Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/mCvn_j_RCPweykBs-p8cnE_5Npg.roa
File:                     mCvn_j_RCPweykBs-p8cnE_5Npg.roa (raw, json)
Hash identifier:          WVYUndMwqrfsPeuyjllDX3WfnNFhEmnsOOZyp6It/xI=
Subject key identifier:   98:2B:E7:FE:3F:D1:08:FC:1E:CA:40:6C:FA:9F:1C:9C:4F:F9:36:98
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       018CE9543B30F3DC90A0AAFCB4F982FCF848
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/mCvn_j_RCPweykBs-p8cnE_5Npg.roa
Signing time:             Mon 08 Jan 2024 13:47:40 +0000
ROA not before:           Mon 08 Jan 2024 13:47:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200296
IP address blocks:        185.3.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 12:13:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e9:54:3b:30:f3:dc:90:a0:aa:fc:b4:f9:82:fc:f8:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Jan  8 13:47:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=982be7fe3fd108fc1eca406cfa9f1c9c4ff93698
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:61:c5:32:ec:19:ba:a3:31:d0:94:38:1c:08:
                    30:59:42:58:c8:25:d2:b0:7f:b3:a3:fe:23:5d:65:
                    4f:18:7c:c3:4b:28:d5:66:68:54:f5:0d:c7:81:49:
                    cb:5a:fa:f3:7c:94:ed:e2:02:02:46:ce:24:f9:48:
                    4d:66:67:cf:1f:11:c3:01:16:03:b9:45:05:2f:64:
                    e9:31:54:5e:ea:f8:13:3e:9e:c6:4b:e8:c6:82:14:
                    35:1c:e2:42:18:d8:2d:bd:df:0b:43:90:95:81:cf:
                    6e:5b:59:e2:13:77:3f:a7:e6:41:c9:5b:f3:d9:97:
                    ee:d1:0a:41:1b:46:1b:1e:30:0d:9a:33:cc:6b:89:
                    12:74:c5:98:74:9d:13:42:3c:e3:3b:30:95:f5:2a:
                    e5:06:92:ba:8f:a5:76:44:11:1f:68:91:b4:f5:dc:
                    41:c4:8d:c6:e8:10:c7:d5:f1:ea:e7:32:c5:db:d3:
                    5d:69:95:82:f0:25:f9:f9:44:9d:23:1d:dd:52:e4:
                    50:38:be:cc:1a:f4:e6:5d:e0:a7:33:a0:98:0e:aa:
                    f4:2f:ee:b9:6e:0c:93:eb:28:36:f9:6d:cd:c7:3f:
                    57:71:46:ef:9c:3b:0e:2e:f3:e8:20:57:3f:57:cc:
                    6f:dc:d3:d9:98:5c:dd:7d:be:46:55:f2:1f:7b:39:
                    7d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:2B:E7:FE:3F:D1:08:FC:1E:CA:40:6C:FA:9F:1C:9C:4F:F9:36:98
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/mCvn_j_RCPweykBs-p8cnE_5Npg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.3.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:5c:cf:41:c6:62:fd:1c:40:3a:fd:5d:00:af:14:bf:d9:2d:
         c8:a5:5a:76:0e:40:a3:4b:b6:ae:13:e5:eb:6b:22:13:08:1e:
         0a:b3:fe:5b:0e:0f:76:bf:a1:5a:81:40:7e:7f:26:47:df:6e:
         6b:34:e2:e9:e0:96:eb:dc:99:e1:b5:cb:61:27:9e:31:ca:7c:
         6f:73:f1:94:ad:de:75:af:45:75:88:1a:49:f2:b3:52:5a:f6:
         84:a6:07:51:09:b1:82:35:a5:ff:98:5d:07:61:c9:3e:bd:f1:
         e5:2e:f2:d0:8a:49:f7:03:2e:cd:41:5d:f5:46:9f:42:3b:df:
         0c:df:fd:29:ab:b5:0a:9f:65:26:5d:a7:9a:ee:bd:46:4c:34:
         4d:05:7b:a0:bb:df:20:50:26:f2:5c:4a:f0:c2:7b:f0:2e:09:
         73:f4:42:15:5d:ac:6d:ab:18:fc:6a:8a:bf:c9:e8:59:11:f4:
         e8:f0:6f:d5:70:90:cd:59:8a:38:e4:7d:d5:16:56:c3:41:d4:
         2f:c5:ad:f5:97:a4:c3:e2:b2:b0:4e:cb:e9:89:a3:66:44:47:
         07:48:51:e0:63:58:65:79:62:7d:31:01:3d:dd:1a:3d:e0:5f:
         bc:34:85:2e:e4:6b:2e:4b:a7:de:42:ef:1d:b6:0a:67:14:10:
         61:64:2c:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzpVDsw89yQoKr8tPmC/PhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTA4MTM0NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJiZTdmZTNmZDEwOGZjMWVjYTQwNmNmYTlmMWM5YzRmZjkzNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomHFMuwZuqMx0JQ4HAgwWUJYyCXS
sH+zo/4jXWVPGHzDSyjVZmhU9Q3HgUnLWvrzfJTt4gICRs4k+UhNZmfPHxHDARYD
uUUFL2TpMVRe6vgTPp7GS+jGghQ1HOJCGNgtvd8LQ5CVgc9uW1niE3c/p+ZByVvz
2Zfu0QpBG0YbHjANmjPMa4kSdMWYdJ0TQjzjOzCV9SrlBpK6j6V2RBEfaJG09dxB
xI3G6BDH1fHq5zLF29NdaZWC8CX5+USdIx3dUuRQOL7MGvTmXeCnM6CYDqr0L+65
bgyT6yg2+W3Nxz9XcUbvnDsOLvPoIFc/V8xv3NPZmFzdfb5GVfIfezl99wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgr5/4/0Qj8HspAbPqfHJxP+TaYMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvbUN2bl9qX1JDUHdleWtCcy1wOGNuRV81TnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBXXM9BxmL9HEA6/V0ArxS/2S3IpVp2DkCjS7auE+Xr
ayITCB4Ks/5bDg92v6FagUB+fyZH325rNOLp4Jbr3JnhtcthJ54xynxvc/GUrd51
r0V1iBpJ8rNSWvaEpgdRCbGCNaX/mF0HYck+vfHlLvLQikn3Ay7NQV31Rp9CO98M
3/0pq7UKn2UmXaea7r1GTDRNBXugu98gUCbyXErwwnvwLglz9EIVXaxtqxj8aoq/
yehZEfTo8G/VcJDNWYo45H3VFlbDQdQvxa31l6TD4rKwTsvpiaNmREcHSFHgY1hl
eWJ9MQE93Ro94F+8NIUu5GsuS6feQu8dtgpnFBBhZCyk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org