Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/MxtkSpPxcNO9FRJOCkIGoF8NVe4.roa
File:                     MxtkSpPxcNO9FRJOCkIGoF8NVe4.roa (raw, json)
Hash identifier:          sbbnlhHkF5Wz6dNTaG7mPlgYqwLPzgBCzrjrL50Ombs=
Subject key identifier:   33:1B:64:4A:93:F1:70:D3:BD:15:12:4E:0A:42:06:A0:5F:0D:55:EE
Certificate issuer:       /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial:       018CC2DB20B66303F4133A736A060E21E8D6
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/MxtkSpPxcNO9FRJOCkIGoF8NVe4.roa
Signing time:             Mon 01 Jan 2024 02:29:49 +0000
ROA not before:           Mon 01 Jan 2024 02:29:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208428
IP address blocks:        185.26.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 Jan 2024 04:44:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:20:b6:63:03:f4:13:3a:73:6a:06:0e:21:e8:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
        Validity
            Not Before: Jan  1 02:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=331b644a93f170d3bd15124e0a4206a05f0d55ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b5:47:2b:ca:24:8b:d9:73:88:78:8a:61:87:
                    3c:0f:e0:2d:ce:37:58:a0:be:5a:f7:2a:51:9d:35:
                    a1:1a:a2:ba:d4:b8:47:c7:61:21:bf:99:f7:0b:18:
                    3c:c1:90:c6:4d:11:f5:33:44:81:46:04:55:15:50:
                    fb:c5:45:3c:8c:4f:bc:6a:87:55:d2:af:78:13:6d:
                    e0:1c:08:e6:6b:6d:c7:d6:0b:0a:ba:ed:b3:0e:f5:
                    b2:c1:66:26:21:c7:f4:71:13:e4:30:6e:bb:30:d4:
                    f4:80:f9:1f:94:ee:31:3a:aa:61:0f:d0:ee:f9:92:
                    8d:9a:f3:9e:85:f9:42:cf:50:d5:7e:08:f8:ec:49:
                    66:3a:cb:70:0d:55:c7:dd:4b:6e:70:78:06:dc:c0:
                    4c:83:0f:31:04:b6:c7:fb:c7:4d:ac:49:98:a2:2b:
                    69:91:d0:d6:85:57:13:d4:e9:ca:b1:b3:74:de:48:
                    d0:5b:3a:62:6c:d9:b3:88:7e:9b:4e:fa:2e:a0:b4:
                    b5:20:28:e5:1a:6f:96:d4:88:67:26:2a:1d:fb:12:
                    bf:86:df:37:d4:3b:30:06:3b:7d:40:c4:36:68:28:
                    43:84:66:cf:fd:c8:68:d8:5c:96:4f:dd:43:04:91:
                    21:c8:a9:1a:5b:c9:4b:5d:83:a1:43:24:d1:f3:62:
                    3d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:1B:64:4A:93:F1:70:D3:BD:15:12:4E:0A:42:06:A0:5F:0D:55:EE
            X509v3 Authority Key Identifier:
                keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/MxtkSpPxcNO9FRJOCkIGoF8NVe4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.26.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:52:a6:dc:bf:f8:92:73:f6:e9:7b:f6:5b:58:e8:44:48:05:
         6e:2e:e7:81:b7:13:b1:02:10:ff:a8:eb:30:dd:e7:78:bb:18:
         4a:59:54:2a:28:a7:73:e7:97:d3:f2:b1:0d:aa:73:21:f4:e9:
         55:c8:65:2b:ca:2e:8e:38:c2:57:9b:d0:d8:91:9e:68:6f:a2:
         2a:0a:4b:db:b1:42:34:fa:e4:b7:1e:3a:55:7d:26:2f:2a:4c:
         cc:d6:2c:a8:22:46:e4:26:00:7a:37:59:9c:ed:71:56:ea:4c:
         31:eb:e7:95:bd:05:e2:37:e2:d7:86:35:77:1a:5d:47:0d:bf:
         64:62:43:c6:94:2f:8c:79:c1:1e:48:2a:00:a0:4f:c0:f5:7c:
         16:be:ed:52:35:59:a7:11:9d:77:e1:85:21:36:a2:68:32:c0:
         ae:f4:74:08:aa:c5:34:33:a3:65:79:84:30:a3:16:03:65:61:
         69:4f:50:a6:f5:96:a4:17:53:9e:2b:42:df:2e:02:5b:0a:98:
         18:5e:cc:9e:19:06:5a:7b:b2:d2:6a:2d:10:41:96:ec:54:54:
         01:b9:29:73:cc:64:c4:d5:60:86:24:d4:ae:94:bc:d5:5d:52:
         fe:58:9f:d4:7d:6c:38:38:24:dd:d8:20:38:33:75:92:81:9a:
         f6:73:76:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2yC2YwP0EzpzagYOIejWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFiNjQ0YTkzZjE3MGQzYmQxNTEyNGUwYTQyMDZhMDVmMGQ1NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7VHK8oki9lziHiKYYc8D+AtzjdY
oL5a9ypRnTWhGqK61LhHx2Ehv5n3Cxg8wZDGTRH1M0SBRgRVFVD7xUU8jE+8aodV
0q94E23gHAjma23H1gsKuu2zDvWywWYmIcf0cRPkMG67MNT0gPkflO4xOqphD9Du
+ZKNmvOehflCz1DVfgj47ElmOstwDVXH3UtucHgG3MBMgw8xBLbH+8dNrEmYoitp
kdDWhVcT1OnKsbN03kjQWzpibNmziH6bTvouoLS1ICjlGm+W1IhnJiod+xK/ht83
1DswBjt9QMQ2aChDhGbP/cho2FyWT91DBJEhyKkaW8lLXYOhQyTR82I9kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMbZEqT8XDTvRUSTgpCBqBfDVXuMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvTXh0a1NwUHhjTk85RlJKT0NrSUdvRjhOVmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRoZMA0G
CSqGSIb3DQEBCwUAA4IBAQAqUqbcv/iSc/bpe/ZbWOhESAVuLueBtxOxAhD/qOsw
3ed4uxhKWVQqKKdz55fT8rENqnMh9OlVyGUryi6OOMJXm9DYkZ5ob6IqCkvbsUI0
+uS3HjpVfSYvKkzM1iyoIkbkJgB6N1mc7XFW6kwx6+eVvQXiN+LXhjV3Gl1HDb9k
YkPGlC+MecEeSCoAoE/A9XwWvu1SNVmnEZ134YUhNqJoMsCu9HQIqsU0M6NleYQw
oxYDZWFpT1Cm9ZakF1OeK0LfLgJbCpgYXsyeGQZae7LSai0QQZbsVFQBuSlzzGTE
1WCGJNSulLzVXVL+WJ/UfWw4OCTd2CA4M3WSgZr2c3bb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:09 2024 by rpki-client on console-ams.rpki-client.org