Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/mln98NxqiMgO2BQ5VylpqUHpdps.roa
File:                     mln98NxqiMgO2BQ5VylpqUHpdps.roa (raw, json)
Hash identifier:          UrH3xLySr2hhTIGmNllRPbEkSMA34CfUh6kElrb74TM=
Subject key identifier:   9A:59:FD:F0:DC:6A:88:C8:0E:D8:14:39:57:29:69:A9:41:E9:76:9B
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018C53744F8950D414B4C82C92AC54672773
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/mln98NxqiMgO2BQ5VylpqUHpdps.roa
Signing time:             Sun 10 Dec 2023 11:19:40 +0000
ROA not before:           Sun 10 Dec 2023 11:19:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199760
IP address blocks:        160.214.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Dec 2023 13:17:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:53:74:4f:89:50:d4:14:b4:c8:2c:92:ac:54:67:27:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Dec 10 11:19:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a59fdf0dc6a88c80ed81439572969a941e9769b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:10:6e:c8:65:93:70:4e:7e:88:ba:1c:89:34:
                    bc:79:fc:11:5e:ad:1a:a5:0e:5a:a2:cb:f5:f1:bb:
                    2a:6d:cc:04:5b:79:d2:18:f2:3f:79:dc:15:28:93:
                    6a:33:7a:ac:62:0d:28:a2:5e:2a:45:6d:39:17:59:
                    7b:26:62:2a:44:6c:c4:36:ae:52:42:f1:07:bf:8b:
                    71:d2:fd:f3:b6:10:cc:af:0b:ba:dd:47:31:cd:bd:
                    ba:ab:41:4c:c5:65:46:77:85:09:3c:66:e4:b4:f9:
                    d9:02:58:34:bf:88:69:da:15:ea:a1:b1:11:43:b5:
                    99:a7:cf:19:97:2f:ef:fe:0e:02:64:5d:24:b8:c6:
                    35:d6:cb:05:f7:d8:ee:7d:d7:12:4d:3a:64:b7:66:
                    d8:68:73:cc:20:ec:5f:40:93:d1:fe:7f:6b:33:3c:
                    b0:5e:87:0e:e4:ca:6d:da:e2:e6:f3:65:0c:b5:95:
                    e4:05:e3:ea:a2:84:fe:79:9f:76:46:ca:57:9a:82:
                    88:5b:37:bf:2c:f9:b5:45:46:dc:88:62:ab:18:df:
                    51:42:dd:61:29:3e:90:22:e3:db:96:cd:ea:4b:b5:
                    2b:60:43:c5:e5:84:9b:4d:f1:e1:70:93:60:3e:47:
                    8f:3d:92:08:18:7b:55:a1:b1:a0:d7:88:23:e0:ed:
                    6c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:59:FD:F0:DC:6A:88:C8:0E:D8:14:39:57:29:69:A9:41:E9:76:9B
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/mln98NxqiMgO2BQ5VylpqUHpdps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:37:e8:6f:3e:31:a3:74:7f:15:a3:e9:01:3f:f8:1f:b3:af:
         6e:57:dd:6b:df:02:17:c0:4e:a1:67:86:99:6f:ed:89:cb:ab:
         9a:82:be:60:ad:7e:0e:82:d1:8e:d1:9f:f6:ee:cb:27:b4:c4:
         5e:af:64:04:c8:ab:2b:e4:b8:d9:3b:49:26:ea:1f:8c:86:17:
         c5:89:30:2b:41:6b:86:c6:82:c2:db:a4:27:bf:b7:d7:6c:27:
         58:7b:d8:18:55:99:99:23:27:1a:0d:cf:73:08:c6:20:4e:16:
         4c:fc:c4:2f:c2:c3:34:75:d8:fc:ef:97:c2:80:f2:2d:24:a9:
         0e:17:16:b2:67:e2:87:cd:02:e7:ad:d5:87:49:6a:72:b6:27:
         0d:05:14:76:51:a8:85:d3:cf:eb:b0:f2:1a:81:d5:8c:34:9a:
         7a:29:cc:9a:31:a7:d5:9a:13:23:bf:64:1e:0e:cd:86:f1:ae:
         05:e7:36:d7:99:0c:12:52:3f:16:fb:4c:d4:55:9e:15:bc:48:
         6c:06:b4:ad:d0:ef:cf:80:3f:88:ce:f1:f9:33:f8:95:03:15:
         47:bc:7c:be:7c:72:65:a4:6e:09:59:6b:19:56:1b:1c:38:d1:
         57:42:1f:64:cc:63:7a:84:a6:ca:ea:33:f5:05:34:30:fa:2f:
         11:64:67:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxTdE+JUNQUtMgskqxUZydzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMjEwMTExOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTU5ZmRmMGRjNmE4OGM4MGVkODE0Mzk1NzI5NjlhOTQxZTk3NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxBuyGWTcE5+iLociTS8efwRXq0a
pQ5aosv18bsqbcwEW3nSGPI/edwVKJNqM3qsYg0ool4qRW05F1l7JmIqRGzENq5S
QvEHv4tx0v3zthDMrwu63Ucxzb26q0FMxWVGd4UJPGbktPnZAlg0v4hp2hXqobER
Q7WZp88Zly/v/g4CZF0kuMY11ssF99jufdcSTTpkt2bYaHPMIOxfQJPR/n9rMzyw
XocO5Mpt2uLm82UMtZXkBePqooT+eZ92RspXmoKIWze/LPm1RUbciGKrGN9RQt1h
KT6QIuPbls3qS7UrYEPF5YSbTfHhcJNgPkePPZIIGHtVobGg14gj4O1sEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpZ/fDcaojIDtgUOVcpaalB6XabMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvbWxuOThOeHFpTWdPMkJRNVZ5bHBxVUhwZHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZtMA0G
CSqGSIb3DQEBCwUAA4IBAQBtN+hvPjGjdH8Vo+kBP/gfs69uV91r3wIXwE6hZ4aZ
b+2Jy6uagr5grX4OgtGO0Z/27ssntMRer2QEyKsr5LjZO0km6h+MhhfFiTArQWuG
xoLC26Qnv7fXbCdYe9gYVZmZIycaDc9zCMYgThZM/MQvwsM0ddj875fCgPItJKkO
FxayZ+KHzQLnrdWHSWpyticNBRR2UaiF08/rsPIagdWMNJp6KcyaMafVmhMjv2Qe
Ds2G8a4F5zbXmQwSUj8W+0zUVZ4VvEhsBrSt0O/PgD+IzvH5M/iVAxVHvHy+fHJl
pG4JWWsZVhscONFXQh9kzGN6hKbK6jP1BTQw+i8RZGeG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org