Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/MCigX36HaJhV8BvU5z5Q_HB4J84.roa
File:                     MCigX36HaJhV8BvU5z5Q_HB4J84.roa (raw, json)
Hash identifier:          FKu5ZPpmnMjjiAghmU9pf98MT0AbH0zD+Pgocb2aUOg=
Subject key identifier:   30:28:A0:5F:7E:87:68:98:55:F0:1B:D4:E7:3E:50:FC:70:78:27:CE
Certificate issuer:       /CN=57e898bf420924f976b5ae451108b9e6a01fc7dc
Certificate serial:       0187ACFAAA18AD8F3F02325C07677205881B
Authority key identifier: 57:E8:98:BF:42:09:24:F9:76:B5:AE:45:11:08:B9:E6:A0:1F:C7:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V-iYv0IJJPl2ta5FEQi55qAfx9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/MCigX36HaJhV8BvU5z5Q_HB4J84.roa
Signing time:             Sun 23 Apr 2023 07:18:41 +0000
ROA not before:           Sun 23 Apr 2023 07:18:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207996
IP address blocks:        185.155.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ac:fa:aa:18:ad:8f:3f:02:32:5c:07:67:72:05:88:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57e898bf420924f976b5ae451108b9e6a01fc7dc
        Validity
            Not Before: Apr 23 07:18:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3028a05f7e87689855f01bd4e73e50fc707827ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:9a:1a:4f:30:c4:62:fb:1d:26:97:f3:b1:f3:
                    30:9c:d9:47:fa:73:42:a0:f1:aa:0b:19:29:84:6d:
                    47:90:9f:b3:04:46:51:1b:c9:80:46:34:6e:92:09:
                    d9:35:19:cd:21:16:a2:f6:21:f5:ba:8f:e2:91:68:
                    6a:11:fa:22:06:ca:85:a5:dd:b5:5c:c6:44:d0:e4:
                    4d:15:41:75:a1:27:95:de:ae:e3:5f:96:b1:3c:b2:
                    36:b8:2d:db:e2:9b:30:72:74:26:bf:c4:ec:07:96:
                    04:78:09:58:23:37:d1:e5:e9:38:84:3f:60:c7:fb:
                    6a:48:f1:0b:6f:63:b4:db:f6:66:39:ed:21:a8:c1:
                    97:cf:b8:d5:86:24:0a:4d:83:85:f3:a2:dc:09:e9:
                    90:b2:63:6d:62:a6:f3:47:91:3e:0b:e9:ed:d4:f0:
                    98:ad:f3:92:d6:e1:41:24:96:81:35:e1:1e:0f:3a:
                    f3:02:51:96:eb:f7:40:1a:e1:f9:5b:b2:1f:69:e2:
                    ae:ff:09:ce:f0:09:81:63:08:23:66:dc:db:41:00:
                    84:f9:c8:c1:43:1c:19:13:82:2c:a4:d3:21:68:9b:
                    1e:cd:cd:56:1b:2e:b8:8f:dd:fd:3b:d2:36:63:ba:
                    d5:27:a3:fb:31:c2:e0:db:6e:0a:17:08:42:17:93:
                    f1:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:28:A0:5F:7E:87:68:98:55:F0:1B:D4:E7:3E:50:FC:70:78:27:CE
            X509v3 Authority Key Identifier:
                keyid:57:E8:98:BF:42:09:24:F9:76:B5:AE:45:11:08:B9:E6:A0:1F:C7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-iYv0IJJPl2ta5FEQi55qAfx9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/MCigX36HaJhV8BvU5z5Q_HB4J84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/V-iYv0IJJPl2ta5FEQi55qAfx9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:d9:fa:2a:1a:5d:3e:f3:90:da:de:fc:9e:fa:79:1d:88:e9:
         8d:4c:94:9e:76:69:32:b3:b2:7e:80:ee:0e:77:5a:3b:fb:41:
         ac:6d:3a:2d:19:65:33:c6:91:f6:23:e6:c2:03:ad:10:a1:fb:
         bb:34:12:66:a7:04:d5:64:1b:a2:2f:dc:c3:e3:a4:02:a2:b1:
         5f:a6:a5:f3:f0:3d:b8:8c:b4:07:08:4c:c9:e9:36:a0:78:91:
         79:5a:a9:d3:00:bc:23:67:57:9c:16:f4:81:34:e8:c2:7c:f4:
         32:2a:3c:28:26:2f:8d:eb:9d:3c:ae:83:22:a7:65:0a:86:35:
         5e:19:5e:ad:a4:68:10:66:77:5c:ea:86:48:84:e5:b8:d6:40:
         9a:aa:de:0b:9d:22:c9:89:38:ea:0d:b8:e7:8e:39:1b:05:44:
         0b:f8:e9:db:8e:79:59:9d:76:1f:98:d2:2a:25:d3:67:9e:30:
         0b:b8:0e:3f:c9:4e:2b:64:d8:6e:f2:66:84:c2:99:82:6f:1a:
         a2:90:1a:91:43:e5:d2:88:44:b4:3d:e3:a0:74:16:27:25:66:
         bb:04:23:c5:53:d2:9d:e7:f1:81:77:11:26:29:59:52:e1:5a:
         69:1c:ac:eb:b7:b3:13:3f:49:f0:35:94:52:e0:8f:8d:b4:71:
         21:99:f4:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYes+qoYrY8/AjJcB2dyBYgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZTg5OGJmNDIwOTI0Zjk3NmI1YWU0NTExMDhiOWU2YTAx
ZmM3ZGMwHhcNMjMwNDIzMDcxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI4YTA1ZjdlODc2ODk4NTVmMDFiZDRlNzNlNTBmYzcwNzgyN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZoaTzDEYvsdJpfzsfMwnNlH+nNC
oPGqCxkphG1HkJ+zBEZRG8mARjRukgnZNRnNIRai9iH1uo/ikWhqEfoiBsqFpd21
XMZE0ORNFUF1oSeV3q7jX5axPLI2uC3b4pswcnQmv8TsB5YEeAlYIzfR5ek4hD9g
x/tqSPELb2O02/ZmOe0hqMGXz7jVhiQKTYOF86LcCemQsmNtYqbzR5E+C+nt1PCY
rfOS1uFBJJaBNeEeDzrzAlGW6/dAGuH5W7IfaeKu/wnO8AmBYwgjZtzbQQCE+cjB
QxwZE4IspNMhaJsezc1WGy64j939O9I2Y7rVJ6P7McLg224KFwhCF5PxjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAooF9+h2iYVfAb1Oc+UPxweCfOMB8GA1UdIwQY
MBaAFFfomL9CCST5drWuRREIueagH8fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVi1pWXYwSUpKUGwydGE1RkVRaTU1cUFmeDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jNTE0Y2QtNzk1NC00NGNlLWJkN2Yt
NzEzYjQxNjg4NzA2LzEvTUNpZ1gzNkhhSmhWOEJ2VTV6NVFfSEI0Sjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jNTE0Y2QtNzk1NC00NGNlLWJkN2YtNzEzYjQxNjg4NzA2
LzEvVi1pWXYwSUpKUGwydGE1RkVRaTU1cUFmeDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZsdMA0G
CSqGSIb3DQEBCwUAA4IBAQA12foqGl0+85Da3vye+nkdiOmNTJSedmkys7J+gO4O
d1o7+0GsbTotGWUzxpH2I+bCA60Qofu7NBJmpwTVZBuiL9zD46QCorFfpqXz8D24
jLQHCEzJ6TageJF5WqnTALwjZ1ecFvSBNOjCfPQyKjwoJi+N6508roMip2UKhjVe
GV6tpGgQZndc6oZIhOW41kCaqt4LnSLJiTjqDbjnjjkbBUQL+OnbjnlZnXYfmNIq
JdNnnjALuA4/yU4rZNhu8maEwpmCbxqikBqRQ+XSiES0PeOgdBYnJWa7BCPFU9Kd
5/GBdxEmKVlS4VppHKzrt7MTP0nwNZRS4I+NtHEhmfT+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:09 2024 by rpki-client on console-ams.rpki-client.org