Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mMgBEY6ctjuhB9JXBPjzlAlhiJc.roa
File:                     mMgBEY6ctjuhB9JXBPjzlAlhiJc.roa (raw, json)
Hash identifier:          Bm3kxJNGcgHOOnCibuKzluqbknouEGRDq7Ugc2HbVXw=
Subject key identifier:   98:C8:01:11:8E:9C:B6:3B:A1:07:D2:57:04:F8:F3:94:09:61:88:97
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0187FFEC011147DFF48093EBC305BEE698D4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mMgBEY6ctjuhB9JXBPjzlAlhiJc.roa
Signing time:             Tue 09 May 2023 09:51:09 +0000
ROA not before:           Tue 09 May 2023 09:51:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41082
IP address blocks:        194.87.100.0/24 maxlen: 24
                          194.87.15.0/24 maxlen: 24
                          194.87.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 May 2023 08:53:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ff:ec:01:11:47:df:f4:80:93:eb:c3:05:be:e6:98:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May  9 09:51:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98c801118e9cb63ba107d25704f8f39409618897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a1:d6:b0:11:83:89:71:87:c9:32:38:dc:b3:
                    7f:c2:84:02:be:30:17:fd:3c:62:9a:c9:c4:6e:7a:
                    7e:e6:17:5e:c1:e4:78:73:87:46:e6:a6:9b:a1:4b:
                    94:a4:eb:8b:6e:30:e5:61:ff:54:cf:c2:51:1b:42:
                    a3:90:93:be:4c:37:51:5f:ea:6d:81:a1:e5:31:b5:
                    73:18:95:fa:90:74:a6:96:d8:39:fc:91:cb:e0:2d:
                    2e:aa:39:93:a8:6a:2d:3e:10:6e:81:12:c4:59:24:
                    57:6b:b4:79:b7:8b:ed:bb:59:9d:6a:f8:ca:1c:b1:
                    40:9d:38:83:e7:12:7c:23:0a:9d:11:a8:7f:c3:28:
                    00:83:37:22:e8:05:7b:78:41:41:e5:5e:a0:8e:a9:
                    48:3a:8c:8a:cf:fb:5e:87:fb:c3:70:fb:e3:84:57:
                    03:5d:ad:02:fb:82:14:3a:4b:e7:1a:2f:14:78:e9:
                    40:f4:ef:4a:63:b6:cf:5f:33:ad:58:17:f1:d1:92:
                    ee:5a:ee:ac:bd:dd:fa:9c:2e:cb:ba:77:f7:96:4d:
                    e8:76:b0:62:03:d0:af:e7:ea:29:2e:75:ef:2e:cc:
                    9d:d5:64:16:e3:8d:12:da:e8:dd:19:95:90:bb:8c:
                    cb:36:12:b0:fd:6c:e0:95:c9:52:8b:af:91:f5:65:
                    e2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C8:01:11:8E:9C:B6:3B:A1:07:D2:57:04:F8:F3:94:09:61:88:97
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mMgBEY6ctjuhB9JXBPjzlAlhiJc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.15.0/24
                  194.87.100.0/24
                  194.87.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:c5:bd:4b:d0:fa:d8:69:bf:01:42:c6:dc:76:58:b5:d6:a4:
         34:ed:57:3a:d5:9d:bc:a4:4e:f2:92:cd:66:91:a1:84:a8:12:
         0e:19:4a:f1:c0:74:d1:12:29:3f:da:b8:b4:6d:27:cd:76:ae:
         49:4c:04:b6:3a:49:48:00:43:08:3c:52:14:f4:38:29:de:43:
         9d:73:ce:32:86:b9:53:39:25:94:e7:1d:06:1a:03:6f:c9:cc:
         03:a4:b3:6f:eb:5d:82:b4:f1:81:1b:8a:e4:e4:f4:75:25:6a:
         4b:93:3d:e7:95:16:58:6f:b8:e4:06:58:f0:57:d5:8d:14:cd:
         49:5d:82:ab:52:37:57:7e:d4:ef:27:1f:b2:03:aa:0c:9f:08:
         ea:43:7e:a4:e5:72:f9:c7:1b:f0:0b:c7:fc:04:c8:73:00:e5:
         8d:00:68:92:54:11:9e:38:9b:38:9b:e7:7a:53:79:5b:49:dd:
         04:4d:b4:b2:7e:94:de:ce:a2:82:4c:e2:83:71:73:ce:bf:e0:
         f5:f2:64:da:f0:d2:29:f2:93:3e:09:cc:ac:bb:7d:f6:8b:dc:
         5b:30:70:ec:68:55:0b:8a:d1:dc:50:1a:0d:95:6d:b6:2c:94:
         8f:31:50:8c:2c:d3:cb:3a:f1:b9:64:8a:4f:ce:4b:63:88:10:
         27:18:51:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYf/7AERR9/0gJPrwwW+5pjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTA5MDk1MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM4MDExMThlOWNiNjNiYTEwN2QyNTcwNGY4ZjM5NDA5NjE4ODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6HWsBGDiXGHyTI43LN/woQCvjAX
/TximsnEbnp+5hdeweR4c4dG5qaboUuUpOuLbjDlYf9Uz8JRG0KjkJO+TDdRX+pt
gaHlMbVzGJX6kHSmltg5/JHL4C0uqjmTqGotPhBugRLEWSRXa7R5t4vtu1mdavjK
HLFAnTiD5xJ8IwqdEah/wygAgzci6AV7eEFB5V6gjqlIOoyKz/teh/vDcPvjhFcD
Xa0C+4IUOkvnGi8UeOlA9O9KY7bPXzOtWBfx0ZLuWu6svd36nC7Lunf3lk3odrBi
A9Cv5+opLnXvLsyd1WQW440S2ujdGZWQu4zLNhKw/WzglclSi6+R9WXi7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJjIARGOnLY7oQfSVwT485QJYYiXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbU1nQkVZNmN0anVoQjlKWEJQanpsQWxoaUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcPAwQA
wldkAwQAwletMA0GCSqGSIb3DQEBCwUAA4IBAQBcxb1L0PrYab8BQsbcdli11qQ0
7Vc61Z28pE7yks1mkaGEqBIOGUrxwHTREik/2ri0bSfNdq5JTAS2OklIAEMIPFIU
9Dgp3kOdc84yhrlTOSWU5x0GGgNvycwDpLNv612CtPGBG4rk5PR1JWpLkz3nlRZY
b7jkBljwV9WNFM1JXYKrUjdXftTvJx+yA6oMnwjqQ36k5XL5xxvwC8f8BMhzAOWN
AGiSVBGeOJs4m+d6U3lbSd0ETbSyfpTezqKCTOKDcXPOv+D18mTa8NIp8pM+Ccys
u332i9xbMHDsaFULitHcUBoNlW22LJSPMVCMLNPLOvG5ZIpPzktjiBAnGFGY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org