Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/MHTFaFK791ubH0fo9vDPikPzV6c.roa
File:                     MHTFaFK791ubH0fo9vDPikPzV6c.roa (raw, json)
Hash identifier:          sFWc+Jn6X4eGfWKpXgOsdqOWbqgB80gO5heekbFN9lA=
Subject key identifier:   30:74:C5:68:52:BB:F7:5B:9B:1F:47:E8:F6:F0:CF:8A:43:F3:57:A7
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       01864B394830FAA5BA33613C460620141A23
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/MHTFaFK791ubH0fo9vDPikPzV6c.roa
Signing time:             Mon 13 Feb 2023 14:41:30 +0000
ROA not before:           Mon 13 Feb 2023 14:41:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        92.249.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 13:42:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:4b:39:48:30:fa:a5:ba:33:61:3c:46:06:20:14:1a:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Feb 13 14:41:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3074c56852bbf75b9b1f47e8f6f0cf8a43f357a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:cc:45:44:12:b1:7c:0f:f4:be:00:69:5e:66:
                    2c:81:b9:12:f7:6d:ad:1e:fa:c5:07:5c:db:95:96:
                    85:42:e2:2b:23:d5:33:48:e7:cf:df:54:93:8a:37:
                    3a:7c:39:48:ca:38:16:53:53:32:32:fc:67:43:7e:
                    ec:c9:6c:2b:c2:15:c3:ac:22:a3:b3:05:7c:c4:15:
                    ce:26:8b:da:12:61:99:33:b7:eb:08:75:c1:06:d6:
                    e1:67:10:27:9c:39:e3:67:5a:b6:a8:71:ca:2b:53:
                    55:89:8e:ba:f4:05:9c:ea:2d:58:06:8d:1c:af:f7:
                    f7:2b:7f:88:ce:07:e2:7d:43:d7:93:92:6d:46:77:
                    8a:3e:2d:a6:86:dd:1f:13:09:ae:cc:52:b0:97:9b:
                    bb:06:77:a5:a2:6b:e3:a1:b1:15:c6:aa:b1:c7:3c:
                    91:5e:81:ad:53:c6:ba:e1:8d:48:cc:de:8a:8d:90:
                    03:4c:28:e8:75:13:4a:2f:b3:58:20:6d:51:7f:65:
                    38:1e:a9:bf:4b:ff:17:02:cc:67:8f:ee:41:33:8a:
                    72:eb:da:1f:4a:d6:39:10:66:f9:06:b6:47:9a:0d:
                    4a:73:ce:70:91:48:50:50:67:a0:38:05:f4:41:c8:
                    fc:13:01:06:97:3d:76:42:56:e6:d9:96:ba:db:ba:
                    37:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:74:C5:68:52:BB:F7:5B:9B:1F:47:E8:F6:F0:CF:8A:43:F3:57:A7
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/MHTFaFK791ubH0fo9vDPikPzV6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.249.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a4:c9:3d:c9:7e:a3:ca:ee:86:25:c1:87:20:79:07:50:66:82:
         66:08:50:d4:e1:01:f5:0a:e3:ab:79:69:d3:8a:fd:82:3e:76:
         7b:ca:c1:65:6f:46:8a:95:e2:4d:de:67:17:1c:68:3c:1d:51:
         dd:1c:b7:b0:2d:dc:a4:f5:ab:63:73:2a:ca:5e:7f:47:f5:0f:
         38:3f:bf:1a:5e:81:9e:82:b5:fa:ec:4c:68:7a:8f:2f:3f:ed:
         f8:88:94:c0:65:68:dd:76:5f:83:fd:ef:01:65:d8:b6:a2:23:
         56:67:29:a8:2d:ac:07:96:0f:77:ed:b0:cb:25:e5:82:92:79:
         d2:70:c6:7d:0d:50:d9:97:23:51:9a:5e:e2:f2:82:15:64:38:
         e3:ef:86:1e:1d:b1:7c:08:c3:06:a8:ff:1f:a8:35:9d:21:b9:
         f6:45:ed:b0:37:b8:6c:ee:1a:94:16:24:34:1f:9b:ec:c7:39:
         1f:d1:17:b5:ff:46:9e:eb:b6:58:2e:b5:3a:df:1a:b3:fe:21:
         e0:14:f9:99:99:32:84:97:3b:6b:6e:ad:ca:09:9f:5d:d1:19:
         4f:82:99:89:e3:a8:72:36:6c:e0:5c:34:19:bb:36:d5:5d:db:
         04:83:16:6e:66:a1:bc:0f:64:f1:b9:5f:e1:b1:15:70:9e:9d:
         35:3e:dc:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZLOUgw+qW6M2E8RgYgFBojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjEzMTQ0MTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDc0YzU2ODUyYmJmNzViOWIxZjQ3ZThmNmYwY2Y4YTQzZjM1N2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8xFRBKxfA/0vgBpXmYsgbkS922t
HvrFB1zblZaFQuIrI9UzSOfP31STijc6fDlIyjgWU1MyMvxnQ37syWwrwhXDrCKj
swV8xBXOJovaEmGZM7frCHXBBtbhZxAnnDnjZ1q2qHHKK1NViY669AWc6i1YBo0c
r/f3K3+IzgfifUPXk5JtRneKPi2mht0fEwmuzFKwl5u7BnelomvjobEVxqqxxzyR
XoGtU8a64Y1IzN6KjZADTCjodRNKL7NYIG1Rf2U4Hqm/S/8XAsxnj+5BM4py69of
StY5EGb5BrZHmg1Kc85wkUhQUGegOAX0Qcj8EwEGlz12Qlbm2Za627o3ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDB0xWhSu/dbmx9H6Pbwz4pD81enMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvTUhURmFGSzc5MXViSDBmbzl2RFBpa1B6VjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXPk8MA0G
CSqGSIb3DQEBCwUAA4IBAQCkyT3JfqPK7oYlwYcgeQdQZoJmCFDU4QH1CuOreWnT
iv2CPnZ7ysFlb0aKleJN3mcXHGg8HVHdHLewLdyk9atjcyrKXn9H9Q84P78aXoGe
grX67Exoeo8vP+34iJTAZWjddl+D/e8BZdi2oiNWZymoLawHlg937bDLJeWCknnS
cMZ9DVDZlyNRml7i8oIVZDjj74YeHbF8CMMGqP8fqDWdIbn2Re2wN7hs7hqUFiQ0
H5vsxzkf0Re1/0ae67ZYLrU63xqz/iHgFPmZmTKElztrbq3KCZ9d0RlPgpmJ46hy
NmzgXDQZuzbVXdsEgxZuZqG8D2TxuV/hsRVwnp01Ptxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org