Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/MUG1PIg8bxhXFe-8z1hv0uZdgLo.roa
File:                     MUG1PIg8bxhXFe-8z1hv0uZdgLo.roa (raw, json)
Hash identifier:          UtJKRYTrNKyXqkM2/aXTzU2WQYRMlSylAXlCKZE6nR8=
Subject key identifier:   31:41:B5:3C:88:3C:6F:18:57:15:EF:BC:CF:58:6F:D2:E6:5D:80:BA
Certificate issuer:       /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial:       01899C35026945563A969664B399F67E37C1
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/MUG1PIg8bxhXFe-8z1hv0uZdgLo.roa
Signing time:             Fri 28 Jul 2023 11:14:26 +0000
ROA not before:           Fri 28 Jul 2023 11:14:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        85.254.64.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:9c:35:02:69:45:56:3a:96:96:64:b3:99:f6:7e:37:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
        Validity
            Not Before: Jul 28 11:14:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3141b53c883c6f185715efbccf586fd2e65d80ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:38:8b:4c:7c:a6:1d:f3:bd:4a:90:63:c6:00:
                    95:a3:93:15:77:4c:ab:bb:28:d4:3e:88:51:df:ce:
                    b6:60:96:07:cd:ba:36:5e:33:2d:ae:e2:ff:50:9a:
                    b1:30:e1:d5:32:90:98:16:a9:4a:43:e8:d2:e0:2d:
                    b5:cd:83:54:58:c7:c3:77:f6:39:91:8c:40:e1:de:
                    a6:3f:a4:54:1a:d8:9c:23:b0:6e:aa:6b:f2:53:d5:
                    09:16:fe:95:ac:ee:f1:fc:e9:70:2d:ee:2b:2a:12:
                    b2:f5:1f:4f:38:3e:20:8b:57:38:4b:14:7a:9e:92:
                    10:f6:42:48:2d:e9:8a:9e:a0:f7:4b:94:cc:a0:94:
                    46:d9:2f:98:41:f3:21:aa:78:07:57:55:a6:ef:93:
                    f1:71:7a:35:ec:ca:d5:b1:2e:f5:4c:bb:03:66:d2:
                    f6:05:6d:08:15:6c:42:23:4f:9f:e6:aa:ad:38:07:
                    30:38:55:81:1e:5b:a7:a9:e4:77:98:80:9f:48:6f:
                    63:15:c4:0d:84:53:6a:65:ce:81:16:58:ed:bc:1d:
                    59:66:0f:14:c5:a5:9c:35:e8:0b:80:01:e4:32:93:
                    28:94:64:10:63:51:33:eb:b7:22:4d:4c:6c:44:6d:
                    b7:1f:5c:06:e2:bd:de:1e:a3:6b:3f:c6:ea:a1:a8:
                    98:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:41:B5:3C:88:3C:6F:18:57:15:EF:BC:CF:58:6F:D2:E6:5D:80:BA
            X509v3 Authority Key Identifier:
                keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/MUG1PIg8bxhXFe-8z1hv0uZdgLo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.254.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:06:d0:34:bc:ba:74:d4:f6:ff:94:83:22:fe:7d:9b:a7:e3:
         7f:88:6a:f1:a3:74:e9:5e:5a:ef:c5:ce:96:6e:14:72:2e:93:
         5d:3d:1e:21:ed:09:bd:9b:08:67:68:1b:cd:06:7c:48:8f:1f:
         f0:df:fc:10:71:8e:2b:e3:c3:e2:f1:11:3c:00:1d:a7:49:12:
         c3:19:ae:48:26:24:f4:1f:9d:1d:c9:a7:91:32:91:07:7a:4b:
         47:0a:2d:0b:1f:4f:7d:12:5c:1b:f2:47:08:f5:c4:fa:50:d4:
         20:93:85:c0:6c:04:e9:8e:14:eb:a8:52:32:87:ab:fc:7b:c8:
         96:0f:eb:32:0d:b2:fa:68:46:95:b2:84:66:a3:2b:6d:7d:6b:
         0f:ed:1f:81:b6:65:48:bf:2a:ca:0a:ab:3d:e4:4c:8a:42:18:
         36:a9:5f:7d:1d:be:cc:cd:08:8d:96:89:c4:4d:80:d4:ba:6b:
         2a:e2:e6:3d:9f:58:f7:52:17:96:3b:b4:ca:66:c4:75:44:1e:
         3c:c6:b4:63:7d:ae:d1:f4:96:1a:4e:45:b4:c3:9a:ab:c3:88:
         55:59:88:c3:b6:77:85:5b:9b:53:e6:e4:16:c6:3b:fc:66:16:
         41:de:0e:b7:57:04:7c:68:9f:72:0c:dc:a9:49:0e:95:0a:84:
         c8:22:3b:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmcNQJpRVY6lpZks5n2fjfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwNzI4MTExNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQxYjUzYzg4M2M2ZjE4NTcxNWVmYmNjZjU4NmZkMmU2NWQ4MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTiLTHymHfO9SpBjxgCVo5MVd0yr
uyjUPohR3862YJYHzbo2XjMtruL/UJqxMOHVMpCYFqlKQ+jS4C21zYNUWMfDd/Y5
kYxA4d6mP6RUGticI7BuqmvyU9UJFv6VrO7x/OlwLe4rKhKy9R9POD4gi1c4SxR6
npIQ9kJILemKnqD3S5TMoJRG2S+YQfMhqngHV1Wm75PxcXo17MrVsS71TLsDZtL2
BW0IFWxCI0+f5qqtOAcwOFWBHlunqeR3mICfSG9jFcQNhFNqZc6BFljtvB1ZZg8U
xaWcNegLgAHkMpMolGQQY1Ez67ciTUxsRG23H1wG4r3eHqNrP8bqoaiYHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFBtTyIPG8YVxXvvM9Yb9LmXYC6MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTVVHMVBJZzhieGhYRmUtOHoxaHYwdVpkZ0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVf5AMA0G
CSqGSIb3DQEBCwUAA4IBAQBWBtA0vLp01Pb/lIMi/n2bp+N/iGrxo3TpXlrvxc6W
bhRyLpNdPR4h7Qm9mwhnaBvNBnxIjx/w3/wQcY4r48Pi8RE8AB2nSRLDGa5IJiT0
H50dyaeRMpEHektHCi0LH099Elwb8kcI9cT6UNQgk4XAbATpjhTrqFIyh6v8e8iW
D+syDbL6aEaVsoRmoyttfWsP7R+BtmVIvyrKCqs95EyKQhg2qV99Hb7MzQiNlonE
TYDUumsq4uY9n1j3UheWO7TKZsR1RB48xrRjfa7R9JYaTkW0w5qrw4hVWYjDtneF
W5tT5uQWxjv8ZhZB3g63VwR8aJ9yDNypSQ6VCoTIIjuM
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org