Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/UGEMw4QVKULEZcjp2hTKxetNYqs.roa
File:                     UGEMw4QVKULEZcjp2hTKxetNYqs.roa (raw, json)
Hash identifier:          jtElZfIvnplKnzejyiyZadnarAGpFBMVOCGLghpugLI=
Subject key identifier:   50:61:0C:C3:84:15:29:42:C4:65:C8:E9:DA:14:CA:C5:EB:4D:62:AB
Certificate issuer:       /CN=d81bef5a1a31ef5cfc036b9c2b70a42abd04007e
Certificate serial:       01856D01620BC7A5FDF57A6370CD3AA0F8FB
Authority key identifier: D8:1B:EF:5A:1A:31:EF:5C:FC:03:6B:9C:2B:70:A4:2A:BD:04:00:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/UGEMw4QVKULEZcjp2hTKxetNYqs.roa
Signing time:             Sun 01 Jan 2023 11:04:45 +0000
ROA not before:           Sun 01 Jan 2023 11:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204536
IP address blocks:        185.87.180.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:62:0b:c7:a5:fd:f5:7a:63:70:cd:3a:a0:f8:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81bef5a1a31ef5cfc036b9c2b70a42abd04007e
        Validity
            Not Before: Jan  1 11:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50610cc384152942c465c8e9da14cac5eb4d62ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ab:c5:57:3b:27:31:a0:31:75:57:89:1d:ec:
                    77:a5:bc:ad:c7:36:18:46:8c:60:65:a5:58:dc:2d:
                    eb:a2:11:2d:35:d9:ac:7d:bd:28:c8:0d:e3:ce:66:
                    70:ee:e1:e0:e7:27:13:08:e6:7c:cb:81:9a:17:23:
                    da:3c:03:76:6e:fa:b3:24:75:56:4b:40:24:30:aa:
                    bc:6f:ef:84:e4:1c:7e:51:4a:fd:e5:57:6e:34:c6:
                    a2:ce:a8:8d:6e:97:d2:24:ee:d7:88:61:18:6b:20:
                    72:b2:67:f6:93:11:c1:80:54:1c:73:e3:28:17:b2:
                    90:d3:a6:a6:c7:63:77:22:86:f2:6e:32:85:f5:99:
                    10:25:90:00:b4:2e:47:da:66:98:2c:7b:b1:5c:14:
                    5b:a6:fe:42:b6:4d:12:28:0a:5f:f4:8e:94:06:95:
                    f3:c1:9f:2e:53:da:52:2a:7b:67:b1:64:43:ff:e7:
                    18:36:25:84:3d:2e:c6:29:d0:e8:90:b5:94:a3:56:
                    74:4a:f5:2e:9a:86:81:64:a0:bc:ab:5f:bb:eb:cb:
                    c0:e8:29:0f:14:15:0b:1b:dd:4c:84:95:0d:00:1d:
                    2f:60:89:c4:fa:a9:53:03:1d:c1:69:24:20:31:40:
                    64:4c:af:3b:4c:37:c6:66:d8:fa:3c:36:12:c7:f9:
                    68:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:61:0C:C3:84:15:29:42:C4:65:C8:E9:DA:14:CA:C5:EB:4D:62:AB
            X509v3 Authority Key Identifier:
                keyid:D8:1B:EF:5A:1A:31:EF:5C:FC:03:6B:9C:2B:70:A4:2A:BD:04:00:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/UGEMw4QVKULEZcjp2hTKxetNYqs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/2BvvWhox71z8A2ucK3CkKr0EAH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.87.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:f6:c1:c5:1c:f7:09:c1:56:75:6d:ca:28:58:11:c5:ad:d5:
         94:15:e6:a9:a1:af:c7:ac:7d:2a:93:3c:8a:d0:82:00:cb:1e:
         c8:d2:d5:45:6e:88:26:eb:fa:55:ed:9f:69:14:e0:3b:f4:b9:
         1d:1e:30:b2:8d:8b:c6:8d:50:b1:2f:cf:39:a0:50:d8:09:66:
         c8:95:30:20:95:7d:50:81:88:15:45:02:90:98:65:ee:75:ac:
         f8:ab:4a:c6:41:cb:a9:93:c8:a1:9d:e1:dd:59:ad:3b:ff:fc:
         0d:13:78:86:de:0f:34:99:1d:4d:b4:c7:cc:ae:72:b6:5c:41:
         01:0d:5c:b9:d8:9c:81:6b:48:6c:0d:8a:60:15:f8:bd:b6:3e:
         d3:83:cb:94:fb:8a:67:1c:a1:21:a9:63:75:f1:a1:44:af:bc:
         3d:b4:e8:13:b4:9e:b4:dc:a5:88:31:91:39:27:84:ee:e6:8a:
         9e:e1:c5:0c:6d:73:6e:1b:e2:36:f2:4d:48:6c:0c:40:9b:57:
         e3:2f:42:01:6c:23:21:e7:1e:4c:f3:ef:df:a9:b8:f0:d8:69:
         51:95:52:3b:72:f8:8c:bc:95:82:a0:12:2b:38:75:40:7b:f9:
         fa:fe:11:78:56:88:69:26:4a:21:55:dc:32:32:95:60:c1:50:
         90:f0:b4:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAWILx6X99XpjcM06oPj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWJlZjVhMWEzMWVmNWNmYzAzNmI5YzJiNzBhNDJhYmQw
NDAwN2UwHhcNMjMwMTAxMTEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDYxMGNjMzg0MTUyOTQyYzQ2NWM4ZTlkYTE0Y2FjNWViNGQ2MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6vFVzsnMaAxdVeJHex3pbytxzYY
RoxgZaVY3C3rohEtNdmsfb0oyA3jzmZw7uHg5ycTCOZ8y4GaFyPaPAN2bvqzJHVW
S0AkMKq8b++E5Bx+UUr95VduNMaizqiNbpfSJO7XiGEYayBysmf2kxHBgFQcc+Mo
F7KQ06amx2N3IobybjKF9ZkQJZAAtC5H2maYLHuxXBRbpv5Ctk0SKApf9I6UBpXz
wZ8uU9pSKntnsWRD/+cYNiWEPS7GKdDokLWUo1Z0SvUumoaBZKC8q1+768vA6CkP
FBULG91MhJUNAB0vYInE+qlTAx3BaSQgMUBkTK87TDfGZtj6PDYSx/lo1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBhDMOEFSlCxGXI6doUysXrTWKrMB8GA1UdIwQY
MBaAFNgb71oaMe9c/ANrnCtwpCq9BAB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ2dldob3g3MXo4QTJ1Y0szQ2tLcjBFQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81NmViZDItODE4NS00OGJkLWJiZDQt
OWNlZWJhOGJhMjRjLzEvVUdFTXc0UVZLVUxFWmNqcDJoVEt4ZXROWXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81NmViZDItODE4NS00OGJkLWJiZDQtOWNlZWJhOGJhMjRj
LzEvMkJ2dldob3g3MXo4QTJ1Y0szQ2tLcjBFQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVe0MA0G
CSqGSIb3DQEBCwUAA4IBAQBf9sHFHPcJwVZ1bcooWBHFrdWUFeapoa/HrH0qkzyK
0IIAyx7I0tVFbogm6/pV7Z9pFOA79LkdHjCyjYvGjVCxL885oFDYCWbIlTAglX1Q
gYgVRQKQmGXudaz4q0rGQcupk8ihneHdWa07//wNE3iG3g80mR1NtMfMrnK2XEEB
DVy52JyBa0hsDYpgFfi9tj7Tg8uU+4pnHKEhqWN18aFEr7w9tOgTtJ603KWIMZE5
J4Tu5oqe4cUMbXNuG+I28k1IbAxAm1fjL0IBbCMh5x5M8+/fqbjw2GlRlVI7cviM
vJWCoBIrOHVAe/n6/hF4VohpJkohVdwyMpVgwVCQ8LRb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:05 2024 by rpki-client on console-ams.rpki-client.org