Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/mub0ek9g4A9-NzfMRHQQDXmpAbk.roa
File:                     mub0ek9g4A9-NzfMRHQQDXmpAbk.roa (raw, json)
Hash identifier:          GiUSDkinnKuOrc6Ii2OztFeeMhoL+7+luIml+0D5464=
Subject key identifier:   9A:E6:F4:7A:4F:60:E0:0F:7E:37:37:CC:44:74:10:0D:79:A9:01:B9
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185739012F80459190A326B4752BF920B02
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/mub0ek9g4A9-NzfMRHQQDXmpAbk.roa
Signing time:             Mon 02 Jan 2023 17:38:19 +0000
ROA not before:           Mon 02 Jan 2023 17:38:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212653
IP address blocks:        193.34.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 May 2023 15:05:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:12:f8:04:59:19:0a:32:6b:47:52:bf:92:0b:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ae6f47a4f60e00f7e3737cc4474100d79a901b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:3a:ea:bb:cb:8a:b9:89:fc:19:d9:71:2c:e4:
                    fa:f6:66:69:e0:4e:b6:0a:80:04:37:f3:61:b5:1b:
                    fa:36:dc:fd:30:fd:0f:e1:b9:03:03:68:bd:32:42:
                    6c:fc:e1:38:8a:31:9a:da:01:2c:da:3f:a6:45:c9:
                    89:88:f0:8b:70:64:ab:05:49:71:a1:ad:e1:be:48:
                    e0:d5:8b:01:56:e2:b0:28:d0:20:37:36:39:a4:91:
                    bc:3b:7e:93:76:e6:d1:5f:32:be:89:5b:37:b2:36:
                    8b:bf:3e:28:e6:28:89:d5:2e:64:76:68:79:64:35:
                    12:70:56:72:fc:82:e5:5e:c7:16:1f:63:87:cc:93:
                    2f:41:c6:6e:99:d6:8b:ff:0d:67:97:a8:da:b7:c8:
                    b7:65:4b:6b:21:c7:3d:3a:17:9b:dc:e1:ff:18:4d:
                    cc:da:0a:d3:00:48:f9:91:5e:e0:38:bd:dd:fc:9c:
                    0c:ae:c1:8c:e4:4a:b1:b6:c6:b2:e4:44:e3:24:4b:
                    8d:1f:86:8a:7a:cd:36:a1:43:76:18:b0:60:ad:79:
                    ca:fa:4c:f6:b4:8d:1a:f6:31:fe:0c:cb:b4:d1:e7:
                    3c:1e:69:70:94:08:18:67:24:04:aa:b6:b2:f7:0d:
                    8d:a6:81:51:9f:15:e4:14:dd:f5:12:f0:2e:07:8b:
                    fb:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:E6:F4:7A:4F:60:E0:0F:7E:37:37:CC:44:74:10:0D:79:A9:01:B9
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/mub0ek9g4A9-NzfMRHQQDXmpAbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.34.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d8:1f:f7:d4:f7:c2:97:f3:4e:09:95:15:60:5f:88:c1:bc:35:
         e3:e4:e6:eb:0f:43:20:85:95:21:77:90:1a:da:8c:15:96:fc:
         ec:11:82:ae:1f:1e:81:03:24:69:2e:74:c6:f6:f8:23:47:ce:
         1d:4c:79:86:36:5d:d3:37:99:85:96:b9:9b:0d:e7:14:29:91:
         41:ed:00:b1:e0:fe:96:20:1e:43:b3:d7:15:d6:2f:31:c7:76:
         79:8d:5f:b0:2a:4b:e0:ea:c5:1b:80:72:f4:91:72:f9:f2:a6:
         2c:4a:fb:5d:69:59:4f:8c:e0:a6:11:ff:fe:ae:b2:98:8d:d2:
         90:02:e0:19:ba:c1:b3:e0:32:f4:a0:35:13:4e:9d:7d:85:ad:
         cf:63:7f:f9:cc:c3:49:50:0b:34:60:a5:30:a3:c2:59:c6:fb:
         7e:e1:73:51:a9:e8:38:c0:ca:05:61:1b:6a:02:73:d8:6d:cd:
         e0:be:08:d8:92:1e:98:69:a7:61:ff:99:26:1f:c3:34:be:3b:
         b3:ac:0d:af:a7:bb:91:af:e2:5a:a0:ab:d8:4f:ba:ed:e9:44:
         8f:82:91:9e:68:47:f6:a6:f9:3b:42:95:10:24:1c:88:b5:9c:
         ad:46:12:30:56:cb:2d:ea:10:3e:1a:c8:2f:c6:dd:1c:e4:d2:
         db:b5:cf:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzkBL4BFkZCjJrR1K/kgsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU2ZjQ3YTRmNjBlMDBmN2UzNzM3Y2M0NDc0MTAwZDc5YTkwMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzrqu8uKuYn8GdlxLOT69mZp4E62
CoAEN/NhtRv6Ntz9MP0P4bkDA2i9MkJs/OE4ijGa2gEs2j+mRcmJiPCLcGSrBUlx
oa3hvkjg1YsBVuKwKNAgNzY5pJG8O36TdubRXzK+iVs3sjaLvz4o5iiJ1S5kdmh5
ZDUScFZy/ILlXscWH2OHzJMvQcZumdaL/w1nl6jat8i3ZUtrIcc9Oheb3OH/GE3M
2grTAEj5kV7gOL3d/JwMrsGM5Eqxtsay5ETjJEuNH4aKes02oUN2GLBgrXnK+kz2
tI0a9jH+DMu00ec8HmlwlAgYZyQEqray9w2NpoFRnxXkFN31EvAuB4v7LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrm9HpPYOAPfjc3zER0EA15qQG5MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbXViMGVrOWc0QTktTnpmTVJIUVFEWG1wQWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSJPMA0G
CSqGSIb3DQEBCwUAA4IBAQDYH/fU98KX804JlRVgX4jBvDXj5ObrD0MghZUhd5Aa
2owVlvzsEYKuHx6BAyRpLnTG9vgjR84dTHmGNl3TN5mFlrmbDecUKZFB7QCx4P6W
IB5Ds9cV1i8xx3Z5jV+wKkvg6sUbgHL0kXL58qYsSvtdaVlPjOCmEf/+rrKYjdKQ
AuAZusGz4DL0oDUTTp19ha3PY3/5zMNJUAs0YKUwo8JZxvt+4XNRqeg4wMoFYRtq
AnPYbc3gvgjYkh6Yaadh/5kmH8M0vjuzrA2vp7uRr+JaoKvYT7rt6USPgpGeaEf2
pvk7QpUQJByItZytRhIwVsst6hA+Gsgvxt0c5NLbtc/w
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org