Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Mif_sGk8EJFRWli6K17NE8PMxrY.roa
File:                     Mif_sGk8EJFRWli6K17NE8PMxrY.roa (raw, json)
Hash identifier:          xYGOrCIXNItol1U/57+ywNDJBtJDKBOSWm+Xd4L4XYI=
Subject key identifier:   32:27:FF:B0:69:3C:10:91:51:5A:58:BA:2B:5E:CD:13:C3:CC:C6:B6
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018F402D874EB6DE5E1A239DBD62E489D426
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Mif_sGk8EJFRWli6K17NE8PMxrY.roa
Signing time:             Fri 03 May 2024 20:37:56 +0000
ROA not before:           Fri 03 May 2024 20:37:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        185.199.213.0/24 maxlen: 24
                          185.221.26.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 May 2024 23:12:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:40:2d:87:4e:b6:de:5e:1a:23:9d:bd:62:e4:89:d4:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: May  3 20:37:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3227ffb0693c1091515a58ba2b5ecd13c3ccc6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:20:de:16:4b:77:a2:4d:54:3d:d0:9c:96:81:
                    c3:fe:30:d6:89:b8:17:a5:3b:a4:33:35:72:5e:cd:
                    fc:22:a4:0f:14:42:de:13:d2:58:ae:61:52:c7:61:
                    03:ca:be:d9:6d:b2:cb:06:d7:04:46:fd:e7:d3:2b:
                    fc:e7:23:e3:96:c4:db:68:a9:d1:ae:52:b8:48:b3:
                    27:82:39:d6:db:92:11:ec:59:d9:d1:22:e1:35:9b:
                    e7:37:dc:79:4b:56:3b:c2:47:76:5b:89:76:d8:42:
                    87:5b:3f:9f:e8:25:52:a4:ce:b5:bf:41:0c:d3:fb:
                    c6:e6:4e:1d:90:50:c7:af:fc:ad:88:cf:67:a5:ad:
                    b6:4f:40:dd:57:13:6e:7c:7a:0c:b2:a4:ab:e2:e0:
                    21:41:9c:e0:47:74:89:fe:30:c8:2d:7e:7b:32:1f:
                    22:54:b0:e6:05:20:e3:e9:e5:6f:7a:8a:15:5c:59:
                    ec:33:62:ca:a7:69:63:33:21:87:03:7a:c1:4f:4f:
                    36:dd:65:f1:87:fd:bd:38:73:50:1b:04:08:bf:04:
                    35:8f:ad:a4:be:f0:f3:43:56:5c:4d:7a:9b:f1:7f:
                    f6:9e:03:0d:63:8d:a6:6e:fb:90:ba:96:2c:ef:0a:
                    12:1d:51:ca:ce:c9:88:06:79:76:ff:e6:f1:d6:7a:
                    fd:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:27:FF:B0:69:3C:10:91:51:5A:58:BA:2B:5E:CD:13:C3:CC:C6:B6
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Mif_sGk8EJFRWli6K17NE8PMxrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.199.213.0/24
                  185.221.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:bd:ef:a5:14:5e:0e:01:c6:06:df:8f:d1:4e:2d:73:37:17:
         f0:cc:b2:62:22:8d:2f:16:89:5a:7f:12:a9:af:b1:ac:a5:4f:
         54:6a:c6:d2:9e:f6:90:1d:55:78:69:13:d7:73:7b:79:f0:54:
         4e:47:ad:a5:3c:95:e7:80:03:bd:5f:db:78:fe:0f:cc:aa:e6:
         7e:3a:65:ed:7a:bd:4c:4b:c3:c0:cf:c5:80:d4:a1:62:ea:ce:
         ac:bf:e3:dd:4b:28:c9:23:c5:05:07:9b:82:cf:dc:44:d3:6c:
         b0:05:5c:2d:00:a4:d2:e2:bf:88:fa:32:cc:41:9f:87:5e:9a:
         1e:2f:54:dd:0d:63:97:cc:dd:5b:06:04:35:1f:0f:87:9a:04:
         fd:9b:a7:35:82:5c:9e:4a:66:b1:65:e2:02:1c:73:21:11:a7:
         b1:5a:af:2c:96:7a:2b:23:73:f6:2d:2f:2b:26:ef:3c:db:97:
         2c:77:03:73:c9:ee:3e:46:89:f8:b3:78:e8:6e:29:43:b3:c8:
         27:69:b9:8d:83:dc:26:e1:f1:2b:53:1b:c8:59:14:0e:d9:13:
         6f:a4:65:36:e0:2b:4e:45:87:50:dc:5c:31:de:c0:6d:f1:68:
         bd:94:60:ee:1c:ac:bb:81:0b:e9:1a:5f:2c:9f:d6:4c:ef:b7:
         5b:14:72:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9ALYdOtt5eGiOdvWLkidQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNTAzMjAzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI3ZmZiMDY5M2MxMDkxNTE1YTU4YmEyYjVlY2QxM2MzY2NjNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iDeFkt3ok1UPdCcloHD/jDWibgX
pTukMzVyXs38IqQPFELeE9JYrmFSx2EDyr7ZbbLLBtcERv3n0yv85yPjlsTbaKnR
rlK4SLMngjnW25IR7FnZ0SLhNZvnN9x5S1Y7wkd2W4l22EKHWz+f6CVSpM61v0EM
0/vG5k4dkFDHr/ytiM9npa22T0DdVxNufHoMsqSr4uAhQZzgR3SJ/jDILX57Mh8i
VLDmBSDj6eVveooVXFnsM2LKp2ljMyGHA3rBT0823WXxh/29OHNQGwQIvwQ1j62k
vvDzQ1ZcTXqb8X/2ngMNY42mbvuQupYs7woSHVHKzsmIBnl2/+bx1nr9BQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDIn/7BpPBCRUVpYuitezRPDzMa2MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTWlmX3NHazhFSkZSV2xpNksxN05FOFBNeHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucfVAwQB
ud0aMA0GCSqGSIb3DQEBCwUAA4IBAQADve+lFF4OAcYG34/RTi1zNxfwzLJiIo0v
FolafxKpr7GspU9UasbSnvaQHVV4aRPXc3t58FROR62lPJXngAO9X9t4/g/MquZ+
OmXter1MS8PAz8WA1KFi6s6sv+PdSyjJI8UFB5uCz9xE02ywBVwtAKTS4r+I+jLM
QZ+HXpoeL1TdDWOXzN1bBgQ1Hw+HmgT9m6c1glyeSmaxZeICHHMhEaexWq8slnor
I3P2LS8rJu8825csdwNzye4+Ron4s3jobilDs8gnabmNg9wm4fErUxvIWRQO2RNv
pGU24CtORYdQ3Fwx3sBt8Wi9lGDuHKy7gQvpGl8sn9ZM77dbFHJY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org