Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/mdPvMYhHIH59Tbn9igU8dIzy8wc.roa
File:                     mdPvMYhHIH59Tbn9igU8dIzy8wc.roa (raw, json)
Hash identifier:          tqrBCLgliHKyF8v/nk/YJxd7CWKbjtGn8uZZMbMtv44=
Subject key identifier:   99:D3:EF:31:88:47:20:7E:7D:4D:B9:FD:8A:05:3C:74:8C:F2:F3:07
Certificate issuer:       /CN=8dc69c6bbe89e7c0479b617744a4424f66674944
Certificate serial:       018CCA2A28C1E3DF020DCCFA497A447E2062
Authority key identifier: 8D:C6:9C:6B:BE:89:E7:C0:47:9B:61:77:44:A4:42:4F:66:67:49:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jcaca76J58BHm2F3RKRCT2ZnSUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/mdPvMYhHIH59Tbn9igU8dIzy8wc.roa
Signing time:             Tue 02 Jan 2024 12:33:29 +0000
ROA not before:           Tue 02 Jan 2024 12:33:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56902
IP address blocks:        91.92.115.0/24 maxlen: 24
                          85.202.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 12:53:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:28:c1:e3:df:02:0d:cc:fa:49:7a:44:7e:20:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8dc69c6bbe89e7c0479b617744a4424f66674944
        Validity
            Not Before: Jan  2 12:33:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99d3ef318847207e7d4db9fd8a053c748cf2f307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a0:27:33:4a:94:4b:ea:9c:ca:cb:ca:fd:fd:
                    0c:27:46:2c:5a:5c:37:20:89:ea:e6:0f:8e:b3:44:
                    9d:78:ee:c2:dc:7e:74:91:f8:1f:db:8f:fc:9e:eb:
                    18:69:c7:3b:e9:87:c2:fc:37:7e:ec:fa:ea:7e:3b:
                    f8:86:5e:76:26:64:93:b4:ac:05:48:d7:ae:3a:b9:
                    2e:cf:81:b6:ac:13:ea:ff:06:54:20:20:25:ce:2f:
                    6b:1e:29:6f:1d:b8:b2:e4:a7:d4:7f:b4:af:fa:18:
                    cc:5a:5e:de:27:16:5b:f2:73:3f:f5:b7:24:ed:de:
                    f2:7a:d0:10:0c:21:58:35:6f:fb:1b:49:0e:62:05:
                    b0:cd:09:bf:76:f8:3b:e9:8c:be:4f:8a:98:6f:29:
                    e8:70:ac:74:0e:9e:fb:0f:b1:f5:fe:2b:05:29:55:
                    79:65:57:35:32:3a:0a:7d:20:20:d0:ef:fe:d8:4d:
                    27:f1:6f:13:85:08:d4:ae:72:dd:b5:61:8d:3b:e7:
                    65:4a:a2:a9:e5:62:b0:f9:64:63:9d:cf:bf:5d:04:
                    9c:19:e2:0e:af:d6:f1:66:d7:0d:71:bb:d6:de:c2:
                    5b:49:40:c2:e9:78:30:da:56:d6:50:d5:aa:75:c5:
                    01:18:57:51:72:05:16:1a:d5:15:a6:e5:d5:d5:0e:
                    37:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D3:EF:31:88:47:20:7E:7D:4D:B9:FD:8A:05:3C:74:8C:F2:F3:07
            X509v3 Authority Key Identifier:
                keyid:8D:C6:9C:6B:BE:89:E7:C0:47:9B:61:77:44:A4:42:4F:66:67:49:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcaca76J58BHm2F3RKRCT2ZnSUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/mdPvMYhHIH59Tbn9igU8dIzy8wc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/jcaca76J58BHm2F3RKRCT2ZnSUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.202.95.0/24
                  91.92.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:9a:36:21:d8:de:e4:b2:ad:df:46:68:a7:9e:f0:ae:3c:ea:
         50:89:92:27:ec:8b:7d:d0:c7:87:07:c8:78:1e:2f:2b:7f:c0:
         70:02:f1:cd:41:49:1d:37:9c:c2:e3:ad:2b:80:b6:f3:65:5e:
         91:f0:c4:c0:3f:12:da:f6:f2:ad:c2:41:05:74:20:fd:e6:81:
         89:91:7f:58:63:f2:92:b0:a5:d5:5a:8e:b4:57:26:ce:2b:18:
         18:27:1a:44:ac:df:4b:ac:77:b5:75:8c:27:60:3d:05:93:77:
         3e:1e:13:89:78:d4:9e:8b:40:dc:33:1b:af:1b:eb:4b:7d:9b:
         db:2a:03:67:11:21:6b:9a:f7:e7:b2:cd:4c:3e:8e:8a:a5:bd:
         cc:54:14:3b:eb:ac:f3:ff:3f:1b:d8:dc:24:b0:bb:39:5d:cf:
         1b:ca:1a:16:37:51:6a:c3:aa:91:7a:51:c2:cd:b4:36:c1:ba:
         d8:be:ae:7b:c3:9e:44:45:03:e6:4d:f1:c5:fb:a8:30:88:78:
         56:a1:77:22:02:a4:7e:23:3c:3d:b6:c3:8e:6c:b0:ad:ad:d6:
         32:0b:95:96:85:5c:d2:7b:f9:2d:03:99:97:3b:60:67:f9:a6:
         9c:04:df:3f:dd:3b:49:d9:22:61:c3:cb:69:98:0e:10:08:12:
         66:e5:01:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKijB498CDcz6SXpEfiBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzY5YzZiYmU4OWU3YzA0NzliNjE3NzQ0YTQ0MjRmNjY2
NzQ5NDQwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQzZWYzMTg4NDcyMDdlN2Q0ZGI5ZmQ4YTA1M2M3NDhjZjJmMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6AnM0qUS+qcysvK/f0MJ0YsWlw3
IInq5g+Os0SdeO7C3H50kfgf24/8nusYacc76YfC/Dd+7Prqfjv4hl52JmSTtKwF
SNeuOrkuz4G2rBPq/wZUICAlzi9rHilvHbiy5KfUf7Sv+hjMWl7eJxZb8nM/9bck
7d7yetAQDCFYNW/7G0kOYgWwzQm/dvg76Yy+T4qYbynocKx0Dp77D7H1/isFKVV5
ZVc1MjoKfSAg0O/+2E0n8W8ThQjUrnLdtWGNO+dlSqKp5WKw+WRjnc+/XQScGeIO
r9bxZtcNcbvW3sJbSUDC6Xgw2lbWUNWqdcUBGFdRcgUWGtUVpuXV1Q43NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJnT7zGIRyB+fU25/YoFPHSM8vMHMB8GA1UdIwQY
MBaAFI3GnGu+iefAR5thd0SkQk9mZ0lEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNhY2E3Nko1OEJIbTJGM1JLUkNUMlpuU1VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yM2RiNWMtMWExMC00NGM2LTlkNzct
YmI1Y2FhYzJlOTAzLzEvbWRQdk1ZaEhJSDU5VGJuOWlnVThkSXp5OHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yM2RiNWMtMWExMC00NGM2LTlkNzctYmI1Y2FhYzJlOTAz
LzEvamNhY2E3Nko1OEJIbTJGM1JLUkNUMlpuU1VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcpfAwQA
W1xzMA0GCSqGSIb3DQEBCwUAA4IBAQArmjYh2N7ksq3fRminnvCuPOpQiZIn7It9
0MeHB8h4Hi8rf8BwAvHNQUkdN5zC460rgLbzZV6R8MTAPxLa9vKtwkEFdCD95oGJ
kX9YY/KSsKXVWo60VybOKxgYJxpErN9LrHe1dYwnYD0Fk3c+HhOJeNSei0DcMxuv
G+tLfZvbKgNnESFrmvfnss1MPo6Kpb3MVBQ766zz/z8b2NwksLs5Xc8byhoWN1Fq
w6qRelHCzbQ2wbrYvq57w55ERQPmTfHF+6gwiHhWoXciAqR+Izw9tsOObLCtrdYy
C5WWhVzSe/ktA5mXO2Bn+aacBN8/3TtJ2SJhw8tpmA4QCBJm5QHt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:23 2024 by rpki-client on console-fra.rpki-client.org