Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/MQm85roQkiZbWwQn9mi-o5HTw3o.roa
File:                     MQm85roQkiZbWwQn9mi-o5HTw3o.roa (raw, json)
Hash identifier:          ZFAj/GOVCnzUo1s0v5zh9OgCPw1uvwz6vordkI4ARAk=
Subject key identifier:   31:09:BC:E6:BA:10:92:26:5B:5B:04:27:F6:68:BE:A3:91:D3:C3:7A
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       018C3F38A4AB6611D5B126E4804E7C95305F
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/MQm85roQkiZbWwQn9mi-o5HTw3o.roa
Signing time:             Wed 06 Dec 2023 13:02:05 +0000
ROA not before:           Wed 06 Dec 2023 13:02:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5650
IP address blocks:        45.157.72.0/23 maxlen: 23
                          92.119.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3f:38:a4:ab:66:11:d5:b1:26:e4:80:4e:7c:95:30:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Dec  6 13:02:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3109bce6ba1092265b5b0427f668bea391d3c37a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:dc:44:c8:cd:68:df:69:17:b9:0c:be:30:2b:
                    87:89:65:62:6e:68:93:06:43:23:15:f7:20:d2:1e:
                    f0:a4:e4:f1:ba:73:de:53:30:ca:d7:42:2f:ba:a8:
                    27:05:a6:7b:b0:8a:f5:2e:02:29:7b:76:9a:21:b5:
                    b0:e7:36:f0:c8:43:8f:3e:71:04:b3:4d:12:dd:22:
                    0d:81:3e:0d:71:06:0c:91:79:af:cf:99:27:54:8b:
                    13:2b:e9:5a:25:72:90:d2:40:c9:6e:a3:34:d4:40:
                    ca:b8:11:c7:d0:7f:3e:e3:1d:ae:78:25:51:88:23:
                    02:11:c8:b5:1f:2d:c1:d2:c9:e9:87:4e:9e:72:e3:
                    35:a1:48:a7:47:35:17:13:b9:e0:2d:a5:2c:7f:c9:
                    dd:6e:d7:60:5e:f4:1d:46:03:25:0c:b2:e3:ae:60:
                    c4:d0:46:a0:98:9c:86:66:45:a1:c5:02:3d:37:86:
                    ad:51:4c:f7:02:c9:54:3d:c4:10:d8:fa:22:c6:23:
                    0d:d5:0c:ba:86:87:62:44:5c:63:57:72:5c:b6:bd:
                    ad:10:fb:f5:f9:62:31:bf:fb:2f:2f:26:52:9e:1a:
                    22:1c:bd:ba:5c:8d:82:9e:b7:63:93:f5:05:d0:84:
                    13:1e:cc:d7:45:29:6c:51:b5:9e:66:f7:8d:e0:e0:
                    39:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:09:BC:E6:BA:10:92:26:5B:5B:04:27:F6:68:BE:A3:91:D3:C3:7A
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/MQm85roQkiZbWwQn9mi-o5HTw3o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.72.0/23
                  92.119.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:5a:96:61:3a:a8:11:3f:7d:85:4f:6c:0b:39:5e:3e:11:9b:
         75:33:95:4f:8d:ad:0c:5a:0e:65:55:68:20:e2:3e:51:ba:54:
         09:6c:af:b9:fd:be:28:fb:03:36:f1:62:e4:b4:90:41:76:3b:
         d7:1d:7b:9a:df:83:bc:43:f6:16:1a:d9:d4:f3:d4:c5:6b:8d:
         cd:12:9d:40:9c:0c:14:64:9e:47:f8:3c:a7:39:79:12:27:2d:
         72:8a:41:99:0e:7f:58:56:42:3d:d8:3e:89:2c:8e:02:ba:23:
         64:84:91:70:a2:09:6a:c4:58:00:68:5c:ab:78:37:31:fa:e2:
         b6:05:16:05:46:87:10:9d:37:f4:a8:fc:0f:61:62:38:3c:42:
         cd:9f:d0:35:56:66:a2:30:c8:52:65:9d:f5:d6:73:d7:be:e2:
         cc:31:a1:c8:91:3a:56:f4:51:85:f4:60:53:2b:97:e4:de:81:
         9a:cc:39:5d:4e:e5:71:1b:b0:25:5b:70:34:26:1e:d9:d1:45:
         63:46:f8:fb:d6:43:97:96:87:8b:76:0b:fe:41:30:f1:84:e2:
         87:e8:07:a7:cd:c1:a6:27:5a:73:5a:1e:41:40:f4:e7:22:e3:
         71:a1:aa:3c:5d:9a:c6:ab:e0:9b:58:9e:1f:f3:16:6c:7b:48:
         98:6e:18:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw/OKSrZhHVsSbkgE58lTBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMxMjA2MTMwMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA5YmNlNmJhMTA5MjI2NWI1YjA0MjdmNjY4YmVhMzkxZDNjMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9xEyM1o32kXuQy+MCuHiWVibmiT
BkMjFfcg0h7wpOTxunPeUzDK10IvuqgnBaZ7sIr1LgIpe3aaIbWw5zbwyEOPPnEE
s00S3SINgT4NcQYMkXmvz5knVIsTK+laJXKQ0kDJbqM01EDKuBHH0H8+4x2ueCVR
iCMCEci1Hy3B0snph06ecuM1oUinRzUXE7ngLaUsf8ndbtdgXvQdRgMlDLLjrmDE
0EagmJyGZkWhxQI9N4atUUz3AslUPcQQ2PoixiMN1Qy6hodiRFxjV3Jctr2tEPv1
+WIxv/svLyZSnhoiHL26XI2Cnrdjk/UF0IQTHszXRSlsUbWeZveN4OA53QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDEJvOa6EJImW1sEJ/ZovqOR08N6MB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvTVFtODVyb1FraVpiV3dRbjltaS1vNUhUdzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZ1IAwQA
XHe3MA0GCSqGSIb3DQEBCwUAA4IBAQCMWpZhOqgRP32FT2wLOV4+EZt1M5VPja0M
Wg5lVWgg4j5RulQJbK+5/b4o+wM28WLktJBBdjvXHXua34O8Q/YWGtnU89TFa43N
Ep1AnAwUZJ5H+DynOXkSJy1yikGZDn9YVkI92D6JLI4CuiNkhJFwoglqxFgAaFyr
eDcx+uK2BRYFRocQnTf0qPwPYWI4PELNn9A1VmaiMMhSZZ311nPXvuLMMaHIkTpW
9FGF9GBTK5fk3oGazDldTuVxG7AlW3A0Jh7Z0UVjRvj71kOXloeLdgv+QTDxhOKH
6AenzcGmJ1pzWh5BQPTnIuNxoao8XZrGq+CbWJ4f8xZse0iYbhih
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:54 2024 by rpki-client on console-fra.rpki-client.org