Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/UKQtqm5bEooDKoLbnEQhj0GKt_g.roa
File:                     UKQtqm5bEooDKoLbnEQhj0GKt_g.roa (raw, json)
Hash identifier:          OR/vT984n8gbyG/lV67qXKtVuEJ6+OJXfSn2DTaUp5U=
Subject key identifier:   50:A4:2D:AA:6E:5B:12:8A:03:2A:82:DB:9C:44:21:8F:41:8A:B7:F8
Certificate issuer:       /CN=f20bf46303ff54a505f533c554251923e41f5926
Certificate serial:       0189F8657ED1F1D2A67F451F0ABA1C88B965
Authority key identifier: F2:0B:F4:63:03:FF:54:A5:05:F5:33:C5:54:25:19:23:E4:1F:59:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8gv0YwP_VKUF9TPFVCUZI-QfWSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/UKQtqm5bEooDKoLbnEQhj0GKt_g.roa
Signing time:             Tue 15 Aug 2023 08:52:28 +0000
ROA not before:           Tue 15 Aug 2023 08:52:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6696
IP address blocks:        94.139.36.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 15 Aug 2023 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f8:65:7e:d1:f1:d2:a6:7f:45:1f:0a:ba:1c:88:b9:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f20bf46303ff54a505f533c554251923e41f5926
        Validity
            Not Before: Aug 15 08:52:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50a42daa6e5b128a032a82db9c44218f418ab7f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3b:b1:32:8b:e5:cf:9c:4a:53:66:f9:86:63:
                    70:72:24:1c:45:57:c4:b8:27:70:1e:af:c2:c6:f6:
                    1c:a0:c4:0b:d7:aa:a7:b8:08:68:d7:c7:b7:2a:4e:
                    34:1d:70:03:e0:ff:c1:12:22:bc:6e:2d:08:7e:47:
                    59:f5:90:7f:67:33:03:96:74:c9:f1:4c:14:6a:ea:
                    0e:c2:11:02:50:1d:58:bb:83:c2:96:32:06:08:37:
                    f1:aa:8f:a3:cf:da:8b:c2:f8:24:37:35:f5:33:e6:
                    12:6d:30:05:f0:eb:b9:dc:25:0e:f6:96:f9:f2:11:
                    6a:3e:2e:87:3d:59:d1:e1:a7:9b:53:8e:a0:a2:29:
                    11:29:7e:e0:cc:af:de:c2:cf:81:37:69:a8:b0:bb:
                    30:4c:89:ce:81:ba:8d:22:b0:ae:72:4b:3e:d2:94:
                    7d:6a:db:15:e7:1b:a9:9a:b5:3b:62:13:ae:9e:f7:
                    b0:70:5d:ef:c5:61:ab:93:52:79:bb:33:58:8c:41:
                    d4:1f:de:32:ce:7d:16:37:1a:71:b8:be:f2:ed:a0:
                    6a:d0:6b:f8:ae:8c:76:b3:8a:ef:27:d7:6a:66:53:
                    fe:43:83:b8:b0:27:8e:8b:76:45:12:79:a5:62:de:
                    1f:88:3e:b0:35:33:6e:51:4a:af:9e:00:cc:fb:f4:
                    24:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:A4:2D:AA:6E:5B:12:8A:03:2A:82:DB:9C:44:21:8F:41:8A:B7:F8
            X509v3 Authority Key Identifier:
                keyid:F2:0B:F4:63:03:FF:54:A5:05:F5:33:C5:54:25:19:23:E4:1F:59:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gv0YwP_VKUF9TPFVCUZI-QfWSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/UKQtqm5bEooDKoLbnEQhj0GKt_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/8gv0YwP_VKUF9TPFVCUZI-QfWSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.139.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c0:74:81:84:82:aa:a3:b8:0c:22:88:cd:c1:d2:cb:7a:cc:4f:
         8d:e5:1a:f6:76:ba:7d:7b:bf:be:84:5c:81:b6:23:28:03:99:
         cd:c1:0c:e7:d3:0b:48:32:c0:a7:58:84:7f:8f:41:2e:7d:15:
         c3:2d:05:b8:5a:66:66:d4:7a:43:a8:a4:40:51:c9:08:ad:d7:
         8d:06:82:45:c7:92:bd:bc:50:b4:55:c7:da:37:ad:f6:ae:2f:
         2b:02:85:be:ac:f7:22:87:de:5c:bf:fc:e7:30:f5:dc:c8:81:
         a9:f7:13:7e:a8:c9:6b:27:15:04:b0:c1:8d:44:d3:94:da:59:
         4d:56:96:22:a3:db:4a:1d:0d:57:4f:94:3d:20:ab:77:b9:0a:
         af:18:e3:bb:cb:cb:16:0b:61:17:b2:f9:2d:c0:ba:75:5e:5a:
         4a:37:8a:7a:af:42:69:a2:72:2c:70:3f:15:47:82:22:b3:b5:
         a8:5c:0f:7c:12:93:e4:2b:d1:dc:ac:4a:db:7b:5d:3e:c9:1f:
         4c:43:56:0c:65:99:8e:8c:e8:fb:f0:f6:40:e0:8d:1e:21:9b:
         21:a9:5f:55:34:c9:6d:ce:d7:a6:30:e2:bb:7f:d0:7b:a3:51:
         3a:f6:e5:38:c4:29:d1:9c:c5:5c:64:63:c7:80:6a:8a:0c:53:
         51:82:39:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn4ZX7R8dKmf0UfCrociLllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMGJmNDYzMDNmZjU0YTUwNWY1MzNjNTU0MjUxOTIzZTQx
ZjU5MjYwHhcNMjMwODE1MDg1MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGE0MmRhYTZlNWIxMjhhMDMyYTgyZGI5YzQ0MjE4ZjQxOGFiN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjuxMovlz5xKU2b5hmNwciQcRVfE
uCdwHq/CxvYcoMQL16qnuAho18e3Kk40HXAD4P/BEiK8bi0IfkdZ9ZB/ZzMDlnTJ
8UwUauoOwhECUB1Yu4PCljIGCDfxqo+jz9qLwvgkNzX1M+YSbTAF8Ou53CUO9pb5
8hFqPi6HPVnR4aebU46goikRKX7gzK/ews+BN2mosLswTInOgbqNIrCucks+0pR9
atsV5xupmrU7YhOunvewcF3vxWGrk1J5uzNYjEHUH94yzn0WNxpxuL7y7aBq0Gv4
rox2s4rvJ9dqZlP+Q4O4sCeOi3ZFEnmlYt4fiD6wNTNuUUqvngDM+/QkXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCkLapuWxKKAyqC25xEIY9Birf4MB8GA1UdIwQY
MBaAFPIL9GMD/1SlBfUzxVQlGSPkH1kmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGd2MFl3UF9WS1VGOVRQRlZDVVpJLVFmV1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84MTU1OTAtOTUxYy00YzFmLTg2OTct
YzM2OTQwODhmMzRhLzEvVUtRdHFtNWJFb29ES29MYm5FUWhqMEdLdF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84MTU1OTAtOTUxYy00YzFmLTg2OTctYzM2OTQwODhmMzRh
LzEvOGd2MFl3UF9WS1VGOVRQRlZDVVpJLVFmV1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXoskMA0G
CSqGSIb3DQEBCwUAA4IBAQDAdIGEgqqjuAwiiM3B0st6zE+N5Rr2drp9e7++hFyB
tiMoA5nNwQzn0wtIMsCnWIR/j0EufRXDLQW4WmZm1HpDqKRAUckIrdeNBoJFx5K9
vFC0VcfaN632ri8rAoW+rPcih95cv/znMPXcyIGp9xN+qMlrJxUEsMGNRNOU2llN
VpYio9tKHQ1XT5Q9IKt3uQqvGOO7y8sWC2EXsvktwLp1XlpKN4p6r0JponIscD8V
R4Iis7WoXA98EpPkK9HcrErbe10+yR9MQ1YMZZmOjOj78PZA4I0eIZshqV9VNMlt
ztemMOK7f9B7o1E69uU4xCnRnMVcZGPHgGqKDFNRgjla
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:51 2024 by rpki-client on console-ams.rpki-client.org