Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/mvPRqcBQdJTEJM24bCk2t78o928.roa
File:                     mvPRqcBQdJTEJM24bCk2t78o928.roa (raw, json)
Hash identifier:          KB7qY75lNZMcC00lHLVhyUS0fePEasRXrLFUlG35MiU=
Subject key identifier:   9A:F3:D1:A9:C0:50:74:94:C4:24:CD:B8:6C:29:36:B7:BF:28:F7:6F
Certificate issuer:       /CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Certificate serial:       018570B0744B5F8439EDAD36CBC3F311F9C1
Authority key identifier: BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/mvPRqcBQdJTEJM24bCk2t78o928.roa
Signing time:             Mon 02 Jan 2023 04:14:50 +0000
ROA not before:           Mon 02 Jan 2023 04:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211896
IP address blocks:        194.180.20.0/24 maxlen: 24
                          194.180.25.0/24 maxlen: 24
                          194.180.52.0/24 maxlen: 24
                          194.180.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:b0:74:4b:5f:84:39:ed:ad:36:cb:c3:f3:11:f9:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
        Validity
            Not Before: Jan  2 04:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9af3d1a9c0507494c424cdb86c2936b7bf28f76f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2c:2c:91:b1:b1:b6:0f:4f:1b:a1:09:a3:6d:
                    2c:a9:c3:1f:0c:e2:66:2e:ae:46:56:b1:b1:83:55:
                    f7:50:b0:10:4a:fa:cc:cf:34:09:df:90:27:e5:8a:
                    80:33:dd:b6:6e:57:84:37:b6:8e:32:90:26:72:12:
                    d2:0b:33:7e:b0:da:45:26:82:09:a0:f5:b2:45:49:
                    50:b2:57:6b:3b:f0:02:78:10:70:4d:96:41:97:c4:
                    28:bc:14:be:4e:2b:4c:63:fd:57:96:f5:4b:d5:1d:
                    a1:5d:11:0c:65:ba:fb:46:9d:62:12:1b:53:6c:a0:
                    00:92:2b:f8:c3:75:ec:be:57:e6:47:b8:eb:95:50:
                    46:7a:7f:ab:de:ba:99:d5:63:70:5e:38:f6:6e:72:
                    22:10:34:2e:6b:e9:e9:a4:0d:49:84:92:b8:0e:cf:
                    cf:9d:db:5e:97:ce:18:61:62:21:2f:64:a6:0b:79:
                    07:16:58:95:d3:4a:88:64:71:78:39:d8:2e:54:4f:
                    5f:8a:80:56:e3:4c:e2:69:81:de:f5:60:ac:73:6a:
                    c4:06:e0:75:fc:dc:41:70:5b:89:53:1d:fa:36:df:
                    b5:72:6d:a3:e1:33:cd:58:cd:df:5c:9d:25:b6:f7:
                    2a:eb:b6:f7:0a:65:8a:dc:d0:2f:9b:9a:28:35:29:
                    6d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:F3:D1:A9:C0:50:74:94:C4:24:CD:B8:6C:29:36:B7:BF:28:F7:6F
            X509v3 Authority Key Identifier:
                keyid:BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/mvPRqcBQdJTEJM24bCk2t78o928.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.180.20.0/24
                  194.180.25.0/24
                  194.180.52.0/24
                  194.180.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:a9:42:42:9c:51:b7:90:a0:93:fb:4b:f0:30:43:da:b7:91:
         f8:b1:3d:12:ae:8d:8c:dc:37:7c:3f:94:67:94:9c:cc:e1:b8:
         70:28:50:c8:bb:33:2c:56:66:cb:a6:49:ba:0c:69:cc:44:1b:
         f2:b0:26:09:dd:0b:d4:c0:d5:71:0b:62:2c:c0:93:fb:85:55:
         74:2e:50:50:d3:1a:a7:be:cc:08:61:e3:f8:db:f6:2d:b5:3a:
         87:e5:1b:82:81:e0:30:cb:8e:6d:18:14:1c:05:41:8a:f5:2d:
         1e:2a:48:a7:15:c0:fe:7f:95:f9:e1:b6:67:ca:b9:5f:4b:d9:
         6e:06:b3:df:c8:5d:ea:ba:ba:78:e4:40:6d:12:4b:66:2d:9f:
         14:79:06:88:d5:ed:29:d0:ec:a9:e7:4a:99:32:f7:70:f8:13:
         fe:fb:7b:0e:16:ab:53:35:c8:92:45:45:5f:8d:9b:a0:36:db:
         53:b6:12:dc:d1:8a:5c:97:2e:ed:cf:c5:f9:c5:33:36:27:11:
         f3:ab:69:f2:92:a5:eb:05:12:98:3b:31:53:90:ae:6c:3f:cc:
         d7:c7:ea:d1:5f:dd:f7:75:ac:4e:73:b3:c4:67:95:a8:29:cc:
         ed:a7:77:49:e8:cb:0b:ee:88:99:62:cb:78:03:1e:59:40:6f:
         34:dc:5a:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwsHRLX4Q57a02y8PzEfnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzczMDFlMTRkNjViM2EzZDY4NmRhYWMxNmRmYzQ5YWM0
OGM3Y2QwHhcNMjMwMTAyMDQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWYzZDFhOWMwNTA3NDk0YzQyNGNkYjg2YzI5MzZiN2JmMjhmNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiwskbGxtg9PG6EJo20sqcMfDOJm
Lq5GVrGxg1X3ULAQSvrMzzQJ35An5YqAM922bleEN7aOMpAmchLSCzN+sNpFJoIJ
oPWyRUlQsldrO/ACeBBwTZZBl8QovBS+TitMY/1XlvVL1R2hXREMZbr7Rp1iEhtT
bKAAkiv4w3XsvlfmR7jrlVBGen+r3rqZ1WNwXjj2bnIiEDQua+nppA1JhJK4Ds/P
ndtel84YYWIhL2SmC3kHFliV00qIZHF4OdguVE9fioBW40ziaYHe9WCsc2rEBuB1
/NxBcFuJUx36Nt+1cm2j4TPNWM3fXJ0ltvcq67b3CmWK3NAvm5ooNSltKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJrz0anAUHSUxCTNuGwpNre/KPdvMB8GA1UdIwQY
MBaAFLp3MB4U1ls6PWhtqsFt/EmsSMfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEt
NWM2OGY2YjBiMmM3LzEvbXZQUnFjQlFkSlRFSk0yNGJDazJ0NzhvOTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEtNWM2OGY2YjBiMmM3
LzEvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwrQUAwQA
wrQZAwQAwrQ0AwQAwrQ3MA0GCSqGSIb3DQEBCwUAA4IBAQAJqUJCnFG3kKCT+0vw
MEPat5H4sT0Sro2M3Dd8P5RnlJzM4bhwKFDIuzMsVmbLpkm6DGnMRBvysCYJ3QvU
wNVxC2IswJP7hVV0LlBQ0xqnvswIYeP42/YttTqH5RuCgeAwy45tGBQcBUGK9S0e
KkinFcD+f5X54bZnyrlfS9luBrPfyF3qurp45EBtEktmLZ8UeQaI1e0p0Oyp50qZ
Mvdw+BP++3sOFqtTNciSRUVfjZugNttTthLc0Ypcly7tz8X5xTM2JxHzq2nykqXr
BRKYOzFTkK5sP8zXx+rRX933daxOc7PEZ5WoKcztp3dJ6MsL7oiZYst4Ax5ZQG80
3FqL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org