Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/MPm4UjnVVVK1h9jzTjWFlQfT0KQ.roa
File:                     MPm4UjnVVVK1h9jzTjWFlQfT0KQ.roa (raw, json)
Hash identifier:          6rPSJXz33mES/q62j9yV9JoEWy7toP55j3NsYaZ0Sso=
Subject key identifier:   30:F9:B8:52:39:D5:55:52:B5:87:D8:F3:4E:35:85:95:07:D3:D0:A4
Certificate issuer:       /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial:       0186B8844F5D060370B04044B67C0BE601FB
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/MPm4UjnVVVK1h9jzTjWFlQfT0KQ.roa
Signing time:             Mon 06 Mar 2023 20:02:04 +0000
ROA not before:           Mon 06 Mar 2023 20:02:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209854
IP address blocks:        193.57.95.0/24 maxlen: 24
                          193.57.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b8:84:4f:5d:06:03:70:b0:40:44:b6:7c:0b:e6:01:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
        Validity
            Not Before: Mar  6 20:02:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30f9b85239d55552b587d8f34e35859507d3d0a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:eb:7d:5a:d8:f5:0f:b2:2e:b7:92:db:8a:35:
                    eb:bd:95:6b:1b:71:42:e4:5a:04:66:dd:69:c9:cf:
                    37:fa:5f:a3:0e:29:c9:9d:b3:cf:ef:0f:e8:65:bd:
                    f2:2a:dd:cf:2b:81:77:93:1a:c6:28:26:a1:ee:39:
                    d9:fa:ae:3f:56:5f:cb:bf:35:bc:74:d5:02:95:2d:
                    68:8c:30:8b:67:84:8d:9d:2f:72:82:b2:99:44:e5:
                    a8:21:c2:67:7d:93:81:23:08:4a:96:f8:2b:02:1a:
                    f8:28:47:94:d9:46:a9:7d:3c:07:91:0f:3b:25:cb:
                    55:29:d5:d0:16:be:a9:8d:33:5c:18:f6:c4:ac:8f:
                    82:52:ff:c7:cb:7f:f5:57:e9:a9:03:91:b6:fc:38:
                    74:24:e3:8c:8a:0b:5e:2b:9b:81:ba:d8:a2:17:57:
                    4d:58:2b:98:54:84:ac:9f:8c:d5:e6:61:b2:a5:49:
                    e2:fa:a3:ee:cb:1a:7e:c6:09:bd:d4:38:e2:bd:5b:
                    50:e8:3e:78:85:97:8b:d2:f1:7c:4c:aa:39:a5:11:
                    ec:f2:c8:31:03:28:9e:a4:19:af:df:7c:06:68:58:
                    db:e9:20:96:a6:35:b1:13:73:d2:fe:47:5c:2a:b3:
                    83:97:f1:ff:ae:4b:2f:5d:24:4a:ff:67:07:f1:ea:
                    31:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:F9:B8:52:39:D5:55:52:B5:87:D8:F3:4E:35:85:95:07:D3:D0:A4
            X509v3 Authority Key Identifier:
                keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/MPm4UjnVVVK1h9jzTjWFlQfT0KQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         60:5e:4b:64:62:68:a9:09:b2:09:11:83:de:32:1e:aa:90:c4:
         95:68:5c:0b:d5:c6:43:74:7f:68:54:3c:12:05:93:44:d2:ee:
         db:3f:11:cd:ca:e0:31:61:22:2f:b0:33:21:16:03:31:05:b3:
         2b:9b:56:bc:e8:ba:05:dc:57:d0:8e:79:04:22:17:92:d7:97:
         54:1b:73:18:18:5e:77:91:0a:40:49:a7:ea:f8:e9:6d:25:1f:
         89:63:56:97:be:bb:a6:a9:8a:ad:79:a9:ed:6f:48:10:54:6b:
         97:94:b7:b4:e0:bf:9e:66:e8:7a:5a:25:89:70:0d:bc:41:c3:
         d0:4b:83:9d:ee:5f:36:82:26:90:36:e0:a7:93:dc:5f:ad:c8:
         66:c2:32:8f:6a:7e:94:08:cc:36:fa:5e:b9:84:66:1a:e7:0d:
         2d:34:0d:f4:c9:7d:53:eb:98:33:83:cd:82:62:37:8e:2a:9f:
         79:ad:49:86:54:30:79:cc:17:28:a1:1f:c9:69:b6:1f:4a:1b:
         39:96:f6:4f:ae:dd:7c:af:a2:0b:be:37:6c:69:bf:81:f4:ac:
         8e:f3:aa:64:fc:4c:c0:7c:36:96:30:e6:c0:48:8a:44:4b:7d:
         57:67:87:be:00:6d:bd:32:44:61:8c:b5:88:48:7c:3a:ca:5d:
         30:6b:89:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa4hE9dBgNwsEBEtnwL5gH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjMwMzA2MjAwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY5Yjg1MjM5ZDU1NTUyYjU4N2Q4ZjM0ZTM1ODU5NTA3ZDNkMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOt9Wtj1D7Iut5LbijXrvZVrG3FC
5FoEZt1pyc83+l+jDinJnbPP7w/oZb3yKt3PK4F3kxrGKCah7jnZ+q4/Vl/LvzW8
dNUClS1ojDCLZ4SNnS9ygrKZROWoIcJnfZOBIwhKlvgrAhr4KEeU2UapfTwHkQ87
JctVKdXQFr6pjTNcGPbErI+CUv/Hy3/1V+mpA5G2/Dh0JOOMigteK5uButiiF1dN
WCuYVISsn4zV5mGypUni+qPuyxp+xgm91DjivVtQ6D54hZeL0vF8TKo5pRHs8sgx
AyiepBmv33wGaFjb6SCWpjWxE3PS/kdcKrODl/H/rksvXSRK/2cH8eoxEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDD5uFI51VVStYfY8041hZUH09CkMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvTVBtNFVqblZWVksxaDlqelRqV0ZsUWZUMEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwTleMA0G
CSqGSIb3DQEBCwUAA4IBAQBgXktkYmipCbIJEYPeMh6qkMSVaFwL1cZDdH9oVDwS
BZNE0u7bPxHNyuAxYSIvsDMhFgMxBbMrm1a86LoF3FfQjnkEIheS15dUG3MYGF53
kQpASafq+OltJR+JY1aXvrumqYqteantb0gQVGuXlLe04L+eZuh6WiWJcA28QcPQ
S4Od7l82giaQNuCnk9xfrchmwjKPan6UCMw2+l65hGYa5w0tNA30yX1T65gzg82C
YjeOKp95rUmGVDB5zBcooR/JabYfShs5lvZPrt18r6ILvjdsab+B9KyO86pk/EzA
fDaWMObASIpES31XZ4e+AG29MkRhjLWISHw6yl0wa4lf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org