Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mfDhwockkFeG4KDmpMg7SSLu8Qs.roa
File:                     mfDhwockkFeG4KDmpMg7SSLu8Qs.roa (raw, json)
Hash identifier:          aJuUrGhHNlUwmt/4uVqAIrY4q6iu2p5bXM7ksmAiAm4=
Subject key identifier:   99:F0:E1:C2:87:24:90:57:86:E0:A0:E6:A4:C8:3B:49:22:EE:F1:0B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018B5D5BEA4D4B34FB47B09BE6A63CB9D0D3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mfDhwockkFeG4KDmpMg7SSLu8Qs.roa
Signing time:             Mon 23 Oct 2023 16:26:26 +0000
ROA not before:           Mon 23 Oct 2023 16:26:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60949
IP address blocks:        87.120.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5d:5b:ea:4d:4b:34:fb:47:b0:9b:e6:a6:3c:b9:d0:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Oct 23 16:26:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99f0e1c28724905786e0a0e6a4c83b4922eef10b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f4:ae:22:e9:ee:76:57:08:32:1a:1a:48:3d:
                    7d:15:bb:7c:92:51:d0:f2:cc:4d:4b:6b:82:84:1a:
                    56:f3:21:52:a7:5d:56:c0:bc:5a:ea:00:8d:37:f4:
                    61:4d:7e:82:99:69:2f:a7:bb:50:2e:ba:f7:a5:05:
                    42:d4:3c:94:66:71:28:78:ae:3d:db:15:44:a5:ea:
                    53:d8:58:86:28:e2:f7:03:2a:17:77:06:df:ee:aa:
                    4e:5e:44:1e:15:8b:86:80:9f:58:26:7b:51:3b:75:
                    08:69:8e:c7:37:f8:d1:cc:cc:d1:a9:d4:20:4f:5b:
                    77:e5:76:11:ee:24:38:31:01:d0:ca:61:56:59:1b:
                    59:cb:54:19:35:be:a4:0e:20:9f:af:28:d4:d1:d6:
                    69:18:75:6b:37:b0:41:15:0b:34:56:c0:df:d3:87:
                    b3:b0:50:77:5e:a5:c8:3a:b5:58:9f:56:b5:dd:ac:
                    b2:0c:38:4a:d7:9f:a5:81:7b:9d:18:49:f8:86:7c:
                    f2:c2:d0:a1:ed:e2:ba:8a:12:29:fa:c5:81:4d:a3:
                    b2:81:6a:83:2e:1e:81:f6:72:0f:7b:8e:47:eb:06:
                    d3:e9:0f:a5:d5:6a:e6:95:4a:0a:00:b1:32:97:9f:
                    aa:03:e0:98:9c:fd:1d:d6:dc:cb:a7:1b:45:8a:e1:
                    c7:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F0:E1:C2:87:24:90:57:86:E0:A0:E6:A4:C8:3B:49:22:EE:F1:0B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mfDhwockkFeG4KDmpMg7SSLu8Qs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.120.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:70:a6:35:b1:6e:03:52:d4:0f:a6:3d:0a:1f:27:57:71:d0:
         6c:5d:dd:62:f1:a5:f1:ad:34:65:08:ed:f1:a8:d9:38:13:02:
         38:7d:4a:92:95:0a:de:a8:a8:77:05:d4:3d:32:39:60:02:44:
         de:f6:f2:8c:3e:b7:0c:15:d2:84:29:3f:63:33:d1:b5:7a:64:
         64:7a:a5:ed:28:68:ae:8a:2e:5a:3d:8a:72:1e:ec:57:6f:3e:
         44:44:15:65:c2:ab:31:84:fe:ae:d1:ad:7a:79:c9:21:02:99:
         0a:7d:df:54:d1:3f:ff:54:d4:4f:c6:33:1a:68:99:11:53:71:
         36:d7:50:90:04:c6:01:5f:ce:18:e5:97:17:20:b8:06:ea:a4:
         3b:7b:cf:99:a1:b6:f9:33:01:ff:41:00:84:d8:83:c2:fa:ed:
         b3:bb:6a:96:b5:31:c7:00:00:e5:ec:02:be:eb:82:7e:4e:e2:
         0f:ec:3c:a7:81:b1:f0:6f:bf:3f:3c:ff:7b:64:cf:3b:74:55:
         f3:fe:26:32:d1:3e:83:38:44:9c:32:77:56:b3:ce:bf:81:b2:
         01:2a:2a:10:52:89:aa:70:d2:e9:cb:f0:27:7d:f5:af:c1:b2:
         b4:14:62:64:8d:e8:d4:ad:f4:31:ab:7f:d6:14:d5:e6:c3:0b:
         e7:df:a6:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtdW+pNSzT7R7Cb5qY8udDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIzMTYyNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYwZTFjMjg3MjQ5MDU3ODZlMGEwZTZhNGM4M2I0OTIyZWVmMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPSuIunudlcIMhoaSD19Fbt8klHQ
8sxNS2uChBpW8yFSp11WwLxa6gCNN/RhTX6CmWkvp7tQLrr3pQVC1DyUZnEoeK49
2xVEpepT2FiGKOL3AyoXdwbf7qpOXkQeFYuGgJ9YJntRO3UIaY7HN/jRzMzRqdQg
T1t35XYR7iQ4MQHQymFWWRtZy1QZNb6kDiCfryjU0dZpGHVrN7BBFQs0VsDf04ez
sFB3XqXIOrVYn1a13ayyDDhK15+lgXudGEn4hnzywtCh7eK6ihIp+sWBTaOygWqD
Lh6B9nIPe45H6wbT6Q+l1WrmlUoKALEyl5+qA+CYnP0d1tzLpxtFiuHHAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnw4cKHJJBXhuCg5qTIO0ki7vELMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbWZEaHdvY2trRmVHNEtEbXBNZzdTU0x1OFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3hFMA0G
CSqGSIb3DQEBCwUAA4IBAQBmcKY1sW4DUtQPpj0KHydXcdBsXd1i8aXxrTRlCO3x
qNk4EwI4fUqSlQreqKh3BdQ9MjlgAkTe9vKMPrcMFdKEKT9jM9G1emRkeqXtKGiu
ii5aPYpyHuxXbz5ERBVlwqsxhP6u0a16eckhApkKfd9U0T//VNRPxjMaaJkRU3E2
11CQBMYBX84Y5ZcXILgG6qQ7e8+Zobb5MwH/QQCE2IPC+u2zu2qWtTHHAADl7AK+
64J+TuIP7DyngbHwb78/PP97ZM87dFXz/iYy0T6DOEScMndWs86/gbIBKioQUomq
cNLpy/AnffWvwbK0FGJkjejUrfQxq3/WFNXmwwvn36Y5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org