Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/MMOzgcNJ424FOD-hwYO3zbKd_fM.roa
File:                     MMOzgcNJ424FOD-hwYO3zbKd_fM.roa (raw, json)
Hash identifier:          +ml/vF9A2Dkur5kgwZsn2e69cWiBBuLxlcN2ceDICpU=
Subject key identifier:   30:C3:B3:81:C3:49:E3:6E:05:38:3F:A1:C1:83:B7:CD:B2:9D:FD:F3
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E4FBC611BB42E52509B3D68F7F431
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/MMOzgcNJ424FOD-hwYO3zbKd_fM.roa
Signing time:             Mon 02 Jan 2023 06:14:49 +0000
ROA not before:           Mon 02 Jan 2023 06:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203226
IP address blocks:        2a0c:b641:350::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:4f:bc:61:1b:b4:2e:52:50:9b:3d:68:f7:f4:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30c3b381c349e36e05383fa1c183b7cdb29dfdf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2e:2b:b9:72:ed:72:e2:d4:cb:f1:99:38:77:
                    4a:b5:49:4b:a2:71:88:5a:6e:db:b2:e9:01:08:6a:
                    72:d9:d2:7c:ca:bd:b9:26:2f:f1:54:11:5f:82:7e:
                    9c:dc:b5:dc:8f:83:0a:5c:34:fc:14:3a:7d:a8:34:
                    88:b5:f3:5e:51:f6:7b:60:a8:cb:07:b1:9e:52:c2:
                    23:f5:ba:25:a2:46:94:bf:da:5f:b9:05:68:d6:d3:
                    28:53:61:29:fc:b1:e8:ff:f0:db:d2:ee:6d:8a:4b:
                    47:54:ff:b6:91:e5:33:87:fd:2d:21:ec:1a:23:a3:
                    8d:ff:b2:59:21:48:f0:24:d7:1b:a0:6e:9c:21:80:
                    a9:56:ea:f5:c4:32:4f:ef:b8:0b:bb:7c:f0:ce:25:
                    e1:86:f6:5b:60:b3:21:03:e6:03:fe:57:42:18:9a:
                    35:2a:a9:11:78:28:5b:69:87:13:62:1a:2e:94:c5:
                    2c:14:8e:a7:27:d7:a7:17:aa:46:ef:3d:d8:63:a3:
                    a8:97:8b:23:41:a8:e5:1e:78:2e:f4:01:05:f7:5b:
                    1c:26:b6:07:44:70:28:fb:50:63:08:44:fa:7e:b9:
                    78:ea:c0:26:87:ad:70:a9:78:fb:b5:85:78:e9:11:
                    3f:00:4e:6c:20:a4:b9:62:49:3c:fe:a9:bd:b9:77:
                    92:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:C3:B3:81:C3:49:E3:6E:05:38:3F:A1:C1:83:B7:CD:B2:9D:FD:F3
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/MMOzgcNJ424FOD-hwYO3zbKd_fM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:350::/44

    Signature Algorithm: sha256WithRSAEncryption
         19:47:23:10:62:32:64:29:02:13:2e:cc:4d:8a:85:0b:dc:43:
         fa:98:a9:d7:32:ca:67:ac:ed:81:4e:75:38:3e:e2:78:8f:9c:
         fa:d6:f2:4a:cd:ca:0c:08:a1:ae:02:86:2b:0a:68:a8:a5:55:
         e7:35:7c:8d:62:59:52:e5:27:aa:73:a7:23:e2:5d:b2:45:42:
         bd:b5:46:f6:9b:c7:32:03:0b:3b:27:98:33:53:0c:d7:9e:9b:
         b6:3c:13:ae:09:d7:c5:3b:61:b1:e7:76:c4:37:79:61:96:a5:
         32:e5:bd:3c:21:e0:93:20:39:2e:8b:7a:33:08:ca:3c:b4:7d:
         f3:24:ee:74:47:f5:39:60:e0:af:96:43:bf:7d:81:d7:f0:c0:
         56:92:ed:fb:bb:81:cc:7c:09:d9:ab:01:64:f7:10:c2:f7:9f:
         59:ad:cb:47:86:b8:db:a3:2f:0d:91:fc:65:92:4e:23:e2:d4:
         d3:4f:69:66:68:07:25:14:96:d9:08:5a:29:fe:3f:62:53:d9:
         c4:0c:a3:b5:44:19:d2:e0:99:c3:fd:80:50:ba:f0:21:86:80:
         bf:8b:b0:f5:3e:df:e3:29:90:dd:be:81:1b:bd:82:9c:eb:06:
         ca:4a:29:16:b6:89:28:fb:15:6f:f2:f0:2b:da:1e:13:7a:02:
         f1:0d:54:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHk+8YRu0LlJQmz1o9/QxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGMzYjM4MWMzNDllMzZlMDUzODNmYTFjMTgzYjdjZGIyOWRmZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS4ruXLtcuLUy/GZOHdKtUlLonGI
Wm7bsukBCGpy2dJ8yr25Ji/xVBFfgn6c3LXcj4MKXDT8FDp9qDSItfNeUfZ7YKjL
B7GeUsIj9bolokaUv9pfuQVo1tMoU2Ep/LHo//Db0u5tiktHVP+2keUzh/0tIewa
I6ON/7JZIUjwJNcboG6cIYCpVur1xDJP77gLu3zwziXhhvZbYLMhA+YD/ldCGJo1
KqkReChbaYcTYhoulMUsFI6nJ9enF6pG7z3YY6Ool4sjQajlHngu9AEF91scJrYH
RHAo+1BjCET6frl46sAmh61wqXj7tYV46RE/AE5sIKS5Ykk8/qm9uXeSLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDDDs4HDSeNuBTg/ocGDt82ynf3zMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTU1PemdjTko0MjRGT0QtaHdZTzN6YktkX2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQNQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAZRyMQYjJkKQITLsxNioUL3EP6mKnXMspnrO2B
TnU4PuJ4j5z61vJKzcoMCKGuAoYrCmiopVXnNXyNYllS5Seqc6cj4l2yRUK9tUb2
m8cyAws7J5gzUwzXnpu2PBOuCdfFO2Gx53bEN3lhlqUy5b08IeCTIDkui3ozCMo8
tH3zJO50R/U5YOCvlkO/fYHX8MBWku37u4HMfAnZqwFk9xDC959ZrctHhrjboy8N
kfxlkk4j4tTTT2lmaAclFJbZCFop/j9iU9nEDKO1RBnS4JnD/YBQuvAhhoC/i7D1
Pt/jKZDdvoEbvYKc6wbKSikWtoko+xVv8vAr2h4TegLxDVSy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org