Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mcibB_TU10NkRhpF7TlwAm0375Y.roa
File:                     mcibB_TU10NkRhpF7TlwAm0375Y.roa (raw, json)
Hash identifier:          ATrT9gnZzGf7wZDLo9gtavrcuqtFE4AXOpq1dYd1Yfw=
Subject key identifier:   99:C8:9B:07:F4:D4:D7:43:64:46:1A:45:ED:39:70:02:6D:37:EF:96
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018DFAD34FD0E14E4CBD571C46AEDA372F4B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mcibB_TU10NkRhpF7TlwAm0375Y.roa
Signing time:             Fri 01 Mar 2024 16:22:48 +0000
ROA not before:           Fri 01 Mar 2024 16:22:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208287
IP address blocks:        193.124.90.0/24 maxlen: 24
                          195.133.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 13:37:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:fa:d3:4f:d0:e1:4e:4c:bd:57:1c:46:ae:da:37:2f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar  1 16:22:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99c89b07f4d4d74364461a45ed3970026d37ef96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ba:fa:ae:68:19:36:35:e5:bb:af:35:fd:e2:
                    63:36:90:f0:b1:d4:b7:28:cc:7e:33:c8:2b:a3:37:
                    b5:ec:17:c6:71:36:1d:7f:08:c9:4a:50:c4:f2:fe:
                    3b:04:53:bb:b7:6f:d8:2b:f3:5d:69:41:06:63:05:
                    5d:76:9d:ab:f1:bc:de:42:50:6c:bd:52:0e:75:48:
                    87:e5:8b:7d:0f:f8:57:4e:1e:71:e1:70:67:e0:1c:
                    cb:03:2b:9a:49:c1:a9:04:54:fd:2b:0c:bd:dc:09:
                    7d:72:eb:ba:2e:49:0b:36:8a:73:f8:1a:21:79:ba:
                    fa:a6:7c:95:0f:8a:e6:02:93:cf:2c:9c:fb:c7:ef:
                    7f:29:d9:51:d1:fc:a7:73:63:70:70:13:3e:c9:74:
                    23:f3:22:1d:a8:fa:82:7a:97:d9:28:fc:cb:48:0d:
                    1d:65:5c:bb:82:f6:7c:3b:fc:3a:d3:66:3b:22:87:
                    59:bd:d0:91:c7:2b:35:cb:4b:3f:b5:5e:0a:bd:90:
                    ed:09:07:69:7a:e2:7e:a5:34:15:3b:74:07:d8:6e:
                    9f:70:35:7f:18:f1:e0:0d:b7:9c:9d:b3:32:b8:07:
                    21:7e:af:0d:08:85:4d:e8:f1:a6:76:3a:5c:b5:5e:
                    17:0f:32:de:0a:e8:ed:06:49:61:09:f0:a2:c6:89:
                    b5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:C8:9B:07:F4:D4:D7:43:64:46:1A:45:ED:39:70:02:6D:37:EF:96
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mcibB_TU10NkRhpF7TlwAm0375Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.90.0/24
                  195.133.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:6a:41:49:11:4e:7e:bc:a6:a7:59:00:9a:16:4f:a4:36:ca:
         ec:5a:c5:c0:84:9b:21:fa:f8:05:14:ba:ab:ee:b1:99:53:0f:
         fb:f0:a6:60:08:5e:ce:2f:31:f5:49:b9:7b:b3:f1:de:12:d7:
         17:11:8c:80:d9:b4:0e:38:46:21:31:05:00:1d:bd:69:3b:d1:
         ef:7f:b1:97:1a:ce:39:fa:0e:88:30:41:10:48:c1:cb:15:ef:
         11:71:ab:89:0c:84:af:c9:30:68:af:5f:b1:be:6c:cf:6e:04:
         25:06:31:18:3d:04:d4:b9:d1:c7:b5:19:28:5b:81:fd:4b:e9:
         0d:14:38:80:8c:8c:e4:1f:44:6f:7d:b3:6a:32:be:b0:6f:33:
         0d:6c:a8:98:7f:65:68:c3:37:21:50:c4:33:db:87:8a:0d:e9:
         93:71:5b:2e:ac:a8:1f:7a:c3:62:2b:04:10:b7:45:a6:47:50:
         03:69:b6:c9:2a:97:ee:44:48:6f:bc:a6:ed:20:24:85:85:6c:
         19:7d:91:88:b3:11:56:73:15:19:01:5a:7a:69:cd:dd:b1:bb:
         ec:90:54:f3:f9:13:15:9d:2b:4f:13:c3:29:fa:6c:8d:a8:d5:
         d1:e4:6f:ad:35:44:7e:af:32:16:64:1d:2c:49:88:d5:6e:4c:
         a8:d4:e4:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3600/Q4U5MvVccRq7aNy9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzAxMTYyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM4OWIwN2Y0ZDRkNzQzNjQ0NjFhNDVlZDM5NzAwMjZkMzdlZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7r6rmgZNjXlu681/eJjNpDwsdS3
KMx+M8groze17BfGcTYdfwjJSlDE8v47BFO7t2/YK/NdaUEGYwVddp2r8bzeQlBs
vVIOdUiH5Yt9D/hXTh5x4XBn4BzLAyuaScGpBFT9Kwy93Al9cuu6LkkLNopz+Boh
ebr6pnyVD4rmApPPLJz7x+9/KdlR0fync2NwcBM+yXQj8yIdqPqCepfZKPzLSA0d
ZVy7gvZ8O/w602Y7IodZvdCRxys1y0s/tV4KvZDtCQdpeuJ+pTQVO3QH2G6fcDV/
GPHgDbecnbMyuAchfq8NCIVN6PGmdjpctV4XDzLeCujtBklhCfCixom1BQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJnImwf01NdDZEYaRe05cAJtN++WMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbWNpYkJfVFUxME5rUmhwRjdUbHdBbTAzNzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXxaAwQA
w4UCMA0GCSqGSIb3DQEBCwUAA4IBAQB+akFJEU5+vKanWQCaFk+kNsrsWsXAhJsh
+vgFFLqr7rGZUw/78KZgCF7OLzH1Sbl7s/HeEtcXEYyA2bQOOEYhMQUAHb1pO9Hv
f7GXGs45+g6IMEEQSMHLFe8RcauJDISvyTBor1+xvmzPbgQlBjEYPQTUudHHtRko
W4H9S+kNFDiAjIzkH0RvfbNqMr6wbzMNbKiYf2VowzchUMQz24eKDemTcVsurKgf
esNiKwQQt0WmR1ADabbJKpfuREhvvKbtICSFhWwZfZGIsxFWcxUZAVp6ac3dsbvs
kFTz+RMVnStPE8Mp+myNqNXR5G+tNUR+rzIWZB0sSYjVbkyo1ORw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org