Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/mjnIypG91cHQRPsMTD5RYU_W1EI.roa
File:                     mjnIypG91cHQRPsMTD5RYU_W1EI.roa (raw, json)
Hash identifier:          xGRXYT3QMjR2SLxRMU+/TmFuDhD10xvAI3dw9qWJzdM=
Subject key identifier:   9A:39:C8:CA:91:BD:D5:C1:D0:44:FB:0C:4C:3E:51:61:4F:D6:D4:42
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       018CC794FB57EF6B004860BDC6F87721D36B
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/mjnIypG91cHQRPsMTD5RYU_W1EI.roa
Signing time:             Tue 02 Jan 2024 00:31:18 +0000
ROA not before:           Tue 02 Jan 2024 00:31:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211975
IP address blocks:        185.104.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 07:47:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:fb:57:ef:6b:00:48:60:bd:c6:f8:77:21:d3:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Jan  2 00:31:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a39c8ca91bdd5c1d044fb0c4c3e51614fd6d442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:35:e4:13:e1:45:08:e8:04:2c:a2:57:3d:e5:
                    bd:fb:2e:c2:3e:e2:dc:53:21:5e:f9:7f:60:fd:48:
                    c6:b2:1e:30:51:ef:09:f7:3f:50:a4:3b:6b:9b:61:
                    a6:8e:cc:1c:34:9c:e1:98:82:3e:ea:c8:eb:e9:72:
                    59:ec:a4:20:c0:27:e0:57:3d:36:87:4c:8e:49:3b:
                    92:ef:11:55:b4:2a:4f:08:48:1f:c3:a7:89:82:a6:
                    1e:04:6b:d4:4f:d4:69:aa:c6:81:53:2f:10:94:62:
                    5e:a2:f0:2a:6d:8c:f9:2f:93:e1:71:05:b8:18:6e:
                    61:92:d2:66:89:5c:19:62:8e:5a:4b:10:48:c7:38:
                    28:ea:c1:8c:6d:99:e3:a6:da:37:86:8a:2c:17:d5:
                    9b:6a:44:9b:ff:17:36:35:30:32:6f:b7:58:ea:1b:
                    1f:bf:6c:00:49:68:8a:bd:d4:5e:ec:5c:0d:8c:59:
                    02:dc:67:35:70:74:7b:03:7e:28:4c:0e:7f:d7:fe:
                    e7:0b:d9:5a:38:f6:5c:f1:f9:6c:d4:33:e0:a2:09:
                    f9:ca:4d:3a:0a:e8:af:48:d1:3d:2b:a0:dd:4a:13:
                    4f:70:73:97:e4:dc:11:d8:bc:12:4b:3f:ee:6f:74:
                    4e:d1:65:f3:a9:ed:68:73:dc:e1:07:33:54:51:91:
                    f5:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:39:C8:CA:91:BD:D5:C1:D0:44:FB:0C:4C:3E:51:61:4F:D6:D4:42
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/mjnIypG91cHQRPsMTD5RYU_W1EI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:e8:30:9c:e9:e9:97:4c:41:3f:43:c3:d1:b3:b8:f6:03:f4:
         65:3a:82:90:65:9e:d0:e9:e3:9f:4c:5e:04:94:00:2b:90:89:
         c7:31:07:27:58:93:4d:bb:e3:b2:57:c3:be:7b:4c:50:47:1a:
         7a:58:c0:ee:6f:a4:6b:ff:0d:5b:32:14:a9:ad:8d:f9:6b:5a:
         9f:98:38:84:0d:8a:5f:c1:ad:74:d0:02:c8:06:d0:1d:3c:e4:
         07:a2:3d:1d:e6:9c:7f:1a:8d:2b:af:6a:10:d9:e7:96:d4:dd:
         0a:67:6e:c7:01:8d:ed:5d:c9:be:db:48:e0:1c:dc:3c:a3:24:
         0c:c9:2c:83:dd:7a:61:f5:e3:9b:63:ab:18:dc:dd:c0:1e:7e:
         3e:b8:a8:c7:18:6b:00:62:bb:1e:25:29:2c:53:41:a5:0a:ac:
         f7:e6:14:44:74:8b:a8:23:8d:89:16:10:3c:08:1b:ac:7e:d5:
         95:b0:f9:cc:96:87:01:0e:40:85:c3:42:02:e9:19:7c:d1:4f:
         8e:77:a0:de:52:94:ad:c3:fd:dd:76:d4:74:06:31:41:18:72:
         2d:7b:58:8f:ff:a8:a8:06:56:35:bb:f3:5d:8a:f8:8f:cd:fc:
         7f:c2:51:68:2a:ad:0b:9e:76:0d:6c:b6:69:23:5e:01:85:f3:
         18:b5:64:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlPtX72sASGC9xvh3IdNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjQwMTAyMDAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM5YzhjYTkxYmRkNWMxZDA0NGZiMGM0YzNlNTE2MTRmZDZkNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTXkE+FFCOgELKJXPeW9+y7CPuLc
UyFe+X9g/UjGsh4wUe8J9z9QpDtrm2GmjswcNJzhmII+6sjr6XJZ7KQgwCfgVz02
h0yOSTuS7xFVtCpPCEgfw6eJgqYeBGvUT9RpqsaBUy8QlGJeovAqbYz5L5PhcQW4
GG5hktJmiVwZYo5aSxBIxzgo6sGMbZnjpto3hoosF9WbakSb/xc2NTAyb7dY6hsf
v2wASWiKvdRe7FwNjFkC3Gc1cHR7A34oTA5/1/7nC9laOPZc8fls1DPgogn5yk06
CuivSNE9K6DdShNPcHOX5NwR2LwSSz/ub3RO0WXzqe1oc9zhBzNUUZH11wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJo5yMqRvdXB0ET7DEw+UWFP1tRCMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvbWpuSXlwRzkxY0hRUlBzTVRENVJZVV9XMUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWgMMA0G
CSqGSIb3DQEBCwUAA4IBAQBs6DCc6emXTEE/Q8PRs7j2A/RlOoKQZZ7Q6eOfTF4E
lAArkInHMQcnWJNNu+OyV8O+e0xQRxp6WMDub6Rr/w1bMhSprY35a1qfmDiEDYpf
wa100ALIBtAdPOQHoj0d5px/Go0rr2oQ2eeW1N0KZ27HAY3tXcm+20jgHNw8oyQM
ySyD3Xph9eObY6sY3N3AHn4+uKjHGGsAYrseJSksU0GlCqz35hREdIuoI42JFhA8
CBusftWVsPnMlocBDkCFw0IC6Rl80U+Od6DeUpStw/3ddtR0BjFBGHIte1iP/6io
BlY1u/NdiviPzfx/wlFoKq0LnnYNbLZpI14BhfMYtWQV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org