Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MfLHXnHiGwkXh40hIKr3YmBhR3k.roa
File:                     MfLHXnHiGwkXh40hIKr3YmBhR3k.roa (raw, json)
Hash identifier:          rq1kKlNodVtDXoY6gfAngOpppf0vCkUjEqyYrt0VovY=
Subject key identifier:   31:F2:C7:5E:71:E2:1B:09:17:87:8D:21:20:AA:F7:62:60:61:47:79
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01897494F922565E9DD2C29815098A0BB9D7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MfLHXnHiGwkXh40hIKr3YmBhR3k.roa
Signing time:             Thu 20 Jul 2023 18:34:27 +0000
ROA not before:           Thu 20 Jul 2023 18:34:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206995
IP address blocks:        193.124.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 04:48:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:74:94:f9:22:56:5e:9d:d2:c2:98:15:09:8a:0b:b9:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 20 18:34:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=31f2c75e71e21b0917878d2120aaf76260614779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:6f:fc:a1:9f:cb:5d:8f:fa:3d:09:70:f9:36:
                    49:2f:c2:60:d0:aa:18:17:fe:58:52:d0:73:72:53:
                    f0:fd:0e:67:eb:a6:c1:47:2c:a2:a9:06:f9:23:c1:
                    8c:68:4c:cd:54:c3:ce:f0:9b:d6:94:83:f9:8c:fc:
                    4d:4e:1e:5a:20:b1:0a:b3:87:76:02:14:67:f4:92:
                    a4:c9:3e:9d:9d:d4:d3:e4:91:46:1b:bc:1f:f5:33:
                    49:2d:0c:73:f9:15:41:98:06:dc:ce:8c:1f:91:f7:
                    f4:e1:ae:1b:9e:da:71:bf:d5:33:a9:81:cd:a9:e0:
                    65:4e:d2:74:2a:d5:c4:20:c9:0a:b0:ce:ef:39:cf:
                    6c:c2:c3:4e:fa:61:ca:9c:c4:73:d6:e2:82:1d:b2:
                    23:be:bc:0b:63:dc:de:dc:74:ba:25:0b:8d:2c:64:
                    c6:b3:16:1b:53:84:16:71:51:cb:2b:16:c8:6a:cd:
                    d5:12:f4:b5:94:a2:72:34:f8:49:04:64:6e:39:12:
                    ae:47:28:e6:40:85:2e:90:43:81:83:d5:85:61:63:
                    8a:ca:e5:97:03:6d:a7:26:3b:66:ed:3f:5a:e2:fc:
                    3a:b3:9b:03:a7:fe:c3:00:09:64:bd:8e:ea:76:ba:
                    92:1d:bf:bb:7a:fe:6c:bd:cb:1d:8d:6f:7f:71:25:
                    4b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:F2:C7:5E:71:E2:1B:09:17:87:8D:21:20:AA:F7:62:60:61:47:79
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MfLHXnHiGwkXh40hIKr3YmBhR3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:fa:7e:53:4b:ed:bc:b2:67:c2:e9:96:b9:0e:e4:06:35:90:
         48:74:e8:14:95:2a:9b:c4:1c:dc:f9:14:bf:c4:a9:ee:43:7c:
         39:54:03:df:fd:3c:8b:35:27:b8:cc:2e:a0:44:10:ea:4a:72:
         e6:1b:3f:f8:94:37:e1:90:75:60:96:75:7e:af:7c:97:19:3e:
         b8:10:0e:58:81:29:31:e2:3a:b1:e1:d2:8b:6a:03:4d:e0:e9:
         1f:0f:04:fc:03:58:a9:64:55:9e:4b:13:a0:fe:15:ea:fb:f7:
         36:90:c0:64:d7:6a:e5:42:34:e7:22:b7:fc:05:bc:20:79:1f:
         14:66:3e:00:b6:89:87:ad:24:09:5f:6d:ef:d6:13:3e:4b:e7:
         4a:66:98:1c:74:4f:bb:c1:4e:61:e4:3b:91:8d:cb:04:aa:16:
         96:cb:b0:d6:e8:69:a5:84:12:f6:96:82:84:19:6f:2b:e2:a0:
         dd:09:1a:41:45:d3:f0:bf:bc:c3:1b:a7:df:0b:dc:9d:f9:6c:
         20:22:e4:17:f1:7a:01:ba:3e:ad:1d:aa:0d:14:a5:1b:56:18:
         97:2d:b5:91:8b:5a:63:02:4a:6e:c2:cd:7b:9c:96:d1:e1:9e:
         ba:8a:02:89:e1:5a:91:10:6a:4a:7a:fa:1e:65:69:b5:18:17:
         e6:ac:4d:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0lPkiVl6d0sKYFQmKC7nXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTgzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWYyYzc1ZTcxZTIxYjA5MTc4NzhkMjEyMGFhZjc2MjYwNjE0Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2/8oZ/LXY/6PQlw+TZJL8Jg0KoY
F/5YUtBzclPw/Q5n66bBRyyiqQb5I8GMaEzNVMPO8JvWlIP5jPxNTh5aILEKs4d2
AhRn9JKkyT6dndTT5JFGG7wf9TNJLQxz+RVBmAbczowfkff04a4bntpxv9UzqYHN
qeBlTtJ0KtXEIMkKsM7vOc9swsNO+mHKnMRz1uKCHbIjvrwLY9ze3HS6JQuNLGTG
sxYbU4QWcVHLKxbIas3VEvS1lKJyNPhJBGRuORKuRyjmQIUukEOBg9WFYWOKyuWX
A22nJjtm7T9a4vw6s5sDp/7DAAlkvY7qdrqSHb+7ev5svcsdjW9/cSVL6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHyx15x4hsJF4eNISCq92JgYUd5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTWZMSFhuSGlHd2tYaDQwaElLcjNZbUJoUjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXx8MA0G
CSqGSIb3DQEBCwUAA4IBAQBL+n5TS+28smfC6Za5DuQGNZBIdOgUlSqbxBzc+RS/
xKnuQ3w5VAPf/TyLNSe4zC6gRBDqSnLmGz/4lDfhkHVglnV+r3yXGT64EA5YgSkx
4jqx4dKLagNN4OkfDwT8A1ipZFWeSxOg/hXq+/c2kMBk12rlQjTnIrf8BbwgeR8U
Zj4AtomHrSQJX23v1hM+S+dKZpgcdE+7wU5h5DuRjcsEqhaWy7DW6GmlhBL2loKE
GW8r4qDdCRpBRdPwv7zDG6ffC9yd+WwgIuQX8XoBuj6tHaoNFKUbVhiXLbWRi1pj
Akpuws17nJbR4Z66igKJ4VqREGpKevoeZWm1GBfmrE2S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org