c:fa:f9:a4:7f:63:59:df:d8:
                    1c:a6:3e:d9:7c:b7:9b:29:d2:aa:45:72:f9:59:73:
                    0b:9c:da:94:a0:06:64:35:d2:9b:46:5f:b3:cb:2b:
                    64:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:FA:73:B2:DA:42:BD:9C:64:40:42:C4:55:34:68:F8:95:23:6B:C8
            X509v3 Authority Key Identifier:
                keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/UfpzstpCvZxkQELEVTRo-JUja8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.180.143.0/24
                IPv6:
                  2a10:3c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:68:42:a5:90:1f:57:65:4d:fd:c4:48:d9:e2:ab:e5:1b:4e:
         72:d2:da:68:29:21:a9:eb:71:4b:10:58:80:09:6c:3c:da:80:
         b5:29:8a:81:8c:33:68:aa:e5:4b:09:74:49:ca:7a:88:e3:2d:
         c4:1a:0b:82:b4:0b:3c:10:74:50:06:34:1b:10:ff:8a:d8:13:
         0e:5e:22:bd:4d:c6:ce:7f:5e:0a:2c:16:64:d8:b8:ff:86:93:
         0c:64:d2:22:65:21:4b:1e:1f:21:74:18:68:97:d8:fd:47:3e:
         72:61:71:b5:61:85:b7:54:14:67:8d:16:f2:2b:12:43:b1:4d:
         0d:04:44:aa:8b:05:bc:3a:96:54:24:b8:2b:b0:c4:71:e6:50:
         d4:7f:be:cb:91:ba:1a:1f:64:8d:2b:01:cc:49:5f:30:93:da:
         a0:f1:28:8a:47:33:3c:85:18:7c:74:ea:de:72:4f:ad:d1:de:
         cc:db:12:0d:1e:da:18:4c:c3:9d:00:36:b0:ab:26:5d:43:b8:
         9c:ba:b1:a1:95:8b:77:d8:eb:47:d4:7f:9c:db:30:2a:0e:1d:
         b8:9c:28:17:c4:38:e0:b2:44:45:a6:d5:a0:ad:2e:8c:a4:99:
         59:04:c4:9b:c9:29:ef:fe:2a:53:7c:74:27:78:f6:17:64:25:
         f4:5f:97:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuwiC2mgaXIaYM+N5UkKPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZhNzNiMmRhNDJiZDljNjQ0MDQyYzQ1NTM0NjhmODk1MjM2YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU6hGeYsNvQqvsZrXfq8hE5bPuLU
u754Mid/2VHioPeHvAWj52v8MIzTxJn69pVIUfEcTKHl3RD8qSjIRFLatqJDO6es
x9N+jP8ZD5eYACNC6phlWwCwPMfdmQiQwWwCR0eV3jWA5VhvA53Vadu9nOXSliRm
JoWBIs1M4e5KxJnA61Ewjgq3TSD2mxUHUImHopzGxXu2JtaehAxe3Q4K0WF0CL8n
Nj+fdIsVb4N9FBQrHH4txN6zamQIVIvwMsyz5OrSgJ2swBdnjTd00nf1WxfmP9ew
NQkM+vmkf2NZ39gcpj7ZfLebKdKqRXL5WXMLnNqUoAZkNdKbRl+zyytkgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFH6c7LaQr2cZEBCxFU0aPiVI2vIMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvVWZwenN0cEN2WnhrUUVMRVZUUm8tSlVqYThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubSPMA8E
AgACMAkDBwAqEAPAAAEwDQYJKoZIhvcNAQELBQADggEBAJBoQqWQH1dlTf3ESNni
q+UbTnLS2mgpIanrcUsQWIAJbDzagLUpioGMM2iq5UsJdEnKeojjLcQaC4K0CzwQ
dFAGNBsQ/4rYEw5eIr1Nxs5/XgosFmTYuP+Gkwxk0iJlIUseHyF0GGiX2P1HPnJh
cbVhhbdUFGeNFvIrEkOxTQ0ERKqLBbw6llQkuCuwxHHmUNR/vsuRuhofZI0rAcxJ
XzCT2qDxKIpHMzyFGHx06t5yT63R3szbEg0e2hhMw50ANrCrJl1DuJy6saGVi3fY
60fUf5zbMCoOHbicKBfEOOCyREWm1aCtLoykmVkExJvJKe/+KlN8dCd49hdkJfRf
l2g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:39 2024 by rpki-client on console-fra.rpki-client.org