Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/1203d7-41ab-404c-929b-b97838c8d658/1/MuGaau6fgFx9uBYVJW2g8GrdeQo.roa
File:                     MuGaau6fgFx9uBYVJW2g8GrdeQo.roa (raw, json)
Hash identifier:          VTqBmQaqy8mRtCxBv1NphCGXodmyhiphwD9lhdO8Aek=
Subject key identifier:   32:E1:9A:6A:EE:9F:80:5C:7D:B8:16:15:25:6D:A0:F0:6A:DD:79:0A
Certificate issuer:       /CN=447cd41d9e6ccf80306c1b46bdc0b577b1ee2cae
Certificate serial:       01856C65D0FE48A51B24CE70767B74B85834
Authority key identifier: 44:7C:D4:1D:9E:6C:CF:80:30:6C:1B:46:BD:C0:B5:77:B1:EE:2C:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHzUHZ5sz4AwbBtGvcC1d7HuLK4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/1203d7-41ab-404c-929b-b97838c8d658/1/MuGaau6fgFx9uBYVJW2g8GrdeQo.roa
Signing time:             Sun 01 Jan 2023 08:14:49 +0000
ROA not before:           Sun 01 Jan 2023 08:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45022
IP address blocks:        195.5.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:65:d0:fe:48:a5:1b:24:ce:70:76:7b:74:b8:58:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447cd41d9e6ccf80306c1b46bdc0b577b1ee2cae
        Validity
            Not Before: Jan  1 08:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32e19a6aee9f805c7db81615256da0f06add790a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5c:ba:75:04:a1:8c:4e:5d:7c:e3:29:73:94:
                    c1:26:c1:2d:ae:5f:b5:48:f9:53:be:6f:29:35:77:
                    74:ab:ad:87:83:aa:f8:78:39:30:d2:e9:7e:cd:5a:
                    96:e5:53:85:d0:b8:01:b6:96:91:c3:4e:c3:e3:bf:
                    44:0b:e1:97:57:19:60:05:9a:04:a3:ea:81:27:1c:
                    82:47:6a:f8:fc:62:20:14:32:21:2f:64:8b:8a:64:
                    df:bd:0b:3e:32:d6:df:5a:77:13:27:ae:c4:85:39:
                    15:66:50:bf:e4:bf:d6:f5:1b:62:48:90:03:f7:5f:
                    83:ca:93:1a:05:20:54:4f:05:26:4a:44:15:75:89:
                    54:5d:ee:74:35:81:d3:12:3b:3d:12:b9:ad:cf:a4:
                    bb:bd:69:ff:ea:94:6b:e8:13:fa:19:d4:a7:a7:3c:
                    70:16:38:b0:bc:04:e9:3c:f8:35:a0:bc:75:a9:5a:
                    37:50:30:73:a5:2d:b8:a5:b2:36:30:5b:17:51:71:
                    69:93:0e:a5:e5:40:f6:67:6a:06:71:e5:9a:dd:f9:
                    39:2e:74:ee:7e:ee:b1:7f:ba:d7:b1:5c:a3:6d:8c:
                    e5:fa:31:84:1b:7a:1d:7d:93:3f:34:0b:b6:d5:5f:
                    3d:86:ae:06:e6:79:21:c0:07:6b:4f:51:0f:85:92:
                    6f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E1:9A:6A:EE:9F:80:5C:7D:B8:16:15:25:6D:A0:F0:6A:DD:79:0A
            X509v3 Authority Key Identifier:
                keyid:44:7C:D4:1D:9E:6C:CF:80:30:6C:1B:46:BD:C0:B5:77:B1:EE:2C:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHzUHZ5sz4AwbBtGvcC1d7HuLK4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/1203d7-41ab-404c-929b-b97838c8d658/1/MuGaau6fgFx9uBYVJW2g8GrdeQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/1203d7-41ab-404c-929b-b97838c8d658/1/RHzUHZ5sz4AwbBtGvcC1d7HuLK4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.5.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:d5:11:b6:d7:88:88:1d:ca:11:fb:d0:0d:15:af:aa:e6:a8:
         b5:b7:06:d1:24:4f:bc:0a:2b:30:38:34:f4:da:76:07:fb:2f:
         2f:a6:1c:01:5a:ed:25:1f:b8:79:13:6d:31:35:f4:b6:77:40:
         c7:03:ae:16:83:af:ce:ff:f4:a1:01:84:a6:01:50:75:5d:85:
         38:b9:71:92:fd:f3:33:5b:28:64:8f:99:23:be:de:c3:33:f4:
         0c:af:6a:b4:89:56:30:9e:60:3f:ad:0a:66:6d:57:04:e1:40:
         c1:8a:cb:45:21:5d:b6:8d:2b:b0:07:c9:56:9a:27:48:3d:6c:
         e2:85:7e:42:15:bb:4f:50:57:d6:9c:b3:5b:65:72:fb:f3:a8:
         f7:b3:a1:51:e9:89:d8:58:9e:1d:6a:e4:af:9a:f5:0a:50:4b:
         1d:6a:d0:8a:e8:8d:08:44:0f:09:23:e1:e7:48:f9:33:ff:58:
         87:ff:90:a8:dd:45:80:eb:d9:53:02:e6:0e:e3:69:61:a5:9a:
         bc:e1:20:49:a4:0d:2b:3f:a8:83:1e:75:78:97:16:bb:ff:1a:
         e0:d2:3d:da:55:df:f6:9f:92:e0:d2:31:10:c9:89:a1:e4:59:
         d3:3f:2d:7c:25:4d:5a:20:b0:fb:c6:67:b8:3f:0c:27:f3:8d:
         ad:dc:a9:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZdD+SKUbJM5wdnt0uFg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2NkNDFkOWU2Y2NmODAzMDZjMWI0NmJkYzBiNTc3YjFl
ZTJjYWUwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmUxOWE2YWVlOWY4MDVjN2RiODE2MTUyNTZkYTBmMDZhZGQ3OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFy6dQShjE5dfOMpc5TBJsEtrl+1
SPlTvm8pNXd0q62Hg6r4eDkw0ul+zVqW5VOF0LgBtpaRw07D479EC+GXVxlgBZoE
o+qBJxyCR2r4/GIgFDIhL2SLimTfvQs+MtbfWncTJ67EhTkVZlC/5L/W9RtiSJAD
91+DypMaBSBUTwUmSkQVdYlUXe50NYHTEjs9Ermtz6S7vWn/6pRr6BP6GdSnpzxw
FjiwvATpPPg1oLx1qVo3UDBzpS24pbI2MFsXUXFpkw6l5UD2Z2oGceWa3fk5LnTu
fu6xf7rXsVyjbYzl+jGEG3odfZM/NAu21V89hq4G5nkhwAdrT1EPhZJvGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLhmmrun4BcfbgWFSVtoPBq3XkKMB8GA1UdIwQY
MBaAFER81B2ebM+AMGwbRr3AtXex7iyuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh6VUhaNXN6NEF3YkJ0R3ZjQzFkN0h1TEs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8xMjAzZDctNDFhYi00MDRjLTkyOWIt
Yjk3ODM4YzhkNjU4LzEvTXVHYWF1NmZnRng5dUJZVkpXMmc4R3JkZVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8xMjAzZDctNDFhYi00MDRjLTkyOWItYjk3ODM4YzhkNjU4
LzEvUkh6VUhaNXN6NEF3YkJ0R3ZjQzFkN0h1TEs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwW4MA0G
CSqGSIb3DQEBCwUAA4IBAQAR1RG214iIHcoR+9ANFa+q5qi1twbRJE+8CiswODT0
2nYH+y8vphwBWu0lH7h5E20xNfS2d0DHA64Wg6/O//ShAYSmAVB1XYU4uXGS/fMz
Wyhkj5kjvt7DM/QMr2q0iVYwnmA/rQpmbVcE4UDBistFIV22jSuwB8lWmidIPWzi
hX5CFbtPUFfWnLNbZXL786j3s6FR6YnYWJ4dauSvmvUKUEsdatCK6I0IRA8JI+Hn
SPkz/1iH/5Co3UWA69lTAuYO42lhpZq84SBJpA0rP6iDHnV4lxa7/xrg0j3aVd/2
n5Lg0jEQyYmh5FnTPy18JU1aILD7xme4Pwwn842t3KmL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org