Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5f0579-0efa-422b-aa68-a434fd088fd0/1/uzzx_Wyyt-uEYkoPRJdoWluPG7w.roa
File:                     uzzx_Wyyt-uEYkoPRJdoWluPG7w.roa (raw, json)
Hash identifier:          qjHVf+eFwYoi360meJV6OIT7vEvD3qdfEd31HaopO/I=
Subject key identifier:   BB:3C:F1:FD:6C:B2:B7:EB:84:62:4A:0F:44:97:68:5A:5B:8F:1B:BC
Certificate issuer:       /CN=27e367d8decf7d626e54780f80e57360d2c078cd
Certificate serial:       018CC5DD0DE26D6A86B5A4FC0C40A6DFD4F1
Authority key identifier: 27:E3:67:D8:DE:CF:7D:62:6E:54:78:0F:80:E5:73:60:D2:C0:78:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J-Nn2N7PfWJuVHgPgOVzYNLAeM0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5f0579-0efa-422b-aa68-a434fd088fd0/1/uzzx_Wyyt-uEYkoPRJdoWluPG7w.roa
Signing time:             Mon 01 Jan 2024 16:30:47 +0000
ROA not before:           Mon 01 Jan 2024 16:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204184
IP address blocks:        185.245.53.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 17:48:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dd:0d:e2:6d:6a:86:b5:a4:fc:0c:40:a6:df:d4:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27e367d8decf7d626e54780f80e57360d2c078cd
        Validity
            Not Before: Jan  1 16:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb3cf1fd6cb2b7eb84624a0f4497685a5b8f1bbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:f3:8d:3b:88:89:f2:39:47:21:48:6e:42:4e:
                    58:32:20:6d:74:a9:b3:4e:a1:9f:d2:b5:41:75:ce:
                    1e:04:c2:0e:1d:4a:84:b9:30:c7:70:4a:11:32:bb:
                    55:4a:1a:14:d5:3e:c1:67:f0:cc:3b:9e:3f:0c:cb:
                    b0:e8:6e:f0:a1:d7:74:21:6f:a2:fb:54:20:2d:6c:
                    ec:1b:bf:00:32:bc:a4:e0:dd:fc:05:a7:d0:2d:a5:
                    9d:b7:a6:ce:c7:42:66:73:6e:1f:ea:59:08:e5:c6:
                    45:e5:29:64:08:81:8b:8e:bb:00:6a:fb:81:f2:ca:
                    09:4a:fd:ca:7e:22:45:9f:11:c2:93:0f:71:47:0e:
                    df:12:76:9a:44:f7:d1:73:04:09:5f:2d:fd:ab:cb:
                    16:7d:2c:57:c6:47:47:a5:4d:3e:32:50:3e:1d:15:
                    76:1a:53:68:c2:dd:1b:f9:8e:54:1a:81:d0:02:60:
                    6e:b5:1e:45:19:1a:8b:17:c7:6d:50:d0:77:53:14:
                    46:84:f1:e9:8b:60:58:ff:2a:e7:56:64:ed:0c:00:
                    8a:35:56:3c:5f:80:b0:8d:38:a3:b1:c1:f7:2e:0c:
                    c9:66:4d:11:eb:30:06:93:51:6a:e9:06:41:1c:3a:
                    3b:3a:38:8e:dd:c3:df:72:d6:1f:de:28:3c:7a:2b:
                    e4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:3C:F1:FD:6C:B2:B7:EB:84:62:4A:0F:44:97:68:5A:5B:8F:1B:BC
            X509v3 Authority Key Identifier:
                keyid:27:E3:67:D8:DE:CF:7D:62:6E:54:78:0F:80:E5:73:60:D2:C0:78:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-Nn2N7PfWJuVHgPgOVzYNLAeM0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5f0579-0efa-422b-aa68-a434fd088fd0/1/uzzx_Wyyt-uEYkoPRJdoWluPG7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5f0579-0efa-422b-aa68-a434fd088fd0/1/J-Nn2N7PfWJuVHgPgOVzYNLAeM0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:57:c1:e1:0e:e7:c6:44:ae:8c:68:ae:40:77:47:e5:48:dd:
         ee:72:8f:6a:6e:65:60:00:e7:94:69:f1:41:dd:e5:7f:bd:ac:
         9a:da:9c:c3:cf:62:a8:17:96:46:ac:0c:7e:26:99:19:0e:8a:
         8b:ec:ce:b1:86:f2:c9:6a:a1:20:6d:a6:ae:78:ef:b5:1f:68:
         42:c6:09:ea:30:51:e6:6f:2a:81:f9:44:fb:e4:5a:5a:08:fe:
         92:21:75:1e:0a:1e:03:c1:e1:21:0a:a7:c0:ac:00:ce:02:70:
         a7:29:20:e9:c3:01:cc:ed:b7:60:3d:5d:5d:27:c3:d8:58:10:
         93:14:d1:f1:0e:47:02:f4:99:b6:e4:d2:ea:2e:6f:26:95:a9:
         e3:72:57:8d:f7:37:26:23:c9:49:f0:1b:b2:ba:53:97:1a:f5:
         47:db:5c:e0:5e:2d:f2:b3:23:5f:2e:c7:dd:dd:12:43:07:3e:
         1c:14:60:2f:bf:1b:ec:b4:e6:3c:bf:73:c0:47:27:17:7c:ac:
         3d:ac:2e:74:c9:1a:9f:50:16:e0:44:7a:ae:6c:66:bf:5b:5f:
         cc:38:81:6c:78:e4:3a:e7:76:28:2e:7f:89:04:3e:97:13:83:
         bd:75:d7:c4:37:6c:0d:b5:9e:a6:63:9e:3b:fd:48:04:c2:a9:
         34:5f:88:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Q3ibWqGtaT8DECm39TxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZTM2N2Q4ZGVjZjdkNjI2ZTU0NzgwZjgwZTU3MzYwZDJj
MDc4Y2QwHhcNMjQwMTAxMTYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjNjZjFmZDZjYjJiN2ViODQ2MjRhMGY0NDk3Njg1YTViOGYxYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvONO4iJ8jlHIUhuQk5YMiBtdKmz
TqGf0rVBdc4eBMIOHUqEuTDHcEoRMrtVShoU1T7BZ/DMO54/DMuw6G7wodd0IW+i
+1QgLWzsG78AMryk4N38BafQLaWdt6bOx0Jmc24f6lkI5cZF5SlkCIGLjrsAavuB
8soJSv3KfiJFnxHCkw9xRw7fEnaaRPfRcwQJXy39q8sWfSxXxkdHpU0+MlA+HRV2
GlNowt0b+Y5UGoHQAmButR5FGRqLF8dtUNB3UxRGhPHpi2BY/yrnVmTtDACKNVY8
X4CwjTijscH3LgzJZk0R6zAGk1Fq6QZBHDo7OjiO3cPfctYf3ig8eivkwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLs88f1ssrfrhGJKD0SXaFpbjxu8MB8GA1UdIwQY
MBaAFCfjZ9jez31iblR4D4Dlc2DSwHjNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSi1ObjJON1BmV0p1VkhnUGdPVnpZTkxBZU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81ZjA1NzktMGVmYS00MjJiLWFhNjgt
YTQzNGZkMDg4ZmQwLzEvdXp6eF9XeXl0LXVFWWtvUFJKZG9XbHVQRzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81ZjA1NzktMGVmYS00MjJiLWFhNjgtYTQzNGZkMDg4ZmQw
LzEvSi1ObjJON1BmV0p1VkhnUGdPVnpZTkxBZU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufU1MA0G
CSqGSIb3DQEBCwUAA4IBAQCNV8HhDufGRK6MaK5Ad0flSN3uco9qbmVgAOeUafFB
3eV/vaya2pzDz2KoF5ZGrAx+JpkZDoqL7M6xhvLJaqEgbaaueO+1H2hCxgnqMFHm
byqB+UT75FpaCP6SIXUeCh4DweEhCqfArADOAnCnKSDpwwHM7bdgPV1dJ8PYWBCT
FNHxDkcC9Jm25NLqLm8mlanjcleN9zcmI8lJ8BuyulOXGvVH21zgXi3ysyNfLsfd
3RJDBz4cFGAvvxvstOY8v3PARycXfKw9rC50yRqfUBbgRHqubGa/W1/MOIFseOQ6
53YoLn+JBD6XE4O9ddfEN2wNtZ6mY547/UgEwqk0X4hR
-----END CERTIFICATE-----
Generated at Wed Apr 30 14:12:42 2025 by rpki-client