Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/93dd43-9933-42ca-afc2-2c1891cacac7/1/mNMDdLQ-63wXKTgzqIEYPGj114Y.roa
File:                     mNMDdLQ-63wXKTgzqIEYPGj114Y.roa (raw, json)
Hash identifier:          aSzdkEXWDi3cOTygShj/jgQZfPzcpxAcT7p7vzNPdt4=
Subject key identifier:   98:D3:03:74:B4:3E:EB:7C:17:29:38:33:A8:81:18:3C:68:F5:D7:86
Certificate issuer:       /CN=992c6e09c192c5580a4a1d294150d6237ab8925d
Certificate serial:       01856BE5A90F2CD706940C6DC3C2E94DD95F
Authority key identifier: 99:2C:6E:09:C1:92:C5:58:0A:4A:1D:29:41:50:D6:23:7A:B8:92:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mSxuCcGSxVgKSh0pQVDWI3q4kl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/93dd43-9933-42ca-afc2-2c1891cacac7/1/mNMDdLQ-63wXKTgzqIEYPGj114Y.roa
Signing time:             Sun 01 Jan 2023 05:54:51 +0000
ROA not before:           Sun 01 Jan 2023 05:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15439
IP address blocks:        91.195.152.0/24 maxlen: 24
                          91.195.152.0/23 maxlen: 23
                          91.195.153.0/24 maxlen: 24
                          91.200.20.0/22 maxlen: 22
                          91.200.20.0/23 maxlen: 23
                          91.200.22.0/23 maxlen: 23
                          193.58.71.0/24 maxlen: 24
                          193.58.70.0/23 maxlen: 23
                          193.58.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 25 Jun 2023 06:28:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:a9:0f:2c:d7:06:94:0c:6d:c3:c2:e9:4d:d9:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=992c6e09c192c5580a4a1d294150d6237ab8925d
        Validity
            Not Before: Jan  1 05:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98d30374b43eeb7c17293833a881183c68f5d786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:05:66:cd:72:da:36:d8:e1:24:e3:4f:11:4a:
                    d7:72:1b:d7:8e:bc:83:7e:c5:4a:30:8b:be:b9:e4:
                    c9:ed:e9:a1:71:6f:c6:a5:f1:21:fc:88:f2:59:34:
                    e6:c8:92:d0:24:3d:bf:08:b1:78:bf:c7:6c:13:a3:
                    b6:28:51:90:a3:95:81:00:cb:da:8a:e1:f8:4f:69:
                    fb:d1:98:6e:a1:42:a3:ac:a7:d3:6a:15:5f:3f:c1:
                    a8:ef:04:b5:77:6f:7b:c0:72:a3:8b:71:01:79:9c:
                    44:25:a7:0c:35:b8:da:81:93:e3:1e:37:89:92:85:
                    e4:f7:24:1a:24:bf:7f:0c:3a:8b:89:a9:b1:37:05:
                    13:7a:fe:5b:38:53:1c:67:df:04:8a:cf:50:e0:f3:
                    fa:6b:ca:fd:fd:a2:9d:25:88:cd:77:79:46:37:02:
                    ef:a7:ee:97:bd:54:b6:2e:29:f9:1a:b1:39:bf:dd:
                    9e:4f:ab:ce:54:0f:33:83:ca:7c:99:df:ce:78:f8:
                    09:cf:27:4b:87:db:29:cc:df:2b:99:f2:0a:97:75:
                    9a:ce:a8:c2:a1:b7:5f:dd:72:50:b4:33:1a:c3:3c:
                    07:0e:d5:b8:e7:f2:41:b3:87:1a:ff:f7:a1:f1:cf:
                    15:44:08:e6:25:44:b3:df:f2:e2:0c:96:15:5e:cb:
                    e1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D3:03:74:B4:3E:EB:7C:17:29:38:33:A8:81:18:3C:68:F5:D7:86
            X509v3 Authority Key Identifier:
                keyid:99:2C:6E:09:C1:92:C5:58:0A:4A:1D:29:41:50:D6:23:7A:B8:92:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSxuCcGSxVgKSh0pQVDWI3q4kl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/93dd43-9933-42ca-afc2-2c1891cacac7/1/mNMDdLQ-63wXKTgzqIEYPGj114Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/93dd43-9933-42ca-afc2-2c1891cacac7/1/mSxuCcGSxVgKSh0pQVDWI3q4kl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.195.152.0/23
                  91.200.20.0/22
                  193.58.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:d6:a0:1c:d4:0e:b2:4a:0f:31:1d:79:6e:17:b3:f2:25:86:
         64:2f:a7:a0:df:ee:88:10:d5:be:b7:dc:ba:9d:86:28:66:7d:
         9e:ef:57:ff:8d:5f:ad:d9:2e:51:e1:23:50:a6:9e:99:8d:70:
         03:d0:87:8f:1f:76:51:bd:88:db:26:f6:5b:81:68:9a:0f:5d:
         c5:fa:ce:d9:19:24:9d:ad:86:ce:4e:5c:d6:1b:60:56:84:82:
         b9:85:8d:9d:0e:09:32:fe:87:d3:ad:c6:13:73:79:40:98:7b:
         93:8a:55:34:c6:1b:0c:9c:07:0b:88:d8:25:67:da:1d:a6:6e:
         95:30:7f:4c:22:05:c6:ea:2c:c9:a4:74:f6:9e:78:0a:72:34:
         ad:cd:e0:f6:68:e7:5d:d0:13:89:e4:70:3c:45:f8:09:1c:b8:
         6e:60:8c:ba:d3:84:f3:8f:55:da:41:ba:f9:42:55:0b:79:ae:
         37:41:14:df:c1:7d:93:5c:08:7b:12:4b:81:4c:11:68:1f:d9:
         8a:93:19:09:25:66:ce:c0:6f:29:40:50:0c:9c:dc:50:33:77:
         bf:8b:19:e7:9a:71:ed:58:a5:c9:50:cc:89:76:57:6e:04:ba:
         a5:47:39:ea:45:65:38:22:c2:4f:ad:6d:de:c5:dd:59:0a:18:
         db:5d:bd:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr5akPLNcGlAxtw8LpTdlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmM2ZTA5YzE5MmM1NTgwYTRhMWQyOTQxNTBkNjIzN2Fi
ODkyNWQwHhcNMjMwMTAxMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQzMDM3NGI0M2VlYjdjMTcyOTM4MzNhODgxMTgzYzY4ZjVkNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwVmzXLaNtjhJONPEUrXchvXjryD
fsVKMIu+ueTJ7emhcW/GpfEh/IjyWTTmyJLQJD2/CLF4v8dsE6O2KFGQo5WBAMva
iuH4T2n70ZhuoUKjrKfTahVfP8Go7wS1d297wHKji3EBeZxEJacMNbjagZPjHjeJ
koXk9yQaJL9/DDqLiamxNwUTev5bOFMcZ98Eis9Q4PP6a8r9/aKdJYjNd3lGNwLv
p+6XvVS2Lin5GrE5v92eT6vOVA8zg8p8md/OePgJzydLh9spzN8rmfIKl3WazqjC
obdf3XJQtDMawzwHDtW45/JBs4ca//eh8c8VRAjmJUSz3/LiDJYVXsvhTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJjTA3S0Put8Fyk4M6iBGDxo9deGMB8GA1UdIwQY
MBaAFJksbgnBksVYCkodKUFQ1iN6uJJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN4dUNjR1N4VmdLU2gwcFFWRFdJM3E0a2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85M2RkNDMtOTkzMy00MmNhLWFmYzIt
MmMxODkxY2FjYWM3LzEvbU5NRGRMUS02M3dYS1RnenFJRVlQR2oxMTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC85M2RkNDMtOTkzMy00MmNhLWFmYzItMmMxODkxY2FjYWM3
LzEvbVN4dUNjR1N4VmdLU2gwcFFWRFdJM3E0a2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8OYAwQC
W8gUAwQBwTpGMA0GCSqGSIb3DQEBCwUAA4IBAQAI1qAc1A6ySg8xHXluF7PyJYZk
L6eg3+6IENW+t9y6nYYoZn2e71f/jV+t2S5R4SNQpp6ZjXAD0IePH3ZRvYjbJvZb
gWiaD13F+s7ZGSSdrYbOTlzWG2BWhIK5hY2dDgky/ofTrcYTc3lAmHuTilU0xhsM
nAcLiNglZ9odpm6VMH9MIgXG6izJpHT2nngKcjStzeD2aOdd0BOJ5HA8RfgJHLhu
YIy604Tzj1XaQbr5QlULea43QRTfwX2TXAh7EkuBTBFoH9mKkxkJJWbOwG8pQFAM
nNxQM3e/ixnnmnHtWKXJUMyJdlduBLqlRznqRWU4IsJPrW3exd1ZChjbXb2G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:07 2024 by rpki-client on console-ams.rpki-client.org