Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/MXJkAl7CZxw2HIkk7Lfpxz65lno.roa
File:                     MXJkAl7CZxw2HIkk7Lfpxz65lno.roa (raw, json)
Hash identifier:          txhJVXXbfjrgMEk4iOGMD61oF4qzre9F4uU1Gp8oepo=
Subject key identifier:   31:72:64:02:5E:C2:67:1C:36:1C:89:24:EC:B7:E9:C7:3E:B9:96:7A
Certificate issuer:       /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Certificate serial:       01856F66FA10446A1A7627B19946038EC861
Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/MXJkAl7CZxw2HIkk7Lfpxz65lno.roa
Signing time:             Sun 01 Jan 2023 22:14:57 +0000
ROA not before:           Sun 01 Jan 2023 22:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209834
IP address blocks:        176.53.188.0/22 maxlen: 24
                          2a09:e100::/29 maxlen: 33

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:fa:10:44:6a:1a:76:27:b1:99:46:03:8e:c8:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
        Validity
            Not Before: Jan  1 22:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=317264025ec2671c361c8924ecb7e9c73eb9967a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:6d:8d:03:12:0a:84:a5:8f:f8:ad:65:5e:8a:
                    87:33:4a:10:9c:7e:f9:9b:b5:2b:d6:6f:81:df:97:
                    be:0a:aa:ae:7a:80:54:02:62:0d:bd:67:13:d8:5a:
                    84:15:ea:b8:7e:36:34:76:8b:6c:54:1b:33:18:de:
                    27:25:63:90:c6:37:36:16:43:2c:44:0a:5d:97:41:
                    54:50:5f:4a:b9:67:81:9e:ef:54:84:22:fb:b7:2b:
                    c4:4b:d7:6b:2f:c5:d3:11:e1:0c:5a:70:d5:e3:3f:
                    35:78:2a:85:f3:c7:2f:29:94:c0:0d:fb:bb:08:00:
                    13:04:1c:79:cc:bb:d9:46:91:a7:0c:77:7c:ce:9f:
                    fb:91:74:a0:1a:e8:4b:b3:42:b8:0f:74:96:c3:5e:
                    c5:51:63:a2:9c:4a:fb:59:48:7c:9d:47:8c:cf:be:
                    b4:07:9e:23:bd:39:f9:a9:73:7f:b9:3e:87:f6:58:
                    ac:11:41:64:cd:a9:2d:73:64:3d:57:2e:fa:97:11:
                    ce:99:a2:32:8e:63:81:56:1b:e1:59:b4:12:3a:e7:
                    b3:a7:ae:82:83:ed:05:fb:fd:2e:bf:24:5c:c1:ab:
                    eb:01:a9:9a:4f:fd:57:2d:b9:45:a7:33:51:67:77:
                    e2:e4:0e:f0:ec:e5:10:b9:9a:55:87:98:c2:03:c5:
                    d4:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:72:64:02:5E:C2:67:1C:36:1C:89:24:EC:B7:E9:C7:3E:B9:96:7A
            X509v3 Authority Key Identifier:
                keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/MXJkAl7CZxw2HIkk7Lfpxz65lno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.53.188.0/22
                IPv6:
                  2a09:e100::/29

    Signature Algorithm: sha256WithRSAEncryption
         75:12:3d:0e:e7:1f:b5:d1:82:1b:8f:00:5a:d5:60:98:76:3b:
         42:c1:9a:c2:ac:98:15:3c:9d:93:f5:41:89:bb:3f:ae:7c:34:
         1a:4c:7f:79:c7:5a:7b:37:b6:84:ed:b7:10:f2:cc:81:13:e2:
         22:44:85:a5:a8:40:e9:c5:1b:e3:c0:7b:58:cb:9b:36:4f:b1:
         a1:98:e9:16:93:b5:e0:10:68:75:b9:2b:8f:6d:76:9c:e4:9e:
         65:f8:11:40:f9:99:ac:e0:bc:92:da:a8:b4:a7:fd:3f:43:12:
         ee:a7:88:8b:18:cc:8d:e2:b2:77:74:0a:a1:ee:f2:1b:a6:2b:
         46:fd:3c:10:66:35:4f:f4:9f:f8:f5:5d:ff:20:c4:e4:a6:1b:
         46:54:0e:22:b5:9c:33:e9:b1:f7:bc:6b:b7:fb:6e:57:b3:ee:
         ca:0e:e2:99:b8:2d:d4:e2:04:19:89:14:94:9b:7b:5e:7a:eb:
         6e:04:4c:2e:10:5c:f4:58:6b:7b:9c:29:af:16:ce:37:6f:5a:
         b4:14:96:2c:cc:05:8f:24:c3:72:fc:0d:0a:79:52:66:ca:92:
         07:e0:53:68:a0:53:59:a0:fd:45:9c:65:8e:34:20:af:5f:cc:
         2a:03:4e:57:a7:45:22:3d:f7:ad:b0:39:d6:b0:cd:88:b4:ab:
         72:8a:f9:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZvoQRGoadiexmUYDjshhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3
MDViMmYwHhcNMjMwMTAxMjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTcyNjQwMjVlYzI2NzFjMzYxYzg5MjRlY2I3ZTljNzNlYjk5NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm2NAxIKhKWP+K1lXoqHM0oQnH75
m7Ur1m+B35e+CqqueoBUAmINvWcT2FqEFeq4fjY0dotsVBszGN4nJWOQxjc2FkMs
RApdl0FUUF9KuWeBnu9UhCL7tyvES9drL8XTEeEMWnDV4z81eCqF88cvKZTADfu7
CAATBBx5zLvZRpGnDHd8zp/7kXSgGuhLs0K4D3SWw17FUWOinEr7WUh8nUeMz760
B54jvTn5qXN/uT6H9lisEUFkzaktc2Q9Vy76lxHOmaIyjmOBVhvhWbQSOuezp66C
g+0F+/0uvyRcwavrAamaT/1XLblFpzNRZ3fi5A7w7OUQuZpVh5jCA8XU2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDFyZAJewmccNhyJJOy36cc+uZZ6MB8GA1UdIwQY
MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt
MGUxZGI5OGFkMjMxLzEvTVhKa0FsN0NaeHcySElrazdMZnB4ejY1bG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx
LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsDW8MA0E
AgACMAcDBQMqCeEAMA0GCSqGSIb3DQEBCwUAA4IBAQB1Ej0O5x+10YIbjwBa1WCY
djtCwZrCrJgVPJ2T9UGJuz+ufDQaTH95x1p7N7aE7bcQ8syBE+IiRIWlqEDpxRvj
wHtYy5s2T7GhmOkWk7XgEGh1uSuPbXac5J5l+BFA+Zms4LyS2qi0p/0/QxLup4iL
GMyN4rJ3dAqh7vIbpitG/TwQZjVP9J/49V3/IMTkphtGVA4itZwz6bH3vGu3+25X
s+7KDuKZuC3U4gQZiRSUm3teeutuBEwuEFz0WGt7nCmvFs43b1q0FJYszAWPJMNy
/A0KeVJmypIH4FNooFNZoP1FnGWONCCvX8wqA05Xp0UiPfetsDnWsM2ItKtyivmP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:32 2024 by rpki-client on console-ams.rpki-client.org