Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/mXH0teY29rQQB9kFPSn9re7n3hE.roa
File:                     mXH0teY29rQQB9kFPSn9re7n3hE.roa (raw, json)
Hash identifier:          1nNYOsrkLiq9v14/mJkajtf+9zbCoZWrS7h+A8YMEOM=
Subject key identifier:   99:71:F4:B5:E6:36:F6:B4:10:07:D9:05:3D:29:FD:AD:EE:E7:DE:11
Certificate issuer:       /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial:       01892FCFBC727AC55CF5C05E6512BC9061A4
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/mXH0teY29rQQB9kFPSn9re7n3hE.roa
Signing time:             Fri 07 Jul 2023 10:04:50 +0000
ROA not before:           Fri 07 Jul 2023 10:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49434
IP address blocks:        185.177.45.0/24 maxlen: 24
                          2a0a:2f82::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 09:20:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2f:cf:bc:72:7a:c5:5c:f5:c0:5e:65:12:bc:90:61:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
        Validity
            Not Before: Jul  7 10:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9971f4b5e636f6b41007d9053d29fdadeee7de11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:30:8b:6d:cf:ff:bc:c3:47:a7:13:c8:ed:08:
                    cd:a6:eb:2d:91:f9:fb:8d:79:d0:e6:11:6d:bc:87:
                    10:63:85:ab:a1:d2:b2:b1:1a:39:bc:53:07:74:d8:
                    e7:c5:b3:ff:78:43:f4:c0:a3:82:66:2f:9a:2b:37:
                    79:c8:8b:c7:09:2e:ad:76:05:96:77:76:f1:84:8a:
                    60:76:54:e3:22:96:f9:aa:16:0c:80:09:ad:ae:43:
                    88:3d:c5:07:e7:9f:f2:1e:cd:53:b6:4b:a7:76:e2:
                    30:e4:f3:de:d9:1e:ca:13:37:4b:45:02:15:ec:aa:
                    ef:1d:12:58:bf:c5:2a:81:f2:d1:54:20:23:0d:3b:
                    ad:d6:bb:c4:f1:9d:bf:b9:8b:cf:ca:e6:6a:a0:c4:
                    c0:71:4a:12:f4:80:0e:d2:dc:01:aa:b7:70:09:29:
                    c1:ce:07:04:ac:19:9c:cb:f3:65:44:1a:9d:bb:52:
                    e7:f2:2a:f4:1d:a6:95:b3:38:ab:f4:54:2a:fa:9e:
                    e0:a7:77:f5:0d:c8:e1:78:77:a1:70:c8:25:98:32:
                    f6:b6:61:d3:65:0b:a8:20:bd:d7:79:8d:d2:16:7e:
                    f4:9e:56:2d:91:91:e7:44:db:91:a1:3c:69:19:be:
                    11:d1:ab:e3:cc:00:bb:1b:f9:d5:c0:5b:54:cd:b6:
                    ac:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:71:F4:B5:E6:36:F6:B4:10:07:D9:05:3D:29:FD:AD:EE:E7:DE:11
            X509v3 Authority Key Identifier:
                keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/mXH0teY29rQQB9kFPSn9re7n3hE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.45.0/24
                IPv6:
                  2a0a:2f82::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:03:9e:46:bd:c9:c1:d1:4d:fd:5d:a4:9c:4e:41:43:00:eb:
         95:6e:84:c3:a7:7c:26:14:0b:e1:56:d0:70:3f:69:08:cb:9e:
         2e:b7:59:fe:3f:d2:82:75:03:05:9d:45:2e:2f:97:df:cd:43:
         da:a6:b9:b4:66:a4:5f:dc:2c:87:3f:88:51:6e:78:88:79:19:
         34:c1:da:2b:94:19:b8:59:04:a0:74:df:98:cd:8a:f6:85:ef:
         25:16:12:8e:2e:17:43:84:61:57:1d:d0:62:11:26:53:a2:da:
         bc:4f:e4:f0:a5:5c:2e:3a:41:32:f8:42:ba:42:1f:78:d8:15:
         cf:7e:96:f2:e9:87:bc:a0:de:42:e7:e1:09:3a:ab:11:c5:ca:
         d4:fd:de:d5:72:ac:35:8b:5f:85:6b:3a:72:3d:b2:a4:85:d0:
         96:a5:46:69:16:7f:d0:20:cc:c3:a0:8b:b9:a3:9b:97:f4:82:
         cf:d7:bb:8a:26:8d:c1:62:4c:59:f2:f2:51:d3:b6:96:6d:08:
         a1:14:aa:0e:d3:f9:5e:e1:e9:57:b4:70:83:0c:37:40:57:d6:
         6b:7f:ec:4f:20:3f:f5:8e:08:e2:c8:33:39:0d:cc:4a:d9:27:
         ca:07:c4:4e:fa:88:6f:a7:96:ea:90:7f:9e:7a:2a:12:46:2c:
         73:cc:76:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkvz7xyesVc9cBeZRK8kGGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjMwNzA3MTAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTcxZjRiNWU2MzZmNmI0MTAwN2Q5MDUzZDI5ZmRhZGVlZTdkZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDCLbc//vMNHpxPI7QjNpustkfn7
jXnQ5hFtvIcQY4WrodKysRo5vFMHdNjnxbP/eEP0wKOCZi+aKzd5yIvHCS6tdgWW
d3bxhIpgdlTjIpb5qhYMgAmtrkOIPcUH55/yHs1TtkunduIw5PPe2R7KEzdLRQIV
7KrvHRJYv8UqgfLRVCAjDTut1rvE8Z2/uYvPyuZqoMTAcUoS9IAO0twBqrdwCSnB
zgcErBmcy/NlRBqdu1Ln8ir0HaaVszir9FQq+p7gp3f1DcjheHehcMglmDL2tmHT
ZQuoIL3XeY3SFn70nlYtkZHnRNuRoTxpGb4R0avjzAC7G/nVwFtUzbasqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJlx9LXmNva0EAfZBT0p/a3u594RMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvbVhIMHRlWTI5clFRQjlrRlBTbjlyZTduM2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubEtMA0E
AgACMAcDBQAqCi+CMA0GCSqGSIb3DQEBCwUAA4IBAQBLA55GvcnB0U39XaScTkFD
AOuVboTDp3wmFAvhVtBwP2kIy54ut1n+P9KCdQMFnUUuL5ffzUPaprm0ZqRf3CyH
P4hRbniIeRk0wdorlBm4WQSgdN+YzYr2he8lFhKOLhdDhGFXHdBiESZTotq8T+Tw
pVwuOkEy+EK6Qh942BXPfpby6Ye8oN5C5+EJOqsRxcrU/d7Vcqw1i1+FazpyPbKk
hdCWpUZpFn/QIMzDoIu5o5uX9ILP17uKJo3BYkxZ8vJR07aWbQihFKoO0/le4elX
tHCDDDdAV9Zrf+xPID/1jgjiyDM5DcxK2SfKB8RO+ohvp5bqkH+eeioSRixzzHY8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:29 2024 by rpki-client on console-ams.rpki-client.org