Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/mpCLG-zkQ-geR3iS9XANQD2KO0k.roa
File:                     mpCLG-zkQ-geR3iS9XANQD2KO0k.roa (raw, json)
Hash identifier:          pQowx4jiI1LY83CdxvlONQ3NU+Gx+0/kRMaDGMCBmhE=
Subject key identifier:   9A:90:8B:1B:EC:E4:43:E8:1E:47:78:92:F5:70:0D:40:3D:8A:3B:49
Certificate issuer:       /CN=b7bd8eae1669deb3a3fa4186491e05cb32ce092a
Certificate serial:       01856D4ACC8BD876702963F180C37DB059CA
Authority key identifier: B7:BD:8E:AE:16:69:DE:B3:A3:FA:41:86:49:1E:05:CB:32:CE:09:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/mpCLG-zkQ-geR3iS9XANQD2KO0k.roa
Signing time:             Sun 01 Jan 2023 12:24:56 +0000
ROA not before:           Sun 01 Jan 2023 12:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205010
IP address blocks:        185.226.32.0/22 maxlen: 22
                          2a0c:2600::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:cc:8b:d8:76:70:29:63:f1:80:c3:7d:b0:59:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7bd8eae1669deb3a3fa4186491e05cb32ce092a
        Validity
            Not Before: Jan  1 12:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a908b1bece443e81e477892f5700d403d8a3b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:de:30:94:13:49:ab:b4:17:c9:79:ec:04:3d:
                    62:8b:e8:da:dd:9f:63:2a:56:b4:9f:a7:84:ba:3f:
                    06:ef:c5:6d:d7:77:1e:f9:fe:56:64:13:bf:7f:7c:
                    13:c1:89:4d:17:24:38:15:3a:e3:b3:74:4b:0a:c8:
                    25:b5:6e:8c:83:5e:c7:2b:34:62:75:9d:5e:62:84:
                    8b:b3:0a:e3:2f:6a:87:b5:8d:aa:55:c0:b9:78:07:
                    d7:72:69:b6:66:c6:6f:33:cb:44:af:6c:4b:4a:25:
                    15:58:46:4d:a1:00:ef:19:f8:1c:0a:d8:b5:84:bb:
                    94:e0:2c:30:17:2f:88:bd:7e:7c:84:86:8f:ed:0e:
                    4e:ec:bd:60:7f:10:3c:d4:ea:e0:46:f7:a2:75:ac:
                    4f:01:c8:52:95:72:fe:1d:da:37:ff:ec:f7:4d:5e:
                    4a:b0:e2:0e:07:a9:1a:ab:b1:7d:78:ec:a0:61:94:
                    a6:57:6d:55:35:95:9e:5a:4a:bc:be:d1:07:52:db:
                    31:1f:d8:df:a5:1e:a0:c0:1e:21:fd:c8:01:6c:88:
                    14:2b:e5:2e:83:30:ee:ee:5b:96:50:89:ad:95:db:
                    20:36:07:1c:14:ca:6a:6c:57:2d:ce:d3:25:2a:66:
                    14:10:79:e9:9f:91:6c:ad:9b:72:da:2b:cd:77:3d:
                    bc:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:90:8B:1B:EC:E4:43:E8:1E:47:78:92:F5:70:0D:40:3D:8A:3B:49
            X509v3 Authority Key Identifier:
                keyid:B7:BD:8E:AE:16:69:DE:B3:A3:FA:41:86:49:1E:05:CB:32:CE:09:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/mpCLG-zkQ-geR3iS9XANQD2KO0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.32.0/22
                IPv6:
                  2a0c:2600::/29

    Signature Algorithm: sha256WithRSAEncryption
         af:71:d2:c9:3c:ca:2f:5a:44:cb:64:6a:c4:02:57:09:8b:97:
         2c:24:23:b5:63:08:c9:bc:99:ef:77:f2:40:b4:1b:36:f5:42:
         c4:d8:8a:62:9b:55:c5:78:57:94:6f:01:6e:d5:9b:26:7b:b3:
         96:f4:30:00:af:06:84:e8:c2:22:96:b5:ec:d7:ae:6e:cc:b4:
         55:4a:76:74:cb:45:fe:e5:a2:87:67:50:61:e4:96:b9:ed:41:
         5e:0e:4c:78:84:ee:13:b4:11:26:fc:3f:aa:ea:95:92:e0:53:
         40:32:91:d0:a7:88:08:d0:58:2c:f7:46:ce:6e:03:a5:a7:76:
         32:56:9e:b0:7a:74:88:6c:9f:c4:2c:c5:af:bc:de:cc:eb:3a:
         a4:73:37:a7:ba:c0:e1:aa:20:d7:31:9c:57:51:59:a7:ad:46:
         e8:11:94:5c:06:7a:f5:f1:af:83:a8:af:e2:6f:14:25:ab:9d:
         33:4e:1b:84:59:ed:a4:87:bd:73:66:b8:6c:0c:d7:18:43:aa:
         0f:8a:4a:ac:01:52:e1:30:57:fa:e6:45:94:48:b2:8c:8e:8c:
         59:4a:ea:dc:a8:7a:7a:2b:2a:a7:b0:61:6d:e4:60:a0:32:04:
         dd:09:a4:fe:05:74:37:84:25:59:9d:cc:2b:21:6b:fe:86:3a:
         82:af:fa:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtSsyL2HZwKWPxgMN9sFnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YmQ4ZWFlMTY2OWRlYjNhM2ZhNDE4NjQ5MWUwNWNiMzJj
ZTA5MmEwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkwOGIxYmVjZTQ0M2U4MWU0Nzc4OTJmNTcwMGQ0MDNkOGEzYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN4wlBNJq7QXyXnsBD1ii+ja3Z9j
Kla0n6eEuj8G78Vt13ce+f5WZBO/f3wTwYlNFyQ4FTrjs3RLCsgltW6Mg17HKzRi
dZ1eYoSLswrjL2qHtY2qVcC5eAfXcmm2ZsZvM8tEr2xLSiUVWEZNoQDvGfgcCti1
hLuU4CwwFy+IvX58hIaP7Q5O7L1gfxA81OrgRveidaxPAchSlXL+Hdo3/+z3TV5K
sOIOB6kaq7F9eOygYZSmV21VNZWeWkq8vtEHUtsxH9jfpR6gwB4h/cgBbIgUK+Uu
gzDu7luWUImtldsgNgccFMpqbFctztMlKmYUEHnpn5FsrZty2ivNdz28GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJqQixvs5EPoHkd4kvVwDUA9ijtJMB8GA1UdIwQY
MBaAFLe9jq4Wad6zo/pBhkkeBcsyzgkqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMGJkYmQtODAxYy00YjBiLTlmYmUt
YWUxNWQ1MDc1OTBlLzEvbXBDTEctemtRLWdlUjNpUzlYQU5RRDJLTzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iMGJkYmQtODAxYy00YjBiLTlmYmUtYWUxNWQ1MDc1OTBl
LzEvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueIgMA0E
AgACMAcDBQMqDCYAMA0GCSqGSIb3DQEBCwUAA4IBAQCvcdLJPMovWkTLZGrEAlcJ
i5csJCO1YwjJvJnvd/JAtBs29ULE2Ipim1XFeFeUbwFu1Zsme7OW9DAArwaE6MIi
lrXs165uzLRVSnZ0y0X+5aKHZ1Bh5Ja57UFeDkx4hO4TtBEm/D+q6pWS4FNAMpHQ
p4gI0Fgs90bObgOlp3YyVp6wenSIbJ/ELMWvvN7M6zqkczenusDhqiDXMZxXUVmn
rUboEZRcBnr18a+DqK/ibxQlq50zThuEWe2kh71zZrhsDNcYQ6oPikqsAVLhMFf6
5kWUSLKMjoxZSurcqHp6KyqnsGFt5GCgMgTdCaT+BXQ3hCVZncwrIWv+hjqCr/rt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:05 2024 by rpki-client on console-fra.rpki-client.org