Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/mulYtimmF1URZWTn2ebDwDMM37U.roa
File:                     mulYtimmF1URZWTn2ebDwDMM37U.roa (raw, json)
Hash identifier:          98WBkox1ER2cNwVnQgqj70zcyorQNlr2w8/ImLxsV7A=
Subject key identifier:   9A:E9:58:B6:29:A6:17:55:11:65:64:E7:D9:E6:C3:C0:33:0C:DF:B5
Certificate issuer:       /CN=0b1870c96ef09723811fb89250eea6eba963c0df
Certificate serial:       018751BED7A57741426B1F10AF9D654E83E2
Authority key identifier: 0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/mulYtimmF1URZWTn2ebDwDMM37U.roa
Signing time:             Wed 05 Apr 2023 14:07:54 +0000
ROA not before:           Wed 05 Apr 2023 14:07:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     378
IP address blocks:        192.114.88.0/22 maxlen: 22
                          132.64.0.0/16 maxlen: 16
                          132.64.0.0/15 maxlen: 15
                          132.65.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:51:be:d7:a5:77:41:42:6b:1f:10:af:9d:65:4e:83:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b1870c96ef09723811fb89250eea6eba963c0df
        Validity
            Not Before: Apr  5 14:07:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ae958b629a61755116564e7d9e6c3c0330cdfb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c6:9c:b0:8c:1e:d3:8b:6d:48:ba:33:b6:e8:
                    a3:e1:83:c3:3c:ca:75:9f:4d:07:8c:22:76:c2:9d:
                    80:3b:64:00:3f:04:a8:d3:d9:bf:18:53:c4:cc:99:
                    5f:0b:57:06:cf:28:d9:69:1f:fa:ac:75:c7:fd:60:
                    06:80:d0:23:60:21:db:be:2d:a8:da:14:36:1d:37:
                    62:5b:f1:52:14:ac:e7:11:0f:77:87:c1:21:77:1d:
                    b2:f1:69:46:f0:5f:5a:cf:df:2f:48:e6:38:75:75:
                    e2:42:46:e9:76:3f:a1:f0:43:1c:11:11:12:ab:06:
                    05:2f:c3:de:b6:17:0d:81:3a:30:68:22:99:c9:5c:
                    70:15:fa:7a:10:fc:2c:39:06:73:12:3d:f9:c3:04:
                    5e:6e:41:f6:49:95:6d:b8:35:8b:dc:85:47:b6:44:
                    4e:d9:c9:ff:10:9e:87:97:fc:4a:76:ea:1a:ca:48:
                    41:b7:db:39:17:fa:8b:b4:4c:82:ff:21:6f:6d:0a:
                    20:2c:bc:a5:b5:70:16:40:ac:1f:6f:2e:86:5e:36:
                    00:ba:3a:7d:fb:be:e8:06:6e:45:ba:a1:a2:30:cd:
                    2d:a6:ba:6b:03:3f:6a:f9:a2:8c:d2:d1:a7:dd:05:
                    1e:0f:b5:4d:90:51:ed:49:fb:fe:d0:0d:a8:4a:bc:
                    27:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:E9:58:B6:29:A6:17:55:11:65:64:E7:D9:E6:C3:C0:33:0C:DF:B5
            X509v3 Authority Key Identifier:
                keyid:0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/mulYtimmF1URZWTn2ebDwDMM37U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.64.0.0/15
                  192.114.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:b1:e4:e9:83:e9:ea:b9:4b:a8:55:26:24:1b:13:91:12:0c:
         60:1c:1a:f6:e7:be:e7:a2:e5:06:d4:2a:df:cd:e9:d8:22:26:
         9f:48:9f:9a:f6:dc:a4:5c:72:f5:97:f2:6e:f0:6f:33:4a:fd:
         f2:3c:a6:8f:88:1f:82:d5:36:a3:20:d2:7e:75:ce:57:af:a4:
         cd:bc:d8:51:1a:6d:5e:9d:4a:01:f5:54:dc:93:48:1b:48:ef:
         7f:41:28:79:08:48:57:34:ea:49:c2:a0:b0:23:bc:3b:d4:6b:
         8b:f4:84:e5:64:1c:50:44:63:de:02:c3:72:c1:2e:54:c4:34:
         96:8b:db:6a:66:9b:2d:97:80:db:a3:06:b8:5f:1f:60:3d:7f:
         4f:15:3b:29:f3:a4:18:95:99:86:0e:eb:b5:b1:c5:db:83:76:
         1e:bb:63:c1:33:7b:08:12:52:fa:db:72:63:98:4d:ca:4b:a8:
         aa:57:ba:89:06:5b:34:71:a4:4b:51:87:0a:5c:ef:09:80:d8:
         1f:c5:06:40:13:40:35:10:69:14:25:32:97:d4:6d:e9:05:1c:
         62:f9:5c:6b:59:68:34:06:82:bf:3b:19:5e:19:6b:0e:cf:1c:
         fb:6a:81:24:4d:59:28:63:4b:8f:33:e1:3f:a7:6f:9a:ec:48:
         ab:95:b3:6e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYdRvteld0FCax8Qr51lToPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTg3MGM5NmVmMDk3MjM4MTFmYjg5MjUwZWVhNmViYTk2
M2MwZGYwHhcNMjMwNDA1MTQwNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU5NThiNjI5YTYxNzU1MTE2NTY0ZTdkOWU2YzNjMDMzMGNkZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8acsIwe04ttSLoztuij4YPDPMp1
n00HjCJ2wp2AO2QAPwSo09m/GFPEzJlfC1cGzyjZaR/6rHXH/WAGgNAjYCHbvi2o
2hQ2HTdiW/FSFKznEQ93h8Ehdx2y8WlG8F9az98vSOY4dXXiQkbpdj+h8EMcERES
qwYFL8PethcNgTowaCKZyVxwFfp6EPwsOQZzEj35wwRebkH2SZVtuDWL3IVHtkRO
2cn/EJ6Hl/xKduoaykhBt9s5F/qLtEyC/yFvbQogLLyltXAWQKwfby6GXjYAujp9
+77oBm5FuqGiMM0tprprAz9q+aKM0tGn3QUeD7VNkFHtSfv+0A2oSrwnBwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFJrpWLYpphdVEWVk59nmw8AzDN+1MB8GA1UdIwQY
MBaAFAsYcMlu8JcjgR+4klDupuupY8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMt
YTJlMjRmOTgwYjNmLzEvbXVsWXRpbW1GMVVSWldUbjJlYkR3RE1NMzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMtYTJlMjRmOTgwYjNm
LzEvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBhEADBALA
clgwDQYJKoZIhvcNAQELBQADggEBAHGx5OmD6eq5S6hVJiQbE5ESDGAcGvbnvuei
5QbUKt/N6dgiJp9In5r23KRccvWX8m7wbzNK/fI8po+IH4LVNqMg0n51zlevpM28
2FEabV6dSgH1VNyTSBtI739BKHkISFc06knCoLAjvDvUa4v0hOVkHFBEY94Cw3LB
LlTENJaL22pmmy2XgNujBrhfH2A9f08VOynzpBiVmYYO67WxxduDdh67Y8EzewgS
UvrbcmOYTcpLqKpXuokGWzRxpEtRhwpc7wmA2B/FBkATQDUQaRQlMpfUbekFHGL5
XGtZaDQGgr87GV4Zaw7PHPtqgSRNWShjS48z4T+nb5rsSKuVs24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org