Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/UgFnCbfb95ZQehmjNusKcj4Jo14.roa
File:                     UgFnCbfb95ZQehmjNusKcj4Jo14.roa (raw, json)
Hash identifier:          20s4NTquPy3Ck0Mp7ASRQ49G+8dSoBz7GVq6ZFkHBfU=
Subject key identifier:   52:01:67:09:B7:DB:F7:96:50:7A:19:A3:36:EB:0A:72:3E:09:A3:5E
Certificate issuer:       /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial:       018571FA1C12BA431CE3C5D058C82CC892CD
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/UgFnCbfb95ZQehmjNusKcj4Jo14.roa
Signing time:             Mon 02 Jan 2023 10:14:54 +0000
ROA not before:           Mon 02 Jan 2023 10:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48629
IP address blocks:        185.170.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:1c:12:ba:43:1c:e3:c5:d0:58:c8:2c:c8:92:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
        Validity
            Not Before: Jan  2 10:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52016709b7dbf796507a19a336eb0a723e09a35e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3a:50:49:45:78:32:b6:2b:92:48:aa:92:aa:
                    9d:6d:34:02:ab:df:28:c2:3a:4c:32:1a:a0:77:35:
                    dc:aa:22:49:49:5f:12:f4:66:96:4e:8b:86:69:36:
                    51:ca:e3:70:6a:bc:11:cf:68:61:3c:77:ae:8f:c5:
                    cb:99:9d:1e:67:2c:93:ed:85:ca:fa:67:86:ae:b2:
                    f7:04:f6:d6:8f:3b:53:12:1e:cb:79:65:e8:e3:f4:
                    78:e2:15:9c:24:37:f5:8b:fa:df:3f:d8:f6:1f:85:
                    92:e7:4e:6d:63:34:03:e8:bd:29:8b:bf:17:66:73:
                    c7:f8:8d:9d:86:9b:63:3b:fd:41:c5:ac:db:fa:26:
                    a9:cb:69:61:2f:09:53:1b:e9:d6:fc:80:b3:f3:06:
                    b8:7e:20:fa:4e:00:e8:e6:ab:b3:7c:59:6a:d8:d2:
                    8f:72:19:0b:83:39:90:df:5e:da:7d:db:9a:58:6b:
                    e5:78:93:16:b7:ca:06:fb:32:e8:f8:00:c8:67:7c:
                    9f:0d:14:6c:74:5f:ab:ea:76:a0:b9:f1:81:c6:5f:
                    e9:d7:56:bb:c4:56:3f:a9:a6:1d:fc:31:a2:84:d2:
                    1b:41:5e:07:cd:8f:da:b8:79:6f:a4:77:4c:98:3d:
                    94:0b:13:4e:71:4b:e6:72:14:ae:59:fc:ee:f9:ea:
                    2a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:01:67:09:B7:DB:F7:96:50:7A:19:A3:36:EB:0A:72:3E:09:A3:5E
            X509v3 Authority Key Identifier:
                keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/UgFnCbfb95ZQehmjNusKcj4Jo14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.170.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:48:1b:66:b5:c5:0f:dd:ce:53:ba:f4:dc:c4:1f:4b:00:4e:
         ea:34:69:d6:17:ee:ae:bf:53:96:a0:60:b5:ad:0d:bb:ad:50:
         8a:b2:4e:55:d7:f4:b8:95:6d:ae:59:9e:06:f3:18:dd:11:a6:
         38:78:e7:f4:a0:90:4a:84:2f:18:44:d3:3c:f2:92:dc:2a:45:
         8b:c8:aa:a1:eb:1e:c7:21:6a:2e:ed:94:9d:cc:d4:87:ac:8a:
         7a:08:12:41:78:d8:ef:62:df:10:76:75:9e:3b:e2:41:ca:ed:
         ad:06:02:5b:68:d4:39:b1:4d:e0:1a:ec:ed:9a:23:52:a5:df:
         40:18:a6:64:23:ed:14:ee:fb:f8:c8:8f:78:24:37:ae:d3:ad:
         09:65:9c:1d:ea:67:82:44:61:3d:ff:1f:4b:59:bd:bc:12:79:
         7d:5c:6b:d8:70:13:fa:c3:de:5c:49:75:6b:9d:5f:7d:fe:ab:
         30:e7:55:8d:42:c3:4d:e9:f4:60:39:80:18:89:49:47:9d:b5:
         06:ee:a7:33:43:82:0d:97:83:c8:b8:1b:3a:9d:bb:6f:62:69:
         c3:ea:bf:03:c9:66:03:2a:34:34:0c:f6:12:19:dd:06:6c:fa:
         56:51:b8:c0:01:07:ba:2b:5a:f4:fc:08:a3:5d:3d:87:e1:39:
         ce:70:2b:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+hwSukMc48XQWMgsyJLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjMwMTAyMTAxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAxNjcwOWI3ZGJmNzk2NTA3YTE5YTMzNmViMGE3MjNlMDlhMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTpQSUV4MrYrkkiqkqqdbTQCq98o
wjpMMhqgdzXcqiJJSV8S9GaWTouGaTZRyuNwarwRz2hhPHeuj8XLmZ0eZyyT7YXK
+meGrrL3BPbWjztTEh7LeWXo4/R44hWcJDf1i/rfP9j2H4WS505tYzQD6L0pi78X
ZnPH+I2dhptjO/1Bxazb+iapy2lhLwlTG+nW/ICz8wa4fiD6TgDo5quzfFlq2NKP
chkLgzmQ317afduaWGvleJMWt8oG+zLo+ADIZ3yfDRRsdF+r6nagufGBxl/p11a7
xFY/qaYd/DGihNIbQV4HzY/auHlvpHdMmD2UCxNOcUvmchSuWfzu+eoqwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIBZwm32/eWUHoZozbrCnI+CaNeMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvVWdGbkNiZmI5NVpRZWhtak51c0tjajRKbzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaqDMA0G
CSqGSIb3DQEBCwUAA4IBAQBPSBtmtcUP3c5TuvTcxB9LAE7qNGnWF+6uv1OWoGC1
rQ27rVCKsk5V1/S4lW2uWZ4G8xjdEaY4eOf0oJBKhC8YRNM88pLcKkWLyKqh6x7H
IWou7ZSdzNSHrIp6CBJBeNjvYt8QdnWeO+JByu2tBgJbaNQ5sU3gGuztmiNSpd9A
GKZkI+0U7vv4yI94JDeu060JZZwd6meCRGE9/x9LWb28Enl9XGvYcBP6w95cSXVr
nV99/qsw51WNQsNN6fRgOYAYiUlHnbUG7qczQ4INl4PIuBs6nbtvYmnD6r8DyWYD
KjQ0DPYSGd0GbPpWUbjAAQe6K1r0/AijXT2H4TnOcCts
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:21 2024 by rpki-client on console-ams.rpki-client.org