Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/MEgsHYG0zVDiHwvGaP6tdtQ9cV4.roa
File:                     MEgsHYG0zVDiHwvGaP6tdtQ9cV4.roa (raw, json)
Hash identifier:          7nbW1OTim8VLNat9yUN/molX6T4mvcgci9Knrof2brU=
Subject key identifier:   30:48:2C:1D:81:B4:CD:50:E2:1F:0B:C6:68:FE:AD:76:D4:3D:71:5E
Certificate issuer:       /CN=27802685da734b157a2db9ccff76dd4e48911928
Certificate serial:       01856B6EAFAC9E30050C2E7DFFD196B8493E
Authority key identifier: 27:80:26:85:DA:73:4B:15:7A:2D:B9:CC:FF:76:DD:4E:48:91:19:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J4AmhdpzSxV6LbnM_3bdTkiRGSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/MEgsHYG0zVDiHwvGaP6tdtQ9cV4.roa
Signing time:             Sun 01 Jan 2023 03:44:54 +0000
ROA not before:           Sun 01 Jan 2023 03:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51002
IP address blocks:        193.243.168.0/22 maxlen: 22
                          176.123.208.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:6e:af:ac:9e:30:05:0c:2e:7d:ff:d1:96:b8:49:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27802685da734b157a2db9ccff76dd4e48911928
        Validity
            Not Before: Jan  1 03:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30482c1d81b4cd50e21f0bc668fead76d43d715e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:86:7d:1a:55:fd:d0:33:78:47:2d:d6:45:58:
                    2f:cb:0f:84:f2:82:96:02:3e:f0:ff:44:17:c2:ae:
                    40:66:4d:d3:b3:a0:5e:d5:29:b8:4e:13:e0:2a:60:
                    14:8b:ba:59:81:19:04:65:54:49:82:ca:34:4b:ea:
                    dc:00:20:7a:09:33:4e:a7:1b:5b:a8:ef:fb:fd:79:
                    28:63:ad:5b:56:25:f6:30:e9:b5:99:5c:29:ad:c9:
                    4b:22:8d:d8:5c:c5:21:ee:c9:79:7e:a5:a2:81:40:
                    aa:ec:08:35:43:31:1c:85:56:d4:59:05:eb:6f:c5:
                    71:17:52:70:5c:2d:78:52:61:bf:58:03:cd:fd:ad:
                    f5:4a:dc:a1:60:9d:d4:cc:ff:ca:11:e8:21:f6:60:
                    3e:0e:67:d4:ea:0e:c3:28:46:86:3d:18:f1:87:42:
                    bd:99:56:f0:1b:54:55:ad:a6:0a:b3:21:ff:db:3b:
                    68:3d:c3:94:4c:0b:86:1d:49:ae:9b:2d:34:52:a5:
                    f5:b0:12:42:b0:c2:c8:ff:2a:a0:78:c7:ef:db:fc:
                    6e:37:f4:07:83:46:d3:1b:50:ac:93:9f:c0:81:08:
                    43:24:be:ef:4f:a4:e0:5c:e7:a1:5e:e9:0d:bd:d8:
                    3c:62:20:b0:81:ce:c3:b6:a4:40:35:62:81:e9:00:
                    fa:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:48:2C:1D:81:B4:CD:50:E2:1F:0B:C6:68:FE:AD:76:D4:3D:71:5E
            X509v3 Authority Key Identifier:
                keyid:27:80:26:85:DA:73:4B:15:7A:2D:B9:CC:FF:76:DD:4E:48:91:19:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4AmhdpzSxV6LbnM_3bdTkiRGSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/MEgsHYG0zVDiHwvGaP6tdtQ9cV4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/J4AmhdpzSxV6LbnM_3bdTkiRGSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.123.208.0/21
                  193.243.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:24:03:27:ad:45:0f:18:e2:90:6f:e3:d6:82:c9:1c:0c:c4:
         d6:62:2a:9f:85:30:43:52:5c:63:a5:c4:36:ff:1e:e2:ee:7f:
         15:8e:0e:a4:17:e0:46:b8:d9:22:0d:e3:55:69:ef:bf:22:37:
         b3:45:a7:18:e3:bf:0a:d2:91:c6:a9:10:4c:ce:3b:20:23:23:
         ed:b3:70:69:12:8a:e5:bd:5f:0b:55:74:39:40:0f:71:df:2a:
         02:fc:57:d2:48:56:e3:8d:91:49:fb:74:f7:c3:be:f2:65:51:
         c6:ac:20:8f:2f:94:42:66:11:49:6f:b5:58:de:06:34:33:37:
         ce:d5:07:aa:0c:6a:d1:6d:6e:47:06:c0:c1:0e:2b:41:2c:9c:
         7f:61:b7:12:c7:c6:1b:5e:a6:e8:52:45:39:c9:5e:3c:d8:50:
         f0:1b:06:ad:f6:a4:80:88:e6:fb:1b:17:a7:11:f1:b3:95:12:
         7d:04:d9:51:66:73:2e:f8:96:55:76:e3:bd:39:0b:07:97:5b:
         8e:fb:be:03:4f:57:fe:ec:d7:22:00:0d:e7:f1:41:38:ff:3d:
         80:5b:3e:cd:a5:77:27:24:e0:b8:f6:a4:45:91:85:ff:2f:5c:
         b1:78:1a:00:08:17:87:91:45:9b:86:dc:af:7e:ef:76:37:f3:
         fd:5e:fe:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrbq+snjAFDC59/9GWuEk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODAyNjg1ZGE3MzRiMTU3YTJkYjljY2ZmNzZkZDRlNDg5
MTE5MjgwHhcNMjMwMTAxMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQ4MmMxZDgxYjRjZDUwZTIxZjBiYzY2OGZlYWQ3NmQ0M2Q3MTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44Z9GlX90DN4Ry3WRVgvyw+E8oKW
Aj7w/0QXwq5AZk3Ts6Be1Sm4ThPgKmAUi7pZgRkEZVRJgso0S+rcACB6CTNOpxtb
qO/7/XkoY61bViX2MOm1mVwprclLIo3YXMUh7sl5fqWigUCq7Ag1QzEchVbUWQXr
b8VxF1JwXC14UmG/WAPN/a31StyhYJ3UzP/KEegh9mA+DmfU6g7DKEaGPRjxh0K9
mVbwG1RVraYKsyH/2ztoPcOUTAuGHUmumy00UqX1sBJCsMLI/yqgeMfv2/xuN/QH
g0bTG1Csk5/AgQhDJL7vT6TgXOehXukNvdg8YiCwgc7DtqRANWKB6QD6iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDBILB2BtM1Q4h8Lxmj+rXbUPXFeMB8GA1UdIwQY
MBaAFCeAJoXac0sVei25zP923U5IkRkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRBbWhkcHpTeFY2TGJuTV8zYmRUa2lSR1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZTVkNjUtNTkxMi00MThlLTljMDEt
MTIzYTg2ZDk0ODE4LzEvTUVnc0hZRzB6VkRpSHd2R2FQNnRkdFE5Y1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZTVkNjUtNTkxMi00MThlLTljMDEtMTIzYTg2ZDk0ODE4
LzEvSjRBbWhkcHpTeFY2TGJuTV8zYmRUa2lSR1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHvQAwQC
wfOoMA0GCSqGSIb3DQEBCwUAA4IBAQCcJAMnrUUPGOKQb+PWgskcDMTWYiqfhTBD
UlxjpcQ2/x7i7n8Vjg6kF+BGuNkiDeNVae+/IjezRacY478K0pHGqRBMzjsgIyPt
s3BpEorlvV8LVXQ5QA9x3yoC/FfSSFbjjZFJ+3T3w77yZVHGrCCPL5RCZhFJb7VY
3gY0MzfO1QeqDGrRbW5HBsDBDitBLJx/YbcSx8YbXqboUkU5yV482FDwGwat9qSA
iOb7GxenEfGzlRJ9BNlRZnMu+JZVduO9OQsHl1uO+74DT1f+7NciAA3n8UE4/z2A
Wz7NpXcnJOC49qRFkYX/L1yxeBoACBeHkUWbhtyvfu92N/P9Xv7a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:24 2024 by rpki-client on console-fra.rpki-client.org