Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/MpqjAA3480LJ8xvrCNW34tx_ths.roa
File:                     MpqjAA3480LJ8xvrCNW34tx_ths.roa (raw, json)
Hash identifier:          ffBgoFYilcVY8dkUZLkfF61mybbxG9g+H00HmyHJLxI=
Subject key identifier:   32:9A:A3:00:0D:F8:F3:42:C9:F3:1B:EB:08:D5:B7:E2:DC:7F:B6:1B
Certificate issuer:       /CN=60325c21d2fafe743398dc1e5574433280110469
Certificate serial:       01856FDDC3667F6AEBD2B758A3DF5073A47E
Authority key identifier: 60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/MpqjAA3480LJ8xvrCNW34tx_ths.roa
Signing time:             Mon 02 Jan 2023 00:24:42 +0000
ROA not before:           Mon 02 Jan 2023 00:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59268
IP address blocks:        195.10.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:dd:c3:66:7f:6a:eb:d2:b7:58:a3:df:50:73:a4:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60325c21d2fafe743398dc1e5574433280110469
        Validity
            Not Before: Jan  2 00:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=329aa3000df8f342c9f31beb08d5b7e2dc7fb61b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:4e:67:62:4b:d6:bf:56:82:c5:29:b8:8d:ec:
                    b8:73:b7:60:02:c2:44:68:f9:77:d3:51:1e:47:7b:
                    69:a4:18:b1:84:f3:63:27:f8:23:0c:19:a0:d4:ef:
                    c3:11:70:68:9b:2f:db:07:8a:41:8a:46:b8:b6:ff:
                    a4:01:77:34:fc:75:08:f2:b1:42:4e:ca:3b:da:91:
                    d9:08:23:88:93:45:e9:81:f7:66:17:6d:1f:d8:8f:
                    a1:d1:7b:f4:c4:08:b0:ce:45:f8:a5:d6:8b:20:2a:
                    2f:ae:1b:e4:1e:e1:60:35:7f:ef:7f:68:9c:43:58:
                    da:7f:63:71:f4:eb:ac:8d:51:0e:20:db:12:4f:c8:
                    63:0d:c4:45:d1:d2:14:20:b3:95:13:b0:5f:d0:34:
                    fd:66:df:96:bb:ce:a4:64:67:f2:c9:86:9d:e3:87:
                    af:e0:8a:4b:aa:1d:a4:36:b6:b8:28:67:25:a9:50:
                    5f:98:36:13:39:a1:0d:3a:d6:a1:8c:69:29:49:72:
                    09:16:b1:3d:45:29:34:49:2c:0b:24:ee:28:8b:23:
                    6e:68:80:4e:81:2e:4e:b7:d2:48:a4:d9:d4:77:ff:
                    60:73:00:91:88:6e:12:75:11:df:a2:39:b0:0b:fe:
                    02:27:0b:e2:eb:ec:bd:45:b4:4e:a7:c1:d2:24:cc:
                    d6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:9A:A3:00:0D:F8:F3:42:C9:F3:1B:EB:08:D5:B7:E2:DC:7F:B6:1B
            X509v3 Authority Key Identifier:
                keyid:60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/MpqjAA3480LJ8xvrCNW34tx_ths.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/YDJcIdL6_nQzmNweVXRDMoARBGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:5d:22:00:28:24:b2:51:eb:d8:2c:16:47:70:d1:b0:33:4a:
         f0:ff:98:3b:b9:0c:89:a5:23:09:27:66:35:32:a6:94:a5:67:
         82:37:4f:f7:45:d4:9b:a9:72:c9:9a:66:08:40:1e:b8:1e:c6:
         a8:bb:d9:7b:59:b4:12:7f:68:e4:2d:fc:e7:ec:90:43:c7:e0:
         47:e7:dc:ea:4f:f9:c1:5b:8b:07:15:5f:4d:30:cc:65:92:97:
         f1:02:10:87:f4:b9:69:45:22:57:a3:de:f2:ce:4c:e0:21:cf:
         67:c0:bb:5b:bb:20:df:36:37:41:e2:49:c9:a6:b7:28:13:5f:
         19:07:7e:b2:69:a7:6e:66:3a:dd:bf:ed:a7:6f:8a:37:b8:66:
         35:d2:55:32:ac:11:53:82:11:d4:81:c2:a8:2a:7d:d4:76:39:
         c4:1a:f4:bf:be:f7:12:5e:12:35:72:63:6b:85:68:80:2e:ca:
         43:9e:3e:19:4e:79:15:52:be:0d:61:ee:f3:85:f8:48:84:d0:
         a9:63:bd:c7:68:c6:51:db:90:ab:54:65:88:49:3f:51:80:73:
         2d:0c:81:48:4c:39:c1:7b:e5:38:34:9e:40:73:e8:49:4d:1f:
         f4:a2:d8:2f:95:d9:bc:c0:4c:f2:27:57:e8:28:0b:ac:2f:a5:
         b3:fc:83:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv3cNmf2rr0rdYo99Qc6R+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzI1YzIxZDJmYWZlNzQzMzk4ZGMxZTU1NzQ0MzMyODAx
MTA0NjkwHhcNMjMwMTAyMDAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjlhYTMwMDBkZjhmMzQyYzlmMzFiZWIwOGQ1YjdlMmRjN2ZiNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE5nYkvWv1aCxSm4jey4c7dgAsJE
aPl301EeR3tppBixhPNjJ/gjDBmg1O/DEXBomy/bB4pBika4tv+kAXc0/HUI8rFC
Tso72pHZCCOIk0XpgfdmF20f2I+h0Xv0xAiwzkX4pdaLICovrhvkHuFgNX/vf2ic
Q1jaf2Nx9OusjVEOINsST8hjDcRF0dIUILOVE7Bf0DT9Zt+Wu86kZGfyyYad44ev
4IpLqh2kNra4KGclqVBfmDYTOaENOtahjGkpSXIJFrE9RSk0SSwLJO4oiyNuaIBO
gS5Ot9JIpNnUd/9gcwCRiG4SdRHfojmwC/4CJwvi6+y9RbROp8HSJMzWNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKaowAN+PNCyfMb6wjVt+Lcf7YbMB8GA1UdIwQY
MBaAFGAyXCHS+v50M5jcHlV0QzKAEQRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQt
YzU4ZTk1Y2Q0Mjc3LzEvTXBxakFBMzQ4MExKOHh2ckNOVzM0dHhfdGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQtYzU4ZTk1Y2Q0Mjc3
LzEvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrZMA0G
CSqGSIb3DQEBCwUAA4IBAQA/XSIAKCSyUevYLBZHcNGwM0rw/5g7uQyJpSMJJ2Y1
MqaUpWeCN0/3RdSbqXLJmmYIQB64Hsaou9l7WbQSf2jkLfzn7JBDx+BH59zqT/nB
W4sHFV9NMMxlkpfxAhCH9LlpRSJXo97yzkzgIc9nwLtbuyDfNjdB4knJprcoE18Z
B36yaaduZjrdv+2nb4o3uGY10lUyrBFTghHUgcKoKn3UdjnEGvS/vvcSXhI1cmNr
hWiALspDnj4ZTnkVUr4NYe7zhfhIhNCpY73HaMZR25CrVGWIST9RgHMtDIFITDnB
e+U4NJ5Ac+hJTR/0otgvldm8wEzyJ1foKAusL6Wz/IPY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:53 2024 by rpki-client on console-fra.rpki-client.org