Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/dbe446-9da3-4854-b5d3-25a38a246fa2/1/UDZlQ7Gos8Y4YJIgrKjVeKr63AY.roa
File:                     UDZlQ7Gos8Y4YJIgrKjVeKr63AY.roa (raw, json)
Hash identifier:          JsH04PCWwaW2Q/GBlmw32RUdZvkC6zT6xjUJJuMJeAw=
Subject key identifier:   50:36:65:43:B1:A8:B3:C6:38:60:92:20:AC:A8:D5:78:AA:FA:DC:06
Certificate issuer:       /CN=8b42c752a9b0983128b3d295e45ea16b33ee7df9
Certificate serial:       0185701EE51FABEDFB7133D262365FB63D9B
Authority key identifier: 8B:42:C7:52:A9:B0:98:31:28:B3:D2:95:E4:5E:A1:6B:33:EE:7D:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i0LHUqmwmDEos9KV5F6hazPuffk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/dbe446-9da3-4854-b5d3-25a38a246fa2/1/UDZlQ7Gos8Y4YJIgrKjVeKr63AY.roa
Signing time:             Mon 02 Jan 2023 01:35:50 +0000
ROA not before:           Mon 02 Jan 2023 01:35:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41295
IP address blocks:        194.24.178.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:e5:1f:ab:ed:fb:71:33:d2:62:36:5f:b6:3d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b42c752a9b0983128b3d295e45ea16b33ee7df9
        Validity
            Not Before: Jan  2 01:35:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50366543b1a8b3c638609220aca8d578aafadc06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:1b:4f:5b:f3:20:6d:f6:8d:e1:04:50:2f:71:
                    8f:e5:62:75:6e:10:d2:dc:fb:01:b1:f6:42:e9:8d:
                    80:b2:94:1e:c1:69:a9:16:d2:53:5b:ac:05:f7:a0:
                    48:97:03:71:73:f2:98:8b:2c:f1:02:41:aa:af:5f:
                    80:fc:cd:bd:1f:2d:15:73:d0:59:c3:a7:f2:4e:7c:
                    05:98:21:a8:2d:66:9b:17:c8:bb:66:43:c3:a7:e9:
                    2a:57:78:9f:19:3b:d4:07:05:c9:8f:f4:57:be:9b:
                    90:e2:f3:2c:62:df:be:04:3c:99:69:e3:c1:47:21:
                    7f:2a:6f:87:b2:90:a4:8e:dc:76:96:29:7b:77:f6:
                    6c:10:eb:6b:ec:6c:e1:21:f5:86:11:9b:63:68:c8:
                    b7:8a:c2:99:f1:8d:2a:25:93:ea:b9:00:eb:19:b4:
                    6d:6a:96:45:cb:c6:e4:33:87:21:48:26:ff:9b:fd:
                    02:08:2c:e3:a5:3a:34:60:77:02:c0:f5:1a:f0:47:
                    9c:97:df:c7:c4:bc:80:e9:e4:7d:68:67:d0:73:1b:
                    5b:47:26:99:d4:88:bb:64:9c:a3:f0:26:44:24:ba:
                    b6:5c:70:ca:42:a8:65:4d:53:17:c0:d6:b5:62:c8:
                    e0:70:37:7c:d2:13:63:2f:87:91:ab:6e:73:f3:94:
                    a7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:36:65:43:B1:A8:B3:C6:38:60:92:20:AC:A8:D5:78:AA:FA:DC:06
            X509v3 Authority Key Identifier:
                keyid:8B:42:C7:52:A9:B0:98:31:28:B3:D2:95:E4:5E:A1:6B:33:EE:7D:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0LHUqmwmDEos9KV5F6hazPuffk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dbe446-9da3-4854-b5d3-25a38a246fa2/1/UDZlQ7Gos8Y4YJIgrKjVeKr63AY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dbe446-9da3-4854-b5d3-25a38a246fa2/1/i0LHUqmwmDEos9KV5F6hazPuffk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.24.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:58:03:d3:18:c7:66:2a:ef:36:be:db:e7:75:36:b8:a9:4f:
         63:51:29:c3:98:c3:b3:70:17:ae:de:44:1d:76:c9:7b:9c:2b:
         34:61:9f:81:8c:81:aa:d2:58:ba:42:32:e8:ef:01:80:2f:8e:
         96:b1:81:74:db:b4:a7:82:07:84:23:27:e0:91:7c:8f:2c:06:
         6d:83:36:1c:7a:90:4b:57:56:07:8d:e3:0e:3b:c5:62:18:86:
         90:c5:f9:2b:c2:38:a2:8b:b1:00:c8:91:4b:7a:88:91:03:25:
         ba:21:26:a4:54:29:f1:08:07:c3:a1:56:bb:d9:f3:ef:21:dc:
         e7:1c:22:63:10:f8:97:4a:ab:39:13:b3:25:2f:39:84:44:56:
         88:fe:3c:7e:bd:66:b1:b8:63:80:f8:a0:08:99:c6:ad:56:11:
         81:f7:9f:44:39:6c:3e:c2:b6:26:46:43:b4:6d:47:e3:df:21:
         ff:8d:ec:aa:68:3c:55:47:c4:ba:f9:18:b6:86:11:40:94:55:
         f0:52:93:da:bd:e4:dd:29:0f:01:bb:ba:11:8d:f9:4d:20:c1:
         85:e2:12:f4:50:53:b5:d6:3a:f2:8e:c8:87:90:f4:d5:eb:0e:
         88:7d:62:70:54:0c:6b:98:4e:45:bd:37:3f:2d:d8:34:b6:ec:
         0c:ab:c2:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHuUfq+37cTPSYjZftj2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDJjNzUyYTliMDk4MzEyOGIzZDI5NWU0NWVhMTZiMzNl
ZTdkZjkwHhcNMjMwMTAyMDEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM2NjU0M2IxYThiM2M2Mzg2MDkyMjBhY2E4ZDU3OGFhZmFkYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBtPW/MgbfaN4QRQL3GP5WJ1bhDS
3PsBsfZC6Y2AspQewWmpFtJTW6wF96BIlwNxc/KYiyzxAkGqr1+A/M29Hy0Vc9BZ
w6fyTnwFmCGoLWabF8i7ZkPDp+kqV3ifGTvUBwXJj/RXvpuQ4vMsYt++BDyZaePB
RyF/Km+HspCkjtx2lil7d/ZsEOtr7GzhIfWGEZtjaMi3isKZ8Y0qJZPquQDrGbRt
apZFy8bkM4chSCb/m/0CCCzjpTo0YHcCwPUa8Eecl9/HxLyA6eR9aGfQcxtbRyaZ
1Ii7ZJyj8CZEJLq2XHDKQqhlTVMXwNa1YsjgcDd80hNjL4eRq25z85SnnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFA2ZUOxqLPGOGCSIKyo1Xiq+twGMB8GA1UdIwQY
MBaAFItCx1KpsJgxKLPSleReoWsz7n35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBMSFVxbXdtREVvczlLVjVGNmhhelB1ZmZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kYmU0NDYtOWRhMy00ODU0LWI1ZDMt
MjVhMzhhMjQ2ZmEyLzEvVURabFE3R29zOFk0WUpJZ3JLalZlS3I2M0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kYmU0NDYtOWRhMy00ODU0LWI1ZDMtMjVhMzhhMjQ2ZmEy
LzEvaTBMSFVxbXdtREVvczlLVjVGNmhhelB1ZmZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwhiyMA0G
CSqGSIb3DQEBCwUAA4IBAQA2WAPTGMdmKu82vtvndTa4qU9jUSnDmMOzcBeu3kQd
dsl7nCs0YZ+BjIGq0li6QjLo7wGAL46WsYF027SnggeEIyfgkXyPLAZtgzYcepBL
V1YHjeMOO8ViGIaQxfkrwjiii7EAyJFLeoiRAyW6ISakVCnxCAfDoVa72fPvIdzn
HCJjEPiXSqs5E7MlLzmERFaI/jx+vWaxuGOA+KAImcatVhGB959EOWw+wrYmRkO0
bUfj3yH/jeyqaDxVR8S6+Ri2hhFAlFXwUpPaveTdKQ8Bu7oRjflNIMGF4hL0UFO1
1jryjsiHkPTV6w6IfWJwVAxrmE5FvTc/Ldg0tuwMq8JC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:02 2024 by rpki-client on console-fra.rpki-client.org