Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/mLEwjCocsaqTKzBDSR0272-fw6U.roa
File:                     mLEwjCocsaqTKzBDSR0272-fw6U.roa (raw, json)
Hash identifier:          /13MTD2JL1a2qV+tJZVo10oRqjgWHlu+A/8F9u1BDVE=
Subject key identifier:   98:B1:30:8C:2A:1C:B1:AA:93:2B:30:43:49:1D:36:EF:6F:9F:C3:A5
Certificate issuer:       /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial:       0186113CF27ADF30DE901827C5ADF8DA8556
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/mLEwjCocsaqTKzBDSR0272-fw6U.roa
Signing time:             Thu 02 Feb 2023 08:27:32 +0000
ROA not before:           Thu 02 Feb 2023 08:27:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        185.33.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 May 2023 08:28:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:11:3c:f2:7a:df:30:de:90:18:27:c5:ad:f8:da:85:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
        Validity
            Not Before: Feb  2 08:27:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98b1308c2a1cb1aa932b3043491d36ef6f9fc3a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b3:2e:d3:f4:f4:93:5e:08:62:2b:21:16:3c:
                    ea:42:ea:21:6b:82:11:33:35:60:ef:7f:d3:8a:da:
                    ad:32:a9:b6:93:a5:ab:e0:0f:c9:ab:7d:e4:62:5f:
                    a2:c2:58:c8:59:2a:04:4b:6b:d7:28:37:ba:52:b5:
                    9a:14:88:d5:5b:26:b3:29:72:c3:39:85:14:d2:25:
                    9b:03:58:15:46:a7:1c:38:39:d5:4e:1d:fb:e9:14:
                    49:6c:2d:5b:f4:1b:90:00:c8:45:16:8d:75:05:f2:
                    71:37:77:01:ec:bd:26:65:96:71:e0:a0:a7:18:b8:
                    e2:66:5a:09:f4:68:40:92:29:cb:72:59:69:83:d4:
                    58:92:2e:3d:7e:39:54:6a:f2:f3:30:2f:ad:57:67:
                    51:6f:c3:67:db:09:53:b7:f2:e1:59:4e:c3:ee:e2:
                    09:3c:99:db:a1:8d:77:98:7a:9e:0c:c7:b3:03:0c:
                    c3:0e:cd:91:c3:67:6e:13:e9:13:f1:6c:c9:4d:ec:
                    94:37:91:b3:ff:73:31:8c:2c:f6:d2:d5:e2:39:30:
                    8f:17:5f:ac:03:65:da:ed:b9:39:4a:24:03:ac:59:
                    a7:fd:e1:cb:bc:1c:c2:f3:1a:99:ca:22:ad:05:e9:
                    59:37:a0:8d:3a:3d:b4:ac:f3:5f:cf:a4:7c:8e:6f:
                    da:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:B1:30:8C:2A:1C:B1:AA:93:2B:30:43:49:1D:36:EF:6F:9F:C3:A5
            X509v3 Authority Key Identifier:
                keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/mLEwjCocsaqTKzBDSR0272-fw6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:72:02:94:4c:57:07:b9:a6:c9:cd:e1:1b:68:c2:70:9e:d3:
         1c:be:81:86:4c:1d:de:96:2a:c3:f2:39:79:b6:f9:15:bd:e8:
         93:cc:24:aa:c7:a3:b1:83:62:8d:c4:9d:a2:63:5b:f4:dd:c9:
         6d:bc:fb:e2:0e:99:b7:2e:80:a4:c2:96:2a:d2:0b:22:0b:d8:
         ad:9b:a0:98:96:6c:f5:ec:5e:83:bc:23:b8:e3:fb:19:7e:f7:
         72:7c:fe:bf:5f:f4:02:bb:9a:05:79:95:74:84:a8:f6:1c:b1:
         92:78:64:93:52:c5:8f:91:a4:8b:2a:43:ba:fa:33:30:68:d2:
         4e:a1:f3:c0:fa:7d:2a:b9:b3:23:de:49:e0:c2:ae:a3:c6:7d:
         80:e6:65:58:65:0c:fb:6a:e6:fc:7c:2a:5e:f2:1c:7e:a6:f7:
         66:00:07:af:84:51:e6:4f:b6:19:9d:e1:71:f2:7a:70:18:70:
         12:98:81:cc:8c:d1:75:91:85:64:4d:a1:10:24:4c:35:1d:64:
         59:66:14:93:cb:92:40:b3:b8:13:02:45:5e:7c:fd:17:88:45:
         1a:dc:38:18:c7:7b:9f:14:a8:11:49:da:9b:75:03:20:37:6a:
         3a:94:39:03:37:77:4d:c8:97:67:6c:9f:18:05:83:62:7e:e0:
         ea:68:0a:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYRPPJ63zDekBgnxa342oVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjMwMjAyMDgyNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGIxMzA4YzJhMWNiMWFhOTMyYjMwNDM0OTFkMzZlZjZmOWZjM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLMu0/T0k14IYishFjzqQuoha4IR
MzVg73/TitqtMqm2k6Wr4A/Jq33kYl+iwljIWSoES2vXKDe6UrWaFIjVWyazKXLD
OYUU0iWbA1gVRqccODnVTh376RRJbC1b9BuQAMhFFo11BfJxN3cB7L0mZZZx4KCn
GLjiZloJ9GhAkinLcllpg9RYki49fjlUavLzMC+tV2dRb8Nn2wlTt/LhWU7D7uIJ
PJnboY13mHqeDMezAwzDDs2Rw2duE+kT8WzJTeyUN5Gz/3MxjCz20tXiOTCPF1+s
A2Xa7bk5SiQDrFmn/eHLvBzC8xqZyiKtBelZN6CNOj20rPNfz6R8jm/aiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJixMIwqHLGqkyswQ0kdNu9vn8OlMB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEvbUxFd2pDb2NzYXFUS3pCRFNSMDI3Mi1mdzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSEaMA0G
CSqGSIb3DQEBCwUAA4IBAQA6cgKUTFcHuabJzeEbaMJwntMcvoGGTB3elirD8jl5
tvkVveiTzCSqx6Oxg2KNxJ2iY1v03cltvPviDpm3LoCkwpYq0gsiC9itm6CYlmz1
7F6DvCO44/sZfvdyfP6/X/QCu5oFeZV0hKj2HLGSeGSTUsWPkaSLKkO6+jMwaNJO
ofPA+n0qubMj3kngwq6jxn2A5mVYZQz7aub8fCpe8hx+pvdmAAevhFHmT7YZneFx
8npwGHASmIHMjNF1kYVkTaEQJEw1HWRZZhSTy5JAs7gTAkVefP0XiEUa3DgYx3uf
FKgRSdqbdQMgN2o6lDkDN3dNyJdnbJ8YBYNifuDqaAoh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:32 2024 by rpki-client on console-fra.rpki-client.org