Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/MoLgKXXxofzQNagTv7wxPAcyXwE.roa
File:                     MoLgKXXxofzQNagTv7wxPAcyXwE.roa (raw, json)
Hash identifier:          1wxwoVeMsGhs2VRkgzBodPMiH+98IEngKAHpt1yQNg4=
Subject key identifier:   32:82:E0:29:75:F1:A1:FC:D0:35:A8:13:BF:BC:31:3C:07:32:5F:01
Certificate issuer:       /CN=019ad1824be546163b481fc49647a0508b226bf4
Certificate serial:       01891C9801BFD894016BA8F0896DE1F81030
Authority key identifier: 01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/MoLgKXXxofzQNagTv7wxPAcyXwE.roa
Signing time:             Mon 03 Jul 2023 16:31:11 +0000
ROA not before:           Mon 03 Jul 2023 16:31:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59865
IP address blocks:        185.232.112.0/22 maxlen: 24
                          185.240.168.0/22 maxlen: 22
                          89.255.219.0/24 maxlen: 24
                          89.255.216.0/21 maxlen: 24
                          89.255.223.0/24 maxlen: 24
                          89.255.221.0/24 maxlen: 24
                          89.255.222.0/24 maxlen: 24
                          89.255.220.0/24 maxlen: 24
                          185.68.172.0/22 maxlen: 22
                          2a03:2ca0:255::/48 maxlen: 48
                          2a03:2ca0:3135::/48 maxlen: 48
                          2a03:2ca0::/32 maxlen: 48
                          2a0c:8680::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1c:98:01:bf:d8:94:01:6b:a8:f0:89:6d:e1:f8:10:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=019ad1824be546163b481fc49647a0508b226bf4
        Validity
            Not Before: Jul  3 16:31:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3282e02975f1a1fcd035a813bfbc313c07325f01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:73:6f:91:46:38:15:92:c3:d3:33:4a:96:84:
                    c9:da:8a:33:05:32:dd:42:94:b3:56:38:3a:26:9b:
                    be:af:08:48:a9:5b:b8:7f:9e:b1:ed:88:d4:9d:1a:
                    fb:20:47:ae:09:fc:a9:f9:e1:48:ad:75:b9:58:ef:
                    9f:c1:a5:90:d9:35:6d:c2:2a:75:7b:fa:19:13:d6:
                    70:80:d6:0a:c6:dd:12:28:00:eb:fe:64:e9:11:98:
                    3d:b2:87:44:8b:b5:4f:ab:b0:e5:8c:fb:46:1d:5f:
                    26:7b:a0:5c:f1:17:be:44:cb:74:a9:98:9e:63:cf:
                    ea:33:8b:35:cb:37:02:ea:40:41:9a:02:0b:5a:6e:
                    d0:82:81:f0:b0:f3:ff:32:2c:3c:de:2a:d7:17:06:
                    ee:1a:4e:12:ce:64:0b:35:09:ce:74:6b:04:25:31:
                    20:37:cb:9d:e1:2d:f8:2b:2c:99:9b:b7:85:e2:63:
                    50:b8:9f:67:ec:f3:6a:b9:de:c7:2f:4a:ba:6c:44:
                    4d:d5:76:3d:51:cf:07:9e:bf:38:21:c8:e4:3e:bf:
                    61:4c:6b:68:1d:b0:8f:57:bd:a9:9c:6e:17:59:c3:
                    ff:e1:56:94:d4:e6:47:73:d0:b7:0b:2b:48:4e:c9:
                    6b:06:80:3c:29:d4:a6:68:66:13:92:60:c2:f7:b5:
                    d7:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:82:E0:29:75:F1:A1:FC:D0:35:A8:13:BF:BC:31:3C:07:32:5F:01
            X509v3 Authority Key Identifier:
                keyid:01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/MoLgKXXxofzQNagTv7wxPAcyXwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/AZrRgkvlRhY7SB_ElkegUIsia_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.255.216.0/21
                  185.68.172.0/22
                  185.232.112.0/22
                  185.240.168.0/22
                IPv6:
                  2a03:2ca0::/32
                  2a0c:8680::/29

    Signature Algorithm: sha256WithRSAEncryption
         a5:e3:78:3c:ec:15:00:6d:c2:55:25:69:b6:51:0f:4d:d6:7e:
         80:04:94:b2:ca:6f:59:11:11:fb:42:3a:53:e1:c4:0e:77:6a:
         0f:d4:5e:90:8f:ee:b3:10:81:73:1a:ca:29:de:41:57:e5:0f:
         76:74:25:e2:ca:8f:1b:a8:8c:1e:ce:0b:77:e8:1f:b0:6a:28:
         38:a4:d3:5e:d2:2b:53:45:df:cc:98:23:99:b3:e4:c5:bb:32:
         d2:89:f5:82:34:83:65:b6:a9:f1:59:55:59:3d:27:2a:5e:f6:
         1a:3f:20:de:23:3d:26:84:fc:c0:3f:c4:3c:2d:d4:3a:ba:f2:
         56:df:4c:f4:e5:65:ff:b6:b2:ad:81:ca:f7:7e:f9:54:00:ed:
         0c:cb:76:22:b5:2e:60:fd:4a:82:26:f5:22:34:20:d6:7d:4f:
         85:7e:21:d6:18:ea:1c:03:d4:fe:e3:31:66:41:ea:b7:df:f0:
         2f:65:37:f2:f1:8e:fc:4d:bc:b3:d8:1d:b1:d5:e5:ab:fe:80:
         03:40:6c:8c:64:05:2a:93:2e:9b:c1:ac:5e:94:ea:ae:aa:40:
         51:41:ec:c7:5e:13:90:c1:68:0f:32:e5:ee:a0:34:35:9a:69:
         dc:30:c2:14:83:fb:f4:78:c0:84:fc:2a:fd:fd:d2:7d:d1:09:
         98:0e:94:cd
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYkcmAG/2JQBa6jwiW3h+BAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOWFkMTgyNGJlNTQ2MTYzYjQ4MWZjNDk2NDdhMDUwOGIy
MjZiZjQwHhcNMjMwNzAzMTYzMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjgyZTAyOTc1ZjFhMWZjZDAzNWE4MTNiZmJjMzEzYzA3MzI1ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHNvkUY4FZLD0zNKloTJ2oozBTLd
QpSzVjg6Jpu+rwhIqVu4f56x7YjUnRr7IEeuCfyp+eFIrXW5WO+fwaWQ2TVtwip1
e/oZE9ZwgNYKxt0SKADr/mTpEZg9sodEi7VPq7DljPtGHV8me6Bc8Re+RMt0qZie
Y8/qM4s1yzcC6kBBmgILWm7QgoHwsPP/Miw83irXFwbuGk4SzmQLNQnOdGsEJTEg
N8ud4S34KyyZm7eF4mNQuJ9n7PNqud7HL0q6bERN1XY9Uc8Hnr84IcjkPr9hTGto
HbCPV72pnG4XWcP/4VaU1OZHc9C3CytITslrBoA8KdSmaGYTkmDC97XXUQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDKC4Cl18aH80DWoE7+8MTwHMl8BMB8GA1UdIwQY
MBaAFAGa0YJL5UYWO0gfxJZHoFCLImv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMt
ZThlMTNiYjBlMDg0LzEvTW9MZ0tYWHhvZnpRTmFnVHY3d3hQQWN5WHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMtZThlMTNiYjBlMDg0
LzEvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDWf/YAwQC
uUSsAwQCuehwAwQCufCoMBQEAgACMA4DBQAqAyygAwUDKgyGgDANBgkqhkiG9w0B
AQsFAAOCAQEApeN4POwVAG3CVSVptlEPTdZ+gASUsspvWRER+0I6U+HEDndqD9Re
kI/usxCBcxrKKd5BV+UPdnQl4sqPG6iMHs4Ld+gfsGooOKTTXtIrU0XfzJgjmbPk
xbsy0on1gjSDZbap8VlVWT0nKl72Gj8g3iM9JoT8wD/EPC3UOrryVt9M9OVl/7ay
rYHK9375VADtDMt2IrUuYP1Kgib1IjQg1n1PhX4h1hjqHAPU/uMxZkHqt9/wL2U3
8vGO/E28s9gdsdXlq/6AA0BsjGQFKpMum8GsXpTqrqpAUUHsx14TkMFoDzLl7qA0
NZpp3DDCFIP79HjAhPwq/f3SfdEJmA6UzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:26 2024 by rpki-client on console-fra.rpki-client.org