Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/mt6HmowARVW9Qd4fC7NUtOTLxJI.roa
File:                     mt6HmowARVW9Qd4fC7NUtOTLxJI.roa (raw, json)
Hash identifier:          mXIvVqBJe35j8G1g4yveQTmHfhI++RXh8vc/JF9tEpg=
Subject key identifier:   9A:DE:87:9A:8C:00:45:55:BD:41:DE:1F:0B:B3:54:B4:E4:CB:C4:92
Certificate issuer:       /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial:       018843A0158DC530ED3F7E764D8DAC31D87B
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/mt6HmowARVW9Qd4fC7NUtOTLxJI.roa
Signing time:             Mon 22 May 2023 13:22:24 +0000
ROA not before:           Mon 22 May 2023 13:22:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202984
IP address blocks:        185.232.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 09:47:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:43:a0:15:8d:c5:30:ed:3f:7e:76:4d:8d:ac:31:d8:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
        Validity
            Not Before: May 22 13:22:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ade879a8c004555bd41de1f0bb354b4e4cbc492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:2b:d2:3e:52:e1:37:89:8e:20:30:da:5e:b2:
                    2a:02:44:78:d3:f8:57:38:28:7f:55:cc:5f:a6:ae:
                    c2:3f:1a:93:cb:9f:8b:68:59:16:96:74:c4:43:f8:
                    78:73:20:db:08:d2:c4:e4:d0:eb:45:ee:e0:8a:f9:
                    d7:6e:d5:dc:7a:7f:a8:7b:ea:a7:99:f1:cd:b0:de:
                    a5:ba:e8:22:65:67:30:2e:e7:58:c0:92:b3:33:9b:
                    a6:be:ee:cf:ef:73:fe:93:04:cb:78:05:b5:cb:58:
                    df:b4:b1:3e:44:b8:7b:b7:eb:84:b1:a1:79:15:b2:
                    df:89:7f:44:d2:90:29:58:21:72:08:6c:c3:48:14:
                    c7:58:ae:ce:36:f5:58:74:c4:d5:45:51:38:cd:c0:
                    9c:a4:99:c7:45:36:86:ec:c0:21:09:af:64:a5:53:
                    99:f9:57:18:26:c7:ec:0d:06:52:93:af:f1:bb:30:
                    2b:b5:b0:f9:6b:c5:83:5c:75:72:d8:16:5b:b3:b1:
                    aa:17:75:9a:11:4e:2c:3e:ae:cd:e4:71:7e:25:f8:
                    43:1a:98:6f:9e:01:a5:27:f5:9c:16:f9:b1:13:80:
                    f5:3d:52:91:aa:d5:0f:7d:10:f8:2a:e4:0b:13:26:
                    b5:60:a9:6e:e8:73:df:d3:4d:fa:e6:b9:42:b0:b6:
                    cc:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:DE:87:9A:8C:00:45:55:BD:41:DE:1F:0B:B3:54:B4:E4:CB:C4:92
            X509v3 Authority Key Identifier:
                keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/mt6HmowARVW9Qd4fC7NUtOTLxJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:e2:6c:3a:bb:52:eb:d9:fa:f6:05:da:ef:ae:be:d5:ea:d2:
         e7:0f:4f:2c:19:0d:d2:76:9d:b7:97:9a:8f:19:7d:83:e2:7d:
         1e:be:f9:68:2e:c4:36:a7:84:63:33:13:6f:ec:39:f5:f2:a6:
         e0:41:94:e3:96:73:bd:a9:e3:6b:63:03:51:7e:96:6e:a0:77:
         a3:19:ab:2a:bc:b5:41:4c:4a:f8:74:7d:11:ae:56:d4:c9:96:
         0d:21:2f:30:a6:59:7e:9b:49:40:ff:a4:5a:bf:49:99:35:84:
         a0:43:d6:d7:25:34:93:d4:91:d7:0d:b1:bb:bb:68:26:a8:aa:
         bc:83:ec:26:c5:c2:ec:9b:2a:5b:fb:d6:91:de:d5:4b:a0:94:
         f2:21:8d:ac:78:14:28:45:94:a7:a9:f2:72:30:be:5d:6c:49:
         68:26:ca:5f:d2:4a:63:b0:36:76:d2:26:59:e8:2f:16:54:9a:
         02:13:86:15:ab:16:33:c6:fe:ef:ca:05:e5:7c:d7:3c:23:35:
         1d:76:5b:ea:4c:74:d5:9e:cd:0e:cf:22:1f:db:27:66:b9:e4:
         97:89:88:ea:31:7d:d6:4c:28:bd:23:65:bb:40:67:a2:44:77:
         04:4f:23:95:bf:2d:6e:07:46:73:52:ca:8e:8b:b6:63:54:13:
         17:d6:42:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhDoBWNxTDtP352TY2sMdh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMwNTIyMTMyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRlODc5YThjMDA0NTU1YmQ0MWRlMWYwYmIzNTRiNGU0Y2JjNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlivSPlLhN4mOIDDaXrIqAkR40/hX
OCh/Vcxfpq7CPxqTy5+LaFkWlnTEQ/h4cyDbCNLE5NDrRe7givnXbtXcen+oe+qn
mfHNsN6luugiZWcwLudYwJKzM5umvu7P73P+kwTLeAW1y1jftLE+RLh7t+uEsaF5
FbLfiX9E0pApWCFyCGzDSBTHWK7ONvVYdMTVRVE4zcCcpJnHRTaG7MAhCa9kpVOZ
+VcYJsfsDQZSk6/xuzArtbD5a8WDXHVy2BZbs7GqF3WaEU4sPq7N5HF+JfhDGphv
ngGlJ/WcFvmxE4D1PVKRqtUPfRD4KuQLEya1YKlu6HPf00365rlCsLbMQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJreh5qMAEVVvUHeHwuzVLTky8SSMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvbXQ2SG1vd0FSVlc5UWQ0ZkM3TlV0T1RMeEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuegRMA0G
CSqGSIb3DQEBCwUAA4IBAQCH4mw6u1Lr2fr2Bdrvrr7V6tLnD08sGQ3Sdp23l5qP
GX2D4n0evvloLsQ2p4RjMxNv7Dn18qbgQZTjlnO9qeNrYwNRfpZuoHejGasqvLVB
TEr4dH0RrlbUyZYNIS8wpll+m0lA/6Rav0mZNYSgQ9bXJTST1JHXDbG7u2gmqKq8
g+wmxcLsmypb+9aR3tVLoJTyIY2seBQoRZSnqfJyML5dbEloJspf0kpjsDZ20iZZ
6C8WVJoCE4YVqxYzxv7vygXlfNc8IzUddlvqTHTVns0OzyIf2ydmueSXiYjqMX3W
TCi9I2W7QGeiRHcETyOVvy1uB0ZzUsqOi7ZjVBMX1kK8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:18 2024 by rpki-client on console-ams.rpki-client.org