Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/MDM6jBW23VSy-cv3EHSP_90QI2w.roa
File:                     MDM6jBW23VSy-cv3EHSP_90QI2w.roa (raw, json)
Hash identifier:          nDX3CR3n3EigcYMe8+ckMJWoPi35LoGhDbV3LAXhFRQ=
Subject key identifier:   30:33:3A:8C:15:B6:DD:54:B2:F9:CB:F7:10:74:8F:FF:DD:10:23:6C
Certificate issuer:       /CN=ec167bb6b061fffa629dd2a84ccf7db44c71a351
Certificate serial:       01856E6FBA1B5036FB511FEE702A66BD3EC1
Authority key identifier: EC:16:7B:B6:B0:61:FF:FA:62:9D:D2:A8:4C:CF:7D:B4:4C:71:A3:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7BZ7trBh__pindKoTM99tExxo1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/MDM6jBW23VSy-cv3EHSP_90QI2w.roa
Signing time:             Sun 01 Jan 2023 17:44:53 +0000
ROA not before:           Sun 01 Jan 2023 17:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     65535
IP address blocks:        185.3.28.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:6f:ba:1b:50:36:fb:51:1f:ee:70:2a:66:bd:3e:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec167bb6b061fffa629dd2a84ccf7db44c71a351
        Validity
            Not Before: Jan  1 17:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30333a8c15b6dd54b2f9cbf710748fffdd10236c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e8:2c:05:e2:09:35:22:bd:9c:91:2a:58:d4:
                    aa:3c:ed:8d:f8:05:15:4b:98:27:b6:83:69:7b:10:
                    b8:8c:01:e5:8a:45:42:6f:cd:8e:68:a9:41:ce:98:
                    52:17:b8:29:f8:c5:d1:c4:6f:7f:85:6a:f5:b4:47:
                    d1:91:44:b8:79:f4:87:6c:fc:55:3c:72:2d:0a:1f:
                    aa:4d:22:77:13:a8:a1:ad:5f:27:44:c2:94:b8:15:
                    7f:5a:58:7e:be:7a:1b:f8:dc:db:da:0b:84:79:85:
                    63:3e:5d:30:1c:ca:95:c9:13:06:9f:32:85:c1:fc:
                    72:e1:57:c9:0e:64:55:a9:da:80:e8:83:a7:8c:bb:
                    29:56:56:1c:e8:ac:83:1c:70:d8:d0:83:28:2f:5a:
                    6e:28:0a:e5:9a:72:72:35:68:48:1c:60:2d:26:5d:
                    ff:30:10:15:52:a8:37:5f:f4:4b:b8:a6:cc:c1:50:
                    86:77:ae:24:69:fb:35:8c:8b:19:37:8c:60:e2:78:
                    45:10:87:b0:17:cc:bf:15:c2:12:4a:5d:67:dc:55:
                    33:75:fc:18:22:4e:b8:11:bc:3f:24:59:11:fe:1a:
                    74:ca:2f:21:43:6a:9c:10:f9:f4:88:54:43:1a:d8:
                    05:f1:ca:dc:15:0d:b2:ce:29:95:f3:75:2c:35:21:
                    fc:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:33:3A:8C:15:B6:DD:54:B2:F9:CB:F7:10:74:8F:FF:DD:10:23:6C
            X509v3 Authority Key Identifier:
                keyid:EC:16:7B:B6:B0:61:FF:FA:62:9D:D2:A8:4C:CF:7D:B4:4C:71:A3:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7BZ7trBh__pindKoTM99tExxo1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/MDM6jBW23VSy-cv3EHSP_90QI2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/7BZ7trBh__pindKoTM99tExxo1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.3.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:b0:4f:a2:ef:7b:1d:d7:fd:96:de:6a:40:a9:5d:f9:49:7e:
         37:fd:ca:e6:61:3c:a3:ba:0b:40:2a:aa:53:4f:78:68:de:2a:
         65:d9:c0:fa:8a:59:6f:14:6b:98:7c:cc:bb:36:2a:39:13:e8:
         cd:78:30:05:be:e7:29:4a:91:e5:44:85:2f:ec:c2:0e:8b:17:
         21:3f:a8:6c:3a:b4:ef:34:ed:f0:84:52:2a:b1:10:04:a9:6f:
         3e:a5:71:d0:3d:f3:a4:33:af:89:b6:cb:3a:0f:97:43:d8:3e:
         be:af:e4:38:63:15:d1:93:a5:2b:a0:83:20:b9:59:11:6b:6f:
         1b:50:a0:7e:8e:f1:88:ef:9f:a8:5f:49:98:b9:c0:8b:ca:4c:
         bd:3b:27:09:3f:06:bd:2e:a2:10:85:99:86:46:9e:44:fb:51:
         0a:1b:6d:65:23:1a:2c:e0:58:cd:65:e7:36:95:54:51:99:d9:
         64:34:28:ff:bd:54:3d:3c:71:90:df:e9:f1:c3:ee:b9:52:20:
         64:34:56:af:9e:0d:29:72:cc:3a:48:16:16:9c:79:a7:11:5f:
         d3:89:4b:79:0e:7a:ff:ce:64:b7:7b:ab:33:63:22:bc:6a:7f:
         4e:29:73:09:a9:8c:01:06:5e:cd:c2:67:e8:ae:58:2a:61:76:
         2f:c5:94:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub7obUDb7UR/ucCpmvT7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMTY3YmI2YjA2MWZmZmE2MjlkZDJhODRjY2Y3ZGI0NGM3
MWEzNTEwHhcNMjMwMTAxMTc0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDMzM2E4YzE1YjZkZDU0YjJmOWNiZjcxMDc0OGZmZmRkMTAyMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArugsBeIJNSK9nJEqWNSqPO2N+AUV
S5gntoNpexC4jAHlikVCb82OaKlBzphSF7gp+MXRxG9/hWr1tEfRkUS4efSHbPxV
PHItCh+qTSJ3E6ihrV8nRMKUuBV/Wlh+vnob+Nzb2guEeYVjPl0wHMqVyRMGnzKF
wfxy4VfJDmRVqdqA6IOnjLspVlYc6KyDHHDY0IMoL1puKArlmnJyNWhIHGAtJl3/
MBAVUqg3X/RLuKbMwVCGd64kafs1jIsZN4xg4nhFEIewF8y/FcISSl1n3FUzdfwY
Ik64Ebw/JFkR/hp0yi8hQ2qcEPn0iFRDGtgF8crcFQ2yzimV83UsNSH8uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAzOowVtt1UsvnL9xB0j//dECNsMB8GA1UdIwQY
MBaAFOwWe7awYf/6Yp3SqEzPfbRMcaNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0JaN3RyQmhfX3BpbmRLb1RNOTl0RXh4bzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mNTVkNDQtNTg5My00YzIyLWIwYjct
YzY1NWFkNTk0MTkzLzEvTURNNmpCVzIzVlN5LWN2M0VIU1BfOTBRSTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mNTVkNDQtNTg5My00YzIyLWIwYjctYzY1NWFkNTk0MTkz
LzEvN0JaN3RyQmhfX3BpbmRLb1RNOTl0RXh4bzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQMcMA0G
CSqGSIb3DQEBCwUAA4IBAQAisE+i73sd1/2W3mpAqV35SX43/crmYTyjugtAKqpT
T3ho3ipl2cD6illvFGuYfMy7Nio5E+jNeDAFvucpSpHlRIUv7MIOixchP6hsOrTv
NO3whFIqsRAEqW8+pXHQPfOkM6+Jtss6D5dD2D6+r+Q4YxXRk6UroIMguVkRa28b
UKB+jvGI75+oX0mYucCLyky9OycJPwa9LqIQhZmGRp5E+1EKG21lIxos4FjNZec2
lVRRmdlkNCj/vVQ9PHGQ3+nxw+65UiBkNFavng0pcsw6SBYWnHmnEV/TiUt5Dnr/
zmS3e6szYyK8an9OKXMJqYwBBl7NwmforlgqYXYvxZTj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:53 2024 by rpki-client on console-ams.rpki-client.org