Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/77f5b9-5b8c-4546-9a0d-b8c5f84d9687/1/MjascK81NTNl7XBJMTiI3Hbx8WU.roa
File:                     MjascK81NTNl7XBJMTiI3Hbx8WU.roa (raw, json)
Hash identifier:          tQqLVMdEFknCGP/AR+MDUBlB94y43pfFmghKyvgSuxQ=
Subject key identifier:   32:36:AC:70:AF:35:35:33:65:ED:70:49:31:38:88:DC:76:F1:F1:65
Certificate issuer:       /CN=a3ace73daf52102cdb84b7f5681296957a0c9a78
Certificate serial:       018901507495BC1E146477656C79094671A9
Authority key identifier: A3:AC:E7:3D:AF:52:10:2C:DB:84:B7:F5:68:12:96:95:7A:0C:9A:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6znPa9SECzbhLf1aBKWlXoMmng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/77f5b9-5b8c-4546-9a0d-b8c5f84d9687/1/MjascK81NTNl7XBJMTiI3Hbx8WU.roa
Signing time:             Wed 28 Jun 2023 09:23:17 +0000
ROA not before:           Wed 28 Jun 2023 09:23:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47212
IP address blocks:        79.99.56.0/21 maxlen: 21
                          2a01:a180::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:01:50:74:95:bc:1e:14:64:77:65:6c:79:09:46:71:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3ace73daf52102cdb84b7f5681296957a0c9a78
        Validity
            Not Before: Jun 28 09:23:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3236ac70af35353365ed7049313888dc76f1f165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:18:62:87:42:1a:25:b5:c7:b9:d2:1c:50:ee:
                    59:60:28:97:c7:6a:75:e7:72:54:4c:1f:e2:cd:94:
                    3b:a5:f5:0d:bc:1d:b6:42:6c:ee:ae:91:d1:4c:0b:
                    6b:9c:48:85:78:96:61:6e:c8:47:de:d2:34:f9:04:
                    81:b1:d7:8a:eb:2f:35:bd:fb:66:51:df:2b:a7:4c:
                    f7:f1:ff:6d:13:74:cc:73:3b:28:a4:f6:80:2a:8a:
                    48:e2:40:94:96:f8:e0:ce:b9:81:2b:7b:7a:d6:79:
                    81:92:d7:a4:78:7d:dc:b2:2f:7e:f8:da:8d:8c:76:
                    a9:62:7b:2f:f5:ab:5c:36:ae:1a:ac:af:9d:85:77:
                    ed:0b:22:0f:be:fd:ac:a9:91:16:a3:26:1a:ae:39:
                    97:95:5a:dc:c4:07:82:1f:42:18:8e:67:3c:30:c1:
                    4b:ad:f7:52:37:73:9a:39:45:a4:25:b1:5d:68:87:
                    42:67:44:9c:cf:f4:60:1c:f0:84:6b:64:8b:86:78:
                    d3:e6:01:2a:be:75:1b:d5:b3:4e:95:28:6d:86:78:
                    bc:69:23:16:3f:ef:e5:56:40:d1:e1:a2:84:e1:0f:
                    15:67:9c:3f:f6:a4:54:5f:1f:8e:fc:52:7b:cc:be:
                    85:b3:f4:b1:78:35:f9:58:8b:34:92:8c:20:64:26:
                    46:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:36:AC:70:AF:35:35:33:65:ED:70:49:31:38:88:DC:76:F1:F1:65
            X509v3 Authority Key Identifier:
                keyid:A3:AC:E7:3D:AF:52:10:2C:DB:84:B7:F5:68:12:96:95:7A:0C:9A:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6znPa9SECzbhLf1aBKWlXoMmng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/77f5b9-5b8c-4546-9a0d-b8c5f84d9687/1/MjascK81NTNl7XBJMTiI3Hbx8WU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/77f5b9-5b8c-4546-9a0d-b8c5f84d9687/1/o6znPa9SECzbhLf1aBKWlXoMmng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.99.56.0/21
                IPv6:
                  2a01:a180::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:e9:d6:29:66:d0:69:c1:37:31:7a:b2:88:ba:76:7e:10:34:
         c0:44:f9:71:14:3a:be:ae:f9:cf:61:62:e7:36:f0:24:df:72:
         ac:a0:f6:d2:13:e3:5e:9c:0b:23:40:18:01:17:c2:91:a4:f1:
         46:ad:70:4f:ba:db:e7:ac:0e:f1:c4:88:e5:c8:66:4e:1c:72:
         f2:dd:59:63:16:66:a5:05:3a:85:e2:97:0e:54:7d:16:b9:24:
         b5:3a:ef:e1:d1:b7:f4:23:d7:8c:41:11:33:3b:5a:46:5d:38:
         4d:f9:c1:0f:07:04:ba:35:41:52:7c:fd:31:0d:b3:c1:f6:99:
         26:0e:03:e7:7b:20:9d:96:e7:69:51:72:2a:8b:07:fd:06:ca:
         0f:61:71:e5:58:27:88:6d:5d:44:9b:b1:84:a5:91:7f:30:f8:
         24:ff:a4:95:79:6c:5a:3f:c3:2c:ab:49:93:03:0c:90:83:6b:
         83:72:93:e1:a8:71:49:e6:ea:01:3d:ec:f4:9f:50:72:a4:c3:
         b5:c2:97:25:a3:f9:1b:73:91:fc:29:e4:59:04:59:2a:4f:bb:
         5b:29:fa:e9:36:48:a9:2a:d3:af:48:50:38:e5:a9:58:f6:04:
         8f:e3:c6:79:0c:a0:69:20:97:21:2f:79:41:31:1a:8c:0e:3a:
         78:4f:70:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkBUHSVvB4UZHdlbHkJRnGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYWNlNzNkYWY1MjEwMmNkYjg0YjdmNTY4MTI5Njk1N2Ew
YzlhNzgwHhcNMjMwNjI4MDkyMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjM2YWM3MGFmMzUzNTMzNjVlZDcwNDkzMTM4ODhkYzc2ZjFmMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghhih0IaJbXHudIcUO5ZYCiXx2p1
53JUTB/izZQ7pfUNvB22QmzurpHRTAtrnEiFeJZhbshH3tI0+QSBsdeK6y81vftm
Ud8rp0z38f9tE3TMczsopPaAKopI4kCUlvjgzrmBK3t61nmBktekeH3csi9++NqN
jHapYnsv9atcNq4arK+dhXftCyIPvv2sqZEWoyYarjmXlVrcxAeCH0IYjmc8MMFL
rfdSN3OaOUWkJbFdaIdCZ0Scz/RgHPCEa2SLhnjT5gEqvnUb1bNOlShthni8aSMW
P+/lVkDR4aKE4Q8VZ5w/9qRUXx+O/FJ7zL6Fs/SxeDX5WIs0kowgZCZG3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDI2rHCvNTUzZe1wSTE4iNx28fFlMB8GA1UdIwQY
MBaAFKOs5z2vUhAs24S39WgSlpV6DJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZ6blBhOVNFQ3piaExmMWFCS1dsWG9NbW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83N2Y1YjktNWI4Yy00NTQ2LTlhMGQt
YjhjNWY4NGQ5Njg3LzEvTWphc2NLODFOVE5sN1hCSk1UaUkzSGJ4OFdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83N2Y1YjktNWI4Yy00NTQ2LTlhMGQtYjhjNWY4NGQ5Njg3
LzEvbzZ6blBhOVNFQ3piaExmMWFCS1dsWG9NbW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDT2M4MA0E
AgACMAcDBQAqAaGAMA0GCSqGSIb3DQEBCwUAA4IBAQB06dYpZtBpwTcxerKIunZ+
EDTARPlxFDq+rvnPYWLnNvAk33KsoPbSE+NenAsjQBgBF8KRpPFGrXBPutvnrA7x
xIjlyGZOHHLy3VljFmalBTqF4pcOVH0WuSS1Ou/h0bf0I9eMQREzO1pGXThN+cEP
BwS6NUFSfP0xDbPB9pkmDgPneyCdludpUXIqiwf9BsoPYXHlWCeIbV1Em7GEpZF/
MPgk/6SVeWxaP8Msq0mTAwyQg2uDcpPhqHFJ5uoBPez0n1BypMO1wpclo/kbc5H8
KeRZBFkqT7tbKfrpNkipKtOvSFA45alY9gSP48Z5DKBpIJchL3lBMRqMDjp4T3CE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:25 2024 by rpki-client on console-fra.rpki-client.org