Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/Md0LP-7Cq1Z26ELzkMQjvghywEM.roa
File:                     Md0LP-7Cq1Z26ELzkMQjvghywEM.roa (raw, json)
Hash identifier:          ISq4mw6uWDbxDYqR2oTvq9MogYJSKBa4zbhUY1LwNCc=
Subject key identifier:   31:DD:0B:3F:EE:C2:AB:56:76:E8:42:F3:90:C4:23:BE:08:72:C0:43
Certificate issuer:       /CN=7c835498f35199a1571964d855c3877751681ab9
Certificate serial:       018B4794F61ACD694258FD54626F9A6555F9
Authority key identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/Md0LP-7Cq1Z26ELzkMQjvghywEM.roa
Signing time:             Thu 19 Oct 2023 10:57:06 +0000
ROA not before:           Thu 19 Oct 2023 10:57:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29024
IP address blocks:        185.3.48.0/22 maxlen: 22
                          91.189.40.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 09:11:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:47:94:f6:1a:cd:69:42:58:fd:54:62:6f:9a:65:55:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c835498f35199a1571964d855c3877751681ab9
        Validity
            Not Before: Oct 19 10:57:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=31dd0b3feec2ab5676e842f390c423be0872c043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:25:0b:a0:a0:52:e2:e6:15:25:86:43:ad:7a:
                    64:68:b0:23:d9:48:3d:d6:46:0c:f5:88:94:cb:5e:
                    8c:93:94:c2:65:7b:61:6b:16:a1:d9:76:30:23:79:
                    c5:5c:54:51:18:fa:bf:5a:3c:af:67:f9:c2:ae:cd:
                    e1:80:86:26:d7:a7:bb:56:91:e6:7f:fb:75:68:d6:
                    85:7c:bb:97:02:39:1c:43:81:6f:57:a6:b1:74:cf:
                    b9:e0:2d:40:20:6b:08:f7:ee:9b:b2:b7:9a:89:88:
                    03:0d:f3:80:73:cd:81:4d:9f:9f:83:8f:35:46:36:
                    e8:07:ca:32:78:5c:c1:5c:4d:4d:87:84:af:ce:10:
                    a3:62:7c:56:5b:96:58:2f:4e:6e:c4:65:f8:04:ee:
                    74:e1:b3:14:58:b7:bf:91:57:93:8c:d3:cb:76:f1:
                    53:1c:a4:13:3e:00:59:51:17:a2:3a:bf:bc:6b:d9:
                    93:fe:1e:4e:4b:f3:7c:b5:7c:73:eb:7b:df:2f:e7:
                    45:eb:3c:37:60:dc:c9:5f:d0:5e:23:a1:3a:53:f8:
                    08:26:64:74:a2:fa:7f:96:62:18:f2:ea:af:c7:f7:
                    a6:ba:d9:79:df:11:91:4a:02:6c:66:1a:3c:9c:9d:
                    61:9d:a0:3f:65:79:75:32:b5:17:d4:ef:f8:04:fb:
                    34:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:DD:0B:3F:EE:C2:AB:56:76:E8:42:F3:90:C4:23:BE:08:72:C0:43
            X509v3 Authority Key Identifier:
                keyid:7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/Md0LP-7Cq1Z26ELzkMQjvghywEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.189.40.0/21
                  185.3.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:50:6b:58:0f:07:05:ae:e3:31:99:7e:a5:a4:99:74:16:e2:
         35:4f:c3:6c:e6:9b:40:7f:43:25:de:65:a8:72:01:be:e6:69:
         fc:8d:eb:19:28:de:b8:a3:67:52:7b:0f:2a:24:bc:45:58:58:
         26:46:cc:4c:21:8d:bd:4e:93:fc:5e:cb:d6:d8:91:f9:0c:ec:
         be:5a:bb:f6:8e:17:16:7b:18:59:01:27:66:62:3a:83:32:6a:
         97:50:eb:22:a0:85:55:a4:92:d8:7a:a4:cb:4f:c8:e6:2a:ec:
         fa:ac:15:4e:f4:f1:81:bc:65:a8:4a:1c:2a:f1:c1:32:58:e4:
         cc:6d:cb:58:bb:75:18:a4:88:3e:f9:e6:5b:8f:8c:0b:fe:30:
         c2:3f:13:56:46:95:ec:3d:c1:22:f8:68:65:bd:69:c6:a2:ee:
         6c:96:1c:da:bf:73:e9:b8:5d:d4:9d:7b:51:8b:5f:8e:8f:db:
         76:8b:cb:f9:4b:ef:d8:67:4a:a7:ae:6c:94:45:ef:12:f0:d6:
         fd:bc:5e:96:d3:27:dd:fa:ca:8a:31:24:79:ee:32:c2:ec:8c:
         18:88:73:cf:04:20:0f:2c:e4:80:17:4c:22:ea:9d:bb:a6:4a:
         56:cb:ee:6d:8e:b1:b6:7f:a6:2d:07:91:11:9f:75:a3:1e:6b:
         a0:62:b1:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtHlPYazWlCWP1UYm+aZVX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODM1NDk4ZjM1MTk5YTE1NzE5NjRkODU1YzM4Nzc3NTE2
ODFhYjkwHhcNMjMxMDE5MTA1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWRkMGIzZmVlYzJhYjU2NzZlODQyZjM5MGM0MjNiZTA4NzJjMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiULoKBS4uYVJYZDrXpkaLAj2Ug9
1kYM9YiUy16Mk5TCZXthaxah2XYwI3nFXFRRGPq/WjyvZ/nCrs3hgIYm16e7VpHm
f/t1aNaFfLuXAjkcQ4FvV6axdM+54C1AIGsI9+6bsreaiYgDDfOAc82BTZ+fg481
RjboB8oyeFzBXE1Nh4SvzhCjYnxWW5ZYL05uxGX4BO504bMUWLe/kVeTjNPLdvFT
HKQTPgBZUReiOr+8a9mT/h5OS/N8tXxz63vfL+dF6zw3YNzJX9BeI6E6U/gIJmR0
ovp/lmIY8uqvx/emutl53xGRSgJsZho8nJ1hnaA/ZXl1MrUX1O/4BPs0ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDHdCz/uwqtWduhC85DEI74IcsBDMB8GA1UdIwQY
MBaAFHyDVJjzUZmhVxlk2FXDh3dRaBq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMt
NGNlNDc3ZGJiNDA3LzEvTWQwTFAtN0NxMVoyNkVMemtNUWp2Z2h5d0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMtNGNlNDc3ZGJiNDA3
LzEvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW70oAwQC
uQMwMA0GCSqGSIb3DQEBCwUAA4IBAQBmUGtYDwcFruMxmX6lpJl0FuI1T8Ns5ptA
f0Ml3mWocgG+5mn8jesZKN64o2dSew8qJLxFWFgmRsxMIY29TpP8XsvW2JH5DOy+
Wrv2jhcWexhZASdmYjqDMmqXUOsioIVVpJLYeqTLT8jmKuz6rBVO9PGBvGWoShwq
8cEyWOTMbctYu3UYpIg++eZbj4wL/jDCPxNWRpXsPcEi+GhlvWnGou5slhzav3Pp
uF3UnXtRi1+Oj9t2i8v5S+/YZ0qnrmyURe8S8Nb9vF6W0yfd+sqKMSR57jLC7IwY
iHPPBCAPLOSAF0wi6p27pkpWy+5tjrG2f6YtB5ERn3WjHmugYrGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:38 2024 by rpki-client on console-fra.rpki-client.org