Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/MtEE-C75z0lCZFvvX3lW0c1ikuA.roa
File:                     MtEE-C75z0lCZFvvX3lW0c1ikuA.roa (raw, json)
Hash identifier:          FuhHDzgr0iBhxg5UJk86+MThJARhtcZNGbFS/u+c2Hg=
Subject key identifier:   32:D1:04:F8:2E:F9:CF:49:42:64:5B:EF:5F:79:56:D1:CD:62:92:E0
Certificate issuer:       /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Certificate serial:       018A42260D71CDE33C08540FB917C61FD66D
Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/MtEE-C75z0lCZFvvX3lW0c1ikuA.roa
Signing time:             Tue 29 Aug 2023 16:35:04 +0000
ROA not before:           Tue 29 Aug 2023 16:35:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12779
IP address blocks:        185.128.77.0/24 maxlen: 24
                          185.128.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 30 Aug 2023 07:10:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:42:26:0d:71:cd:e3:3c:08:54:0f:b9:17:c6:1f:d6:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
        Validity
            Not Before: Aug 29 16:35:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32d104f82ef9cf4942645bef5f7956d1cd6292e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:0d:84:9e:bd:80:c9:11:90:55:8b:b3:b8:98:
                    a7:69:f2:36:9d:0d:bf:21:09:70:69:0e:bb:46:eb:
                    a1:23:5a:df:fb:cb:c0:16:9f:81:45:e8:93:4b:c2:
                    bf:84:fa:d2:54:20:ca:90:5f:64:9d:4f:a1:f0:85:
                    9e:7a:5a:e2:2a:45:0b:98:7f:34:94:92:4b:6c:71:
                    3f:be:cb:a0:7c:96:80:2a:cb:dd:87:ab:3c:6d:80:
                    c1:a9:c6:6b:30:38:1e:b3:4e:bc:35:d9:e3:84:d7:
                    40:49:2d:64:b7:ab:87:67:a9:00:8b:17:89:f3:95:
                    f6:82:86:07:d5:5e:58:f2:bf:b7:19:3b:c4:a3:97:
                    95:81:ee:75:e1:71:17:9a:10:c5:22:f1:ff:0d:5e:
                    34:d5:a5:db:2c:b1:aa:44:26:2f:08:ff:13:83:2b:
                    7e:3f:8c:c9:d8:2c:f5:67:2f:87:53:74:a2:7f:cf:
                    da:d2:ad:2d:50:4d:56:28:54:95:fd:9a:62:1b:b7:
                    99:f3:43:b5:24:c4:e3:77:93:ed:aa:77:30:bc:fd:
                    22:dd:27:9e:9f:fd:d7:07:4f:a4:12:39:83:c3:e4:
                    1e:a8:7b:28:f3:1f:43:13:2a:ea:92:43:ac:f0:13:
                    8d:94:ab:53:33:d3:3a:22:d0:eb:e9:ab:60:36:07:
                    b2:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D1:04:F8:2E:F9:CF:49:42:64:5B:EF:5F:79:56:D1:CD:62:92:E0
            X509v3 Authority Key Identifier:
                keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/MtEE-C75z0lCZFvvX3lW0c1ikuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         93:86:c2:d8:f1:42:e1:07:3a:00:c7:1f:25:00:17:8e:d9:88:
         b0:a6:9a:59:a5:a9:02:81:e1:ac:e6:34:88:a9:a7:b1:f7:84:
         8e:9e:94:12:3f:95:91:f2:43:9a:63:c5:a0:2a:b2:3c:0a:6d:
         3a:2d:de:9d:21:9d:71:81:a0:64:ec:98:0b:d0:bb:07:84:86:
         4a:f8:b2:2c:fb:78:44:21:c4:2c:53:40:de:6d:8b:df:23:80:
         d9:b8:66:80:51:f6:14:69:e1:2b:67:5c:79:ef:b6:3c:0e:26:
         34:ea:ea:db:c0:fa:e8:08:b0:45:86:e9:c3:b7:9b:a7:7b:0e:
         bc:3b:4a:b2:e6:38:9d:90:7e:31:36:e8:5c:a9:32:fe:1b:27:
         e5:ba:cb:72:d7:67:fa:fc:59:e0:9f:ca:47:20:95:83:4f:08:
         09:45:cc:2b:38:d5:20:d9:90:66:b5:c1:6b:5a:85:d1:df:bd:
         82:08:2c:ab:ca:a3:5f:cf:66:be:f1:66:2e:d5:bc:1a:c5:ea:
         ef:28:bf:ec:0e:f9:2b:f1:42:7e:5e:10:a1:0b:4f:3d:77:ae:
         b2:08:d2:76:ed:97:a1:71:3c:32:41:40:24:27:1a:13:81:ab:
         76:22:10:ca:d0:13:22:d0:2d:dc:7b:91:80:91:c1:b6:58:99:
         31:6a:d1:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpCJg1xzeM8CFQPuRfGH9ZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDY4N2EzZWU2MzIyYjc1N2RlODFlN2Y1M2M1ZDMyZWVi
ZTMzYTYwHhcNMjMwODI5MTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQxMDRmODJlZjljZjQ5NDI2NDViZWY1Zjc5NTZkMWNkNjI5MmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA2Enr2AyRGQVYuzuJinafI2nQ2/
IQlwaQ67RuuhI1rf+8vAFp+BReiTS8K/hPrSVCDKkF9knU+h8IWeelriKkULmH80
lJJLbHE/vsugfJaAKsvdh6s8bYDBqcZrMDges068NdnjhNdASS1kt6uHZ6kAixeJ
85X2goYH1V5Y8r+3GTvEo5eVge514XEXmhDFIvH/DV401aXbLLGqRCYvCP8Tgyt+
P4zJ2Cz1Zy+HU3Sif8/a0q0tUE1WKFSV/ZpiG7eZ80O1JMTjd5PtqncwvP0i3See
n/3XB0+kEjmDw+QeqHso8x9DEyrqkkOs8BONlKtTM9M6ItDr6atgNgeyvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLRBPgu+c9JQmRb7195VtHNYpLgMB8GA1UdIwQY
MBaAFNBGh6PuYyK3V96B5/U8XTLuvjOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYt
OTdiZTQyNmEyMzM0LzEvTXRFRS1DNzV6MGxDWkZ2dlgzbFcwYzFpa3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0
LzEvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYBMMA0G
CSqGSIb3DQEBCwUAA4IBAQCThsLY8ULhBzoAxx8lABeO2YiwpppZpakCgeGs5jSI
qaex94SOnpQSP5WR8kOaY8WgKrI8Cm06Ld6dIZ1xgaBk7JgL0LsHhIZK+LIs+3hE
IcQsU0DebYvfI4DZuGaAUfYUaeErZ1x577Y8DiY06urbwProCLBFhunDt5unew68
O0qy5jidkH4xNuhcqTL+Gyflusty12f6/Fngn8pHIJWDTwgJRcwrONUg2ZBmtcFr
WoXR372CCCyryqNfz2a+8WYu1bwaxervKL/sDvkr8UJ+XhChC089d66yCNJ27Zeh
cTwyQUAkJxoTgat2IhDK0BMi0C3ce5GAkcG2WJkxatGY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:40 2024 by rpki-client on console-ams.rpki-client.org