Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/MQyMF3XAh81Gs8TccZ14Bgq9rD0.roa
File:                     MQyMF3XAh81Gs8TccZ14Bgq9rD0.roa (raw, json)
Hash identifier:          uYVkseOWnNalS4pPe+0+CNEfjr/S4GUCbe3AEEnV4gw=
Subject key identifier:   31:0C:8C:17:75:C0:87:CD:46:B3:C4:DC:71:9D:78:06:0A:BD:AC:3D
Certificate issuer:       /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial:       018ABA2ABB320B9E84BC13900BDA394F869B
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/MQyMF3XAh81Gs8TccZ14Bgq9rD0.roa
Signing time:             Thu 21 Sep 2023 23:54:37 +0000
ROA not before:           Thu 21 Sep 2023 23:54:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        46.34.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Nov 2023 11:41:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ba:2a:bb:32:0b:9e:84:bc:13:90:0b:da:39:4f:86:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
        Validity
            Not Before: Sep 21 23:54:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=310c8c1775c087cd46b3c4dc719d78060abdac3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:32:6e:f3:a7:06:00:d8:17:ac:97:89:9a:94:
                    55:64:95:42:2d:16:c0:7e:03:30:09:d9:a9:e3:14:
                    b6:56:7a:fd:54:f4:ea:00:e9:8b:6d:b7:db:55:91:
                    6c:b4:df:6b:28:bd:84:0c:46:d5:dc:9d:b3:23:6f:
                    55:12:68:c1:13:77:fa:74:af:ab:e8:5f:64:d1:5a:
                    b4:1f:c5:bb:6a:1c:59:05:0a:b6:be:da:f9:5a:9f:
                    0d:74:7a:1a:74:a8:49:9f:12:5e:8c:db:5a:96:7b:
                    29:3c:5b:9f:2b:c1:29:c6:41:ae:24:48:32:4c:7c:
                    10:a7:22:f5:63:27:3b:75:3b:1f:66:c9:8c:06:6b:
                    16:d9:8c:06:f3:5f:c1:33:7a:18:11:2c:b7:cd:7d:
                    f6:d2:d5:8e:be:d0:be:8e:c7:82:97:3f:d6:8c:63:
                    8d:d0:b3:ff:54:4e:44:0f:a1:02:2a:59:72:ab:29:
                    01:3c:a0:45:df:91:be:a5:71:d7:27:b4:9b:79:67:
                    30:c1:eb:0d:32:4b:65:04:f9:c4:13:e8:94:b9:63:
                    55:d2:72:9c:38:25:82:ba:67:06:92:64:31:f3:44:
                    7a:80:38:39:a8:1a:6c:ce:d4:f4:91:f0:50:71:6c:
                    b2:2b:b4:8a:28:11:2e:2e:1e:b8:d8:f9:ca:d0:72:
                    cb:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:0C:8C:17:75:C0:87:CD:46:B3:C4:DC:71:9D:78:06:0A:BD:AC:3D
            X509v3 Authority Key Identifier:
                keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/MQyMF3XAh81Gs8TccZ14Bgq9rD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.34.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:14:dd:63:66:a5:65:e8:26:c1:39:e5:b8:e7:e8:73:cd:47:
         c2:6b:ef:9c:4e:1a:7c:7f:24:2e:98:38:54:6f:ac:c4:e7:f1:
         d8:3a:4e:1f:65:56:9b:87:90:fc:de:14:ff:4c:7d:36:48:80:
         0f:7e:42:d3:90:b4:01:89:c0:ec:74:af:a2:a2:91:df:b8:9d:
         ac:d0:18:97:5f:02:28:3b:c7:52:22:c0:cf:d5:7e:c5:5e:8e:
         35:34:39:dc:e6:79:52:88:1a:6a:bd:29:9f:1c:c0:2a:fb:93:
         dc:00:77:4a:b2:eb:54:d6:a8:81:05:60:d5:d8:ae:ca:71:8f:
         99:c5:38:08:72:4c:c4:68:f8:2a:d5:ab:3e:de:5d:56:b3:ca:
         bf:c9:e8:4e:1e:38:42:2a:4a:53:69:de:a6:08:92:13:44:13:
         3e:46:66:d5:18:d0:b1:2e:3b:47:33:2b:99:fa:f4:20:f1:69:
         24:c3:2a:84:b1:c0:57:2c:45:f1:37:e3:eb:72:8f:24:65:1f:
         08:52:e6:93:69:77:c9:3d:8d:4d:50:a3:8a:c4:84:71:66:3e:
         35:d3:4f:46:f5:3a:5d:2e:f3:a6:da:33:38:23:2c:2d:aa:26:
         46:5b:24:4a:0e:c7:da:a8:52:20:60:7c:09:2d:ae:eb:a2:5f:
         0f:f9:ef:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq6KrsyC56EvBOQC9o5T4abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwOTIxMjM1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBjOGMxNzc1YzA4N2NkNDZiM2M0ZGM3MTlkNzgwNjBhYmRhYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDJu86cGANgXrJeJmpRVZJVCLRbA
fgMwCdmp4xS2Vnr9VPTqAOmLbbfbVZFstN9rKL2EDEbV3J2zI29VEmjBE3f6dK+r
6F9k0Vq0H8W7ahxZBQq2vtr5Wp8NdHoadKhJnxJejNtalnspPFufK8EpxkGuJEgy
THwQpyL1Yyc7dTsfZsmMBmsW2YwG81/BM3oYESy3zX320tWOvtC+jseClz/WjGON
0LP/VE5ED6ECKllyqykBPKBF35G+pXHXJ7SbeWcwwesNMktlBPnEE+iUuWNV0nKc
OCWCumcGkmQx80R6gDg5qBpsztT0kfBQcWyyK7SKKBEuLh642PnK0HLLmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEMjBd1wIfNRrPE3HGdeAYKvaw9MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvTVF5TUYzWEFoODFHczhUY2NaMTRCZ3E5ckQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiI3MA0G
CSqGSIb3DQEBCwUAA4IBAQAuFN1jZqVl6CbBOeW45+hzzUfCa++cThp8fyQumDhU
b6zE5/HYOk4fZVabh5D83hT/TH02SIAPfkLTkLQBicDsdK+iopHfuJ2s0BiXXwIo
O8dSIsDP1X7FXo41NDnc5nlSiBpqvSmfHMAq+5PcAHdKsutU1qiBBWDV2K7KcY+Z
xTgIckzEaPgq1as+3l1Ws8q/yehOHjhCKkpTad6mCJITRBM+RmbVGNCxLjtHMyuZ
+vQg8WkkwyqEscBXLEXxN+Prco8kZR8IUuaTaXfJPY1NUKOKxIRxZj41009G9Tpd
LvOm2jM4IywtqiZGWyRKDsfaqFIgYHwJLa7rol8P+e/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org