Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/S_MnKVYLeJ8xudh-EQKzzFUnxYE.roa
File:                     S_MnKVYLeJ8xudh-EQKzzFUnxYE.roa (raw, json)
Hash identifier:          o5ylXVCPYSg3ZxBX22QHYJKtSNz5BBN6ao5aOm30jWk=
Subject key identifier:   4B:F3:27:29:56:0B:78:9F:31:B9:D8:7E:11:02:B3:CC:55:27:C5:81
Certificate issuer:       /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Certificate serial:       018C3FB0D4E8F7EC58956EC483BA37984841
Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/S_MnKVYLeJ8xudh-EQKzzFUnxYE.roa
Signing time:             Wed 06 Dec 2023 15:13:22 +0000
ROA not before:           Wed 06 Dec 2023 15:13:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29519
IP address blocks:        212.25.208.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3f:b0:d4:e8:f7:ec:58:95:6e:c4:83:ba:37:98:48:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
        Validity
            Not Before: Dec  6 15:13:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4bf32729560b789f31b9d87e1102b3cc5527c581
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a5:b6:55:9a:75:9e:e8:91:67:bd:7f:d8:a9:
                    5b:fe:28:30:9f:26:60:b3:34:b6:74:71:09:5e:d3:
                    93:e2:66:a0:02:e2:aa:1d:c0:97:6d:fd:83:4e:77:
                    65:40:19:66:aa:4a:23:81:4d:cd:29:23:04:01:4e:
                    39:fd:55:0e:7d:00:7f:3f:37:57:88:6b:4e:06:35:
                    51:9c:a2:e8:fd:e5:b9:e3:80:71:62:97:36:75:98:
                    f7:34:f1:cd:24:1f:dd:19:be:eb:a2:dc:51:d6:b2:
                    55:12:50:44:57:df:58:bf:3c:58:f7:17:a0:ed:e5:
                    1e:d1:5c:28:59:c9:9f:71:dd:44:93:e0:72:4d:3c:
                    2e:dd:5c:5d:d2:93:99:d6:c7:46:1d:82:a0:4c:31:
                    4c:f1:e8:49:32:f2:35:aa:5c:cd:e7:f4:67:69:e0:
                    4d:1a:c6:e3:97:f6:1e:8b:3c:60:9a:1a:2c:2f:8d:
                    d1:db:35:97:d5:7f:c9:aa:ec:a5:4e:9c:2f:f7:ad:
                    80:9f:4b:82:0d:fa:92:ed:84:03:ee:7b:5b:c3:3a:
                    da:ad:58:2f:17:bd:c9:d1:13:cd:16:f7:80:b8:cb:
                    51:39:f0:9e:38:b7:5d:b1:da:cf:a0:09:bc:3a:cd:
                    d1:9b:ae:86:cb:92:76:b0:99:37:2f:d7:1e:77:44:
                    8f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F3:27:29:56:0B:78:9F:31:B9:D8:7E:11:02:B3:CC:55:27:C5:81
            X509v3 Authority Key Identifier:
                keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/S_MnKVYLeJ8xudh-EQKzzFUnxYE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.25.208.0/23

    Signature Algorithm: sha256WithRSAEncryption
         07:bb:f3:87:fc:32:ee:5a:57:8c:ce:84:83:9c:0e:26:a0:bd:
         ee:1b:36:10:64:f1:ba:05:8b:c4:6d:96:23:b5:54:80:2b:d0:
         89:c9:af:aa:f5:6b:2a:3b:4a:ff:d0:ee:94:b7:53:0e:78:e0:
         73:0f:62:7c:f7:5e:fd:57:d0:c7:af:a1:cf:19:3a:0a:55:ec:
         cd:4b:6c:95:5c:21:62:f8:9d:b0:ed:3d:94:aa:f9:a4:0e:4d:
         fd:27:e3:c5:b8:37:de:3c:7c:28:1b:83:b6:91:38:b3:b3:b0:
         a1:6b:76:e8:0f:d5:b8:8a:4b:4e:73:91:62:84:65:ef:ac:75:
         a9:c9:7c:9d:25:7e:0f:f6:68:9b:95:3f:9c:0d:9a:1f:5a:75:
         9d:4d:cf:ee:fe:5b:53:a1:21:8a:05:f3:b0:d5:f9:e9:96:14:
         3c:5a:f5:c6:8c:da:1b:4c:c6:29:a5:60:e0:03:e7:ba:1a:23:
         16:83:3b:c0:70:67:bf:38:38:0f:64:e6:d6:57:d1:44:ca:da:
         7a:63:79:6c:f6:73:45:7a:97:be:c8:70:11:36:77:94:c3:5c:
         3b:aa:23:b3:c1:ae:76:11:d1:ca:b4:5a:45:6f:25:35:98:1a:
         ba:85:1a:de:96:b6:53:8e:54:46:60:14:22:1f:6c:a6:66:ba:
         5a:51:c5:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw/sNTo9+xYlW7Eg7o3mEhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk
ODcwOTUwHhcNMjMxMjA2MTUxMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYzMjcyOTU2MGI3ODlmMzFiOWQ4N2UxMTAyYjNjYzU1MjdjNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KW2VZp1nuiRZ71/2Klb/igwnyZg
szS2dHEJXtOT4magAuKqHcCXbf2DTndlQBlmqkojgU3NKSMEAU45/VUOfQB/PzdX
iGtOBjVRnKLo/eW544BxYpc2dZj3NPHNJB/dGb7rotxR1rJVElBEV99YvzxY9xeg
7eUe0VwoWcmfcd1Ek+ByTTwu3Vxd0pOZ1sdGHYKgTDFM8ehJMvI1qlzN5/RnaeBN
Gsbjl/YeizxgmhosL43R2zWX1X/JquylTpwv962An0uCDfqS7YQD7ntbwzrarVgv
F73J0RPNFveAuMtROfCeOLddsdrPoAm8Os3Rm66Gy5J2sJk3L9ced0SPewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvzJylWC3ifMbnYfhECs8xVJ8WBMB8GA1UdIwQY
MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt
YTc0ZTRhODg3ODA0LzEvU19NbktWWUxlSjh4dWRoLUVRS3p6RlVueFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0
LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1BnQMA0G
CSqGSIb3DQEBCwUAA4IBAQAHu/OH/DLuWleMzoSDnA4moL3uGzYQZPG6BYvEbZYj
tVSAK9CJya+q9WsqO0r/0O6Ut1MOeOBzD2J89179V9DHr6HPGToKVezNS2yVXCFi
+J2w7T2UqvmkDk39J+PFuDfePHwoG4O2kTizs7Cha3boD9W4iktOc5FihGXvrHWp
yXydJX4P9miblT+cDZofWnWdTc/u/ltToSGKBfOw1fnplhQ8WvXGjNobTMYppWDg
A+e6GiMWgzvAcGe/ODgPZObWV9FEytp6Y3ls9nNFepe+yHARNneUw1w7qiOzwa52
EdHKtFpFbyU1mBq6hRrelrZTjlRGYBQiH2ymZrpaUcVr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:05 2024 by rpki-client on console-ams.rpki-client.org