Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/MTGWCJRwjo7KG7UyHuJIzKe3zGY.roa
File:                     MTGWCJRwjo7KG7UyHuJIzKe3zGY.roa (raw, json)
Hash identifier:          JgUPARXzs1QXGCaMFoBK3pkyjnElbBZ6eO+8CQXUxo8=
Subject key identifier:   31:31:96:08:94:70:8E:8E:CA:1B:B5:32:1E:E2:48:CC:A7:B7:CC:66
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01878F4F73B6979192347F37B4B4EE41A625
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/MTGWCJRwjo7KG7UyHuJIzKe3zGY.roa
Signing time:             Mon 17 Apr 2023 13:02:41 +0000
ROA not before:           Mon 17 Apr 2023 13:02:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     272916
IP address blocks:        141.136.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8f:4f:73:b6:97:91:92:34:7f:37:b4:b4:ee:41:a6:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Apr 17 13:02:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3131960894708e8eca1bb5321ee248cca7b7cc66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:51:26:da:67:da:1a:9a:ee:60:86:43:a4:73:
                    de:29:08:25:2b:e3:20:54:9b:cd:05:4c:ee:c9:f8:
                    65:d4:ad:00:fd:3c:ab:3a:d6:7a:ae:61:bb:8b:9d:
                    bc:0c:62:d4:01:0a:59:96:b4:20:f6:87:29:14:64:
                    df:97:df:7c:bc:80:79:0f:4a:01:9d:84:af:29:75:
                    8f:69:b3:00:d6:d7:3a:32:6b:ca:e3:ae:60:20:47:
                    12:fe:53:89:cc:bd:e2:be:ce:7b:3e:ae:dd:5d:cc:
                    b1:b1:6a:55:a1:71:40:b4:80:19:91:26:29:7f:c0:
                    2f:49:4c:6c:96:eb:a8:15:c0:45:52:10:d3:12:12:
                    34:82:46:c9:45:46:bc:c3:92:ab:5c:67:ee:e9:e7:
                    2a:05:b1:f7:62:06:3a:5b:1a:49:bb:1e:62:ac:dd:
                    71:56:2b:34:23:30:4b:7d:9d:67:b2:22:a6:8e:de:
                    1e:cc:30:e0:2b:58:1c:50:0f:4c:f3:b0:5f:88:f3:
                    86:21:80:4d:dd:e3:a2:aa:eb:47:0a:90:14:0e:2e:
                    59:5e:87:53:95:fa:bf:17:62:d0:7b:e8:9f:9d:f8:
                    e3:f7:c7:c3:a6:82:60:8b:84:20:5a:e0:68:04:d7:
                    0b:00:a6:e8:a8:6f:11:24:d2:a4:0c:d2:44:de:ba:
                    71:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:31:96:08:94:70:8E:8E:CA:1B:B5:32:1E:E2:48:CC:A7:B7:CC:66
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/MTGWCJRwjo7KG7UyHuJIzKe3zGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.136.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:48:bb:6c:d6:22:e9:e7:7e:5d:68:4e:ec:30:d7:78:f8:39:
         44:2b:7d:b9:38:6f:16:09:3b:48:ad:18:40:25:79:46:2e:be:
         4d:b6:a4:e0:1b:7c:b4:99:5a:6b:93:81:da:1e:ad:c8:d3:25:
         40:06:42:da:e2:96:ca:47:65:98:8d:07:1f:3b:b8:6d:ee:17:
         6a:25:f1:54:a7:dc:86:cd:40:c3:f9:d7:af:25:9f:a0:b7:a1:
         2f:68:ee:77:2c:14:1e:26:80:0a:19:72:0b:db:b0:21:bd:e1:
         44:bd:cb:5f:f0:37:40:27:51:fd:40:d4:99:7a:50:6d:e4:4e:
         f5:c8:b2:99:5e:3f:6d:e3:3e:5b:f5:5c:32:0d:1d:92:e8:43:
         94:ee:32:04:be:d0:1d:2d:24:b5:70:fc:da:fb:38:b7:13:ff:
         60:77:72:bc:75:74:10:8e:7e:0f:64:ec:a2:de:0a:21:65:17:
         ec:74:d4:12:d5:ac:36:b4:26:b3:74:b5:e4:27:69:9b:ea:e0:
         a2:2d:29:c7:b3:62:fc:11:a3:89:64:9a:8c:3b:af:34:51:d2:
         84:a5:b7:94:2e:ac:08:ec:8e:3c:56:5c:c4:0c:73:68:24:20:
         61:2c:50:32:00:8b:81:ad:be:39:f0:95:56:6b:a8:28:ab:44:
         ad:77:01:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYePT3O2l5GSNH83tLTuQaYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNDE3MTMwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMxOTYwODk0NzA4ZThlY2ExYmI1MzIxZWUyNDhjY2E3YjdjYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlEm2mfaGpruYIZDpHPeKQglK+Mg
VJvNBUzuyfhl1K0A/TyrOtZ6rmG7i528DGLUAQpZlrQg9ocpFGTfl998vIB5D0oB
nYSvKXWPabMA1tc6MmvK465gIEcS/lOJzL3ivs57Pq7dXcyxsWpVoXFAtIAZkSYp
f8AvSUxsluuoFcBFUhDTEhI0gkbJRUa8w5KrXGfu6ecqBbH3YgY6WxpJux5irN1x
Vis0IzBLfZ1nsiKmjt4ezDDgK1gcUA9M87BfiPOGIYBN3eOiqutHCpAUDi5ZXodT
lfq/F2LQe+ifnfjj98fDpoJgi4QgWuBoBNcLAKboqG8RJNKkDNJE3rpxqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDExlgiUcI6Oyhu1Mh7iSMynt8xmMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTVRHV0NKUndqbzdLRzdVeUh1Skl6S2UzekdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjYg9MA0G
CSqGSIb3DQEBCwUAA4IBAQDDSLts1iLp535daE7sMNd4+DlEK325OG8WCTtIrRhA
JXlGLr5NtqTgG3y0mVprk4HaHq3I0yVABkLa4pbKR2WYjQcfO7ht7hdqJfFUp9yG
zUDD+devJZ+gt6EvaO53LBQeJoAKGXIL27AhveFEvctf8DdAJ1H9QNSZelBt5E71
yLKZXj9t4z5b9VwyDR2S6EOU7jIEvtAdLSS1cPza+zi3E/9gd3K8dXQQjn4PZOyi
3gohZRfsdNQS1aw2tCazdLXkJ2mb6uCiLSnHs2L8EaOJZJqMO680UdKEpbeULqwI
7I48VlzEDHNoJCBhLFAyAIuBrb458JVWa6goq0StdwF6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org