Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/mNBRvbAFlry53rKAIORm9mIM-CE.roa
File:                     mNBRvbAFlry53rKAIORm9mIM-CE.roa (raw, json)
Hash identifier:          6oMJ/en7ZajYestcJbE/fVjsuxUW4uYjDvSSUvHwKNg=
Subject key identifier:   98:D0:51:BD:B0:05:96:BC:B9:DE:B2:80:20:E4:66:F6:62:0C:F8:21
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       01856B8115ADFD63141C84F120781313C4DB
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/mNBRvbAFlry53rKAIORm9mIM-CE.roa
Signing time:             Sun 01 Jan 2023 04:04:59 +0000
ROA not before:           Sun 01 Jan 2023 04:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50779
IP address blocks:        85.31.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:15:ad:fd:63:14:1c:84:f1:20:78:13:13:c4:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Jan  1 04:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98d051bdb00596bcb9deb28020e466f6620cf821
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b8:36:27:3b:b3:5f:91:1d:bb:63:8e:76:ad:
                    6c:64:d4:7a:89:5a:b5:ec:ad:ca:a8:91:bc:89:72:
                    e1:7d:65:ea:64:4e:57:fa:3e:56:18:62:4f:11:93:
                    34:34:f3:a6:52:95:49:d3:69:a2:00:29:fe:af:50:
                    41:1b:da:e4:07:3a:44:61:6f:af:b9:18:cf:de:5d:
                    27:ff:c2:9a:9b:70:c4:bb:33:53:05:9a:f9:df:30:
                    54:24:2f:59:c1:cf:fb:6e:90:77:b1:df:32:10:be:
                    27:ca:10:2c:a4:06:fb:d9:98:3e:b4:a5:75:a7:4e:
                    08:90:99:76:de:c1:fe:82:36:3e:6e:5b:87:46:ac:
                    fb:ff:fd:28:53:b2:34:46:2e:6b:52:ff:2e:bb:5c:
                    38:c6:e0:12:72:a9:90:58:c0:90:f0:1e:1b:a9:ab:
                    0b:2c:12:6a:9b:7d:6e:27:f6:5b:a3:3e:0d:cc:87:
                    b7:b0:e5:48:3d:34:8e:46:a1:7f:1c:81:1a:a0:d0:
                    69:0a:ff:e3:2d:23:a0:8d:77:bf:26:03:f5:d4:82:
                    aa:fb:dd:6d:53:cf:e2:9b:34:fd:4b:40:e4:87:e6:
                    e2:ee:a6:5b:6a:e9:6c:73:27:77:99:28:f2:bf:5c:
                    0e:5b:c9:af:e6:9a:70:43:c9:eb:87:92:6f:d5:19:
                    8b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D0:51:BD:B0:05:96:BC:B9:DE:B2:80:20:E4:66:F6:62:0C:F8:21
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/mNBRvbAFlry53rKAIORm9mIM-CE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.31.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:47:a2:7d:39:8a:61:31:73:ae:7b:95:08:de:e3:82:d1:65:
         5a:d3:83:10:5c:df:c5:99:12:a7:96:b6:10:ee:c9:85:08:0d:
         01:33:9a:4a:17:32:7c:b8:87:34:01:7b:08:c1:0d:ad:dc:a3:
         88:a0:3b:59:aa:e9:7a:46:e2:ca:3d:b9:f1:e9:92:ac:44:54:
         b6:d9:2d:f6:99:cd:c2:67:62:9e:ca:7a:58:c9:d1:ac:ea:8e:
         5c:2e:cd:4c:97:95:15:27:19:a1:2f:81:8d:2a:12:ad:95:da:
         6c:fc:b1:54:79:77:bb:e4:25:25:ba:3e:79:26:8f:4a:e2:95:
         2b:b5:f3:af:24:74:30:61:20:c5:d9:26:bd:2c:28:07:36:af:
         5d:3f:00:72:f3:68:fa:29:5e:64:0f:42:d9:ad:18:ec:22:cb:
         7f:dc:e8:f8:f5:70:6e:ef:82:60:a5:3a:5a:3d:e6:fc:44:f6:
         d9:fd:e4:15:6a:fe:54:2d:e1:24:5e:b3:36:fe:90:42:11:cc:
         08:f0:a6:c5:07:9b:81:ea:e1:38:49:c5:5d:82:86:4d:9d:fa:
         40:b9:7e:13:87:cf:aa:cb:2b:24:ea:4e:d7:2f:cb:78:d8:d4:
         d0:73:70:76:12:93:54:ac:e4:f9:04:8b:ae:38:82:48:72:1c:
         eb:9d:52:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRWt/WMUHITxIHgTE8TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQwNTFiZGIwMDU5NmJjYjlkZWIyODAyMGU0NjZmNjYyMGNmODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lg2JzuzX5Edu2OOdq1sZNR6iVq1
7K3KqJG8iXLhfWXqZE5X+j5WGGJPEZM0NPOmUpVJ02miACn+r1BBG9rkBzpEYW+v
uRjP3l0n/8Kam3DEuzNTBZr53zBUJC9Zwc/7bpB3sd8yEL4nyhAspAb72Zg+tKV1
p04IkJl23sH+gjY+bluHRqz7//0oU7I0Ri5rUv8uu1w4xuAScqmQWMCQ8B4bqasL
LBJqm31uJ/Zboz4NzIe3sOVIPTSORqF/HIEaoNBpCv/jLSOgjXe/JgP11IKq+91t
U8/imzT9S0Dkh+bi7qZbaulscyd3mSjyv1wOW8mv5ppwQ8nrh5Jv1RmLBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjQUb2wBZa8ud6ygCDkZvZiDPghMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvbU5CUnZiQUZscnk1M3JLQUlPUm05bUlNLUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVR/cMA0G
CSqGSIb3DQEBCwUAA4IBAQCfR6J9OYphMXOue5UI3uOC0WVa04MQXN/FmRKnlrYQ
7smFCA0BM5pKFzJ8uIc0AXsIwQ2t3KOIoDtZqul6RuLKPbnx6ZKsRFS22S32mc3C
Z2KeynpYydGs6o5cLs1Ml5UVJxmhL4GNKhKtldps/LFUeXe75CUluj55Jo9K4pUr
tfOvJHQwYSDF2Sa9LCgHNq9dPwBy82j6KV5kD0LZrRjsIst/3Oj49XBu74JgpTpa
Peb8RPbZ/eQVav5ULeEkXrM2/pBCEcwI8KbFB5uB6uE4ScVdgoZNnfpAuX4Th8+q
yysk6k7XL8t42NTQc3B2EpNUrOT5BIuuOIJIchzrnVLP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:17 2024 by rpki-client on console-ams.rpki-client.org