Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mhGaOHKvvTzJLmRsxgWJH3HfXvk.roa
File:                     mhGaOHKvvTzJLmRsxgWJH3HfXvk.roa (raw, json)
Hash identifier:          XkgjSvM8ZItTdENWZ4IJSWb8IWFvDRNqr40zRwQUeic=
Subject key identifier:   9A:11:9A:38:72:AF:BD:3C:C9:2E:64:6C:C6:05:89:1F:71:DF:5E:F9
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018D8E2B04300B6D1507838DF17C4DCA659E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mhGaOHKvvTzJLmRsxgWJH3HfXvk.roa
Signing time:             Fri 09 Feb 2024 14:00:00 +0000
ROA not before:           Fri 09 Feb 2024 14:00:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198831
IP address blocks:        163.5.59.0/24 maxlen: 24
                          185.253.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 16:13:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8e:2b:04:30:0b:6d:15:07:83:8d:f1:7c:4d:ca:65:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb  9 14:00:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a119a3872afbd3cc92e646cc605891f71df5ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:84:a7:ad:ad:37:17:0b:cc:a6:9a:4a:33:5b:
                    01:6a:30:aa:70:3e:f0:1b:0b:cb:16:66:71:ab:30:
                    78:4c:e5:92:83:42:be:ee:d3:17:35:7a:36:a9:00:
                    c8:44:a8:e5:4e:f0:0b:7c:fe:5e:44:85:c9:93:53:
                    a8:a3:f1:f8:01:af:d9:2b:7d:0c:2a:62:2e:68:cd:
                    14:c0:f4:b5:4c:ff:b6:52:fc:72:72:8e:ba:32:1d:
                    bb:f9:c7:0b:f8:79:43:7d:0f:1d:91:3a:16:48:be:
                    41:4e:bc:cc:c7:2f:fe:f2:18:b7:43:24:02:04:db:
                    4c:3b:d5:bb:03:22:f5:56:b7:72:a3:a3:52:d8:fa:
                    a9:14:c2:c5:d3:3d:39:81:65:42:78:7e:e5:bb:16:
                    e9:96:1b:5c:5a:7f:50:2e:9f:f6:0b:a3:67:db:5f:
                    df:0b:56:1e:37:0a:31:f1:f9:8e:ec:1f:48:fb:f7:
                    42:73:44:ad:0c:9e:80:fb:b5:07:88:fa:d6:b9:5c:
                    d7:13:e6:d8:43:e7:01:74:0d:52:31:5a:3f:34:a2:
                    16:c8:81:58:60:57:9a:c2:35:f4:65:04:ac:66:cf:
                    a6:a8:b5:13:a9:f0:2e:35:28:1b:32:08:08:23:25:
                    e1:fd:2c:55:ab:27:16:eb:ca:cd:40:9c:61:60:85:
                    64:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:11:9A:38:72:AF:BD:3C:C9:2E:64:6C:C6:05:89:1F:71:DF:5E:F9
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mhGaOHKvvTzJLmRsxgWJH3HfXvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.59.0/24
                  185.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:b7:b3:41:85:cc:a4:03:91:ea:38:21:d8:7d:98:92:05:b4:
         98:20:c5:5e:70:10:09:71:b3:4d:33:08:1b:0f:38:d5:7d:82:
         ed:68:72:ba:a5:55:21:96:81:9a:db:c2:61:45:9e:c4:a0:fa:
         b1:e6:98:ef:28:a6:eb:93:af:84:69:3c:6c:13:d4:63:92:ef:
         31:c3:02:2e:1d:a2:27:1e:92:ad:46:4e:6c:cc:6a:5a:46:40:
         13:92:49:48:d8:99:e2:62:81:08:2f:76:92:74:b4:ca:96:54:
         4f:ca:ff:1f:b7:b4:97:fb:ed:e6:57:8d:17:c7:d6:65:d1:d9:
         ec:2c:09:e9:5d:58:ff:2e:fe:a8:44:02:11:49:b7:c8:8d:b1:
         35:72:74:b2:0e:31:66:1a:22:7b:bd:b0:6b:ea:8a:c1:2f:c0:
         3a:03:1f:a8:bf:df:ef:df:2b:35:03:ba:b1:1b:de:6d:8b:f0:
         15:8a:d3:53:9f:29:5a:dd:06:d0:85:91:5f:27:66:d9:3b:21:
         c5:34:fb:73:d6:ee:56:7f:63:9a:2b:81:38:5f:17:01:f8:19:
         a5:fc:92:e7:1e:c5:bf:23:6d:d1:4b:a2:26:b6:80:93:a9:0f:
         45:30:a2:8f:7e:1d:e1:24:92:03:4c:bc:a6:5d:12:c5:00:71:
         ef:11:cd:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2OKwQwC20VB4ON8XxNymWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjA5MTQwMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTExOWEzODcyYWZiZDNjYzkyZTY0NmNjNjA1ODkxZjcxZGY1ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroSnra03FwvMpppKM1sBajCqcD7w
GwvLFmZxqzB4TOWSg0K+7tMXNXo2qQDIRKjlTvALfP5eRIXJk1Ooo/H4Aa/ZK30M
KmIuaM0UwPS1TP+2Uvxyco66Mh27+ccL+HlDfQ8dkToWSL5BTrzMxy/+8hi3QyQC
BNtMO9W7AyL1Vrdyo6NS2PqpFMLF0z05gWVCeH7luxbplhtcWn9QLp/2C6Nn21/f
C1YeNwox8fmO7B9I+/dCc0StDJ6A+7UHiPrWuVzXE+bYQ+cBdA1SMVo/NKIWyIFY
YFeawjX0ZQSsZs+mqLUTqfAuNSgbMggIIyXh/SxVqycW68rNQJxhYIVk8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJoRmjhyr708yS5kbMYFiR9x3175MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbWhHYU9IS3Z2VHpKTG1Sc3hnV0pIM0hmWHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowU7AwQA
uf02MA0GCSqGSIb3DQEBCwUAA4IBAQCQt7NBhcykA5HqOCHYfZiSBbSYIMVecBAJ
cbNNMwgbDzjVfYLtaHK6pVUhloGa28JhRZ7EoPqx5pjvKKbrk6+EaTxsE9Rjku8x
wwIuHaInHpKtRk5szGpaRkATkklI2JniYoEIL3aSdLTKllRPyv8ft7SX++3mV40X
x9Zl0dnsLAnpXVj/Lv6oRAIRSbfIjbE1cnSyDjFmGiJ7vbBr6orBL8A6Ax+ov9/v
3ys1A7qxG95ti/AVitNTnyla3QbQhZFfJ2bZOyHFNPtz1u5Wf2OaK4E4XxcB+Bml
/JLnHsW/I23RS6ImtoCTqQ9FMKKPfh3hJJIDTLymXRLFAHHvEc3K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org