Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/MVT9majVVFgDdW30lVqD33M_MG4.roa
File:                     MVT9majVVFgDdW30lVqD33M_MG4.roa (raw, json)
Hash identifier:          7gmhPnjnK7xJIUTtAl6teICPxytsPxOAKFDz+v6CWwk=
Subject key identifier:   31:54:FD:99:A8:D5:54:58:03:75:6D:F4:95:5A:83:DF:73:3F:30:6E
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018DA871B9C45D49C4FA44BBDF37DDE7BAB3
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/MVT9majVVFgDdW30lVqD33M_MG4.roa
Signing time:             Wed 14 Feb 2024 16:27:21 +0000
ROA not before:           Wed 14 Feb 2024 16:27:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205663
IP address blocks:        212.16.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 18:18:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a8:71:b9:c4:5d:49:c4:fa:44:bb:df:37:dd:e7:ba:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Feb 14 16:27:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3154fd99a8d5545803756df4955a83df733f306e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e6:11:25:c8:cd:e7:45:5d:c7:07:ef:6f:85:
                    99:3c:c1:ec:fb:59:53:0d:89:f5:fa:98:63:7f:65:
                    31:99:11:76:d1:de:24:d7:1e:f4:6b:ec:50:cd:ec:
                    34:b1:ef:a0:f5:8a:cd:b1:67:b1:b1:64:d3:6d:13:
                    ec:92:35:ea:53:8b:a5:81:65:eb:76:ae:d7:36:ea:
                    50:b9:c3:c0:0d:63:fa:6f:8e:de:64:ba:cf:34:7d:
                    b7:f3:9e:fc:74:e8:6d:98:3e:45:db:a4:0e:26:2f:
                    44:34:d6:cf:c3:ad:5f:b3:96:42:54:b6:ed:81:b9:
                    37:2f:34:e6:dd:d8:ac:c0:f2:54:80:36:52:a9:8e:
                    28:d9:b8:e3:7a:21:65:32:9f:a4:86:e5:93:f7:77:
                    e1:96:18:ed:16:6e:6c:24:4f:2a:17:97:a7:8e:9b:
                    66:0d:9c:03:3d:80:83:99:58:8e:27:a9:87:92:88:
                    06:ca:1b:5a:c6:8c:da:1a:2a:39:22:ab:1f:49:45:
                    63:e2:a8:b0:2c:6d:2a:f0:d4:b3:d3:99:cc:17:92:
                    62:ce:aa:3d:5b:46:bf:01:b6:f2:c8:38:5d:d4:e2:
                    9e:9b:c6:46:c2:3e:da:6c:71:e1:39:d0:39:ae:6e:
                    4b:89:5f:f0:f1:7e:4f:6d:b0:f1:0a:40:3d:bd:84:
                    b9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:54:FD:99:A8:D5:54:58:03:75:6D:F4:95:5A:83:DF:73:3F:30:6E
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/MVT9majVVFgDdW30lVqD33M_MG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.16.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:fe:82:0e:5c:7b:3b:a3:19:aa:d4:0b:1d:02:53:27:8f:50:
         e3:02:d5:0a:c7:59:b9:cd:7d:fc:9c:dd:99:a4:19:38:5d:2f:
         d9:db:0e:36:67:96:1b:27:f0:5a:c2:6a:49:30:b3:5f:a5:9e:
         b7:80:7f:05:25:21:f2:05:8a:fa:12:c1:bf:70:56:11:57:28:
         31:dd:24:0a:b2:18:58:a2:54:4b:e5:55:a5:81:af:8d:86:82:
         63:04:d6:43:55:82:02:31:42:8e:ca:3e:de:32:60:e2:d8:a9:
         a6:b9:32:31:8b:08:d2:d5:2c:d3:79:99:b3:fc:dd:c3:73:af:
         35:09:90:f6:a8:b7:77:e1:f8:3d:77:5c:be:61:da:c3:46:41:
         07:5e:4f:3f:c0:d0:5a:2b:c7:83:86:71:5a:4e:44:36:4f:ed:
         99:b7:95:f9:46:59:84:5d:4d:8e:08:60:6f:80:19:7d:87:41:
         e2:ce:40:cc:b0:bb:08:64:34:98:6d:6a:f0:5c:91:95:cd:e5:
         f6:d3:95:e5:cf:2b:4e:8c:a3:2b:68:4c:23:e6:1f:11:6f:f2:
         da:18:fe:80:23:f7:38:4c:15:65:ee:af:a3:15:d7:b8:2b:06:
         0a:2a:62:d7:4a:68:ef:00:b9:09:15:a3:62:1c:79:95:a3:b3:
         38:a8:96:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ocbnEXUnE+kS73zfd57qzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjE0MTYyNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTU0ZmQ5OWE4ZDU1NDU4MDM3NTZkZjQ5NTVhODNkZjczM2YzMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+YRJcjN50Vdxwfvb4WZPMHs+1lT
DYn1+phjf2UxmRF20d4k1x70a+xQzew0se+g9YrNsWexsWTTbRPskjXqU4ulgWXr
dq7XNupQucPADWP6b47eZLrPNH238578dOhtmD5F26QOJi9ENNbPw61fs5ZCVLbt
gbk3LzTm3diswPJUgDZSqY4o2bjjeiFlMp+khuWT93fhlhjtFm5sJE8qF5enjptm
DZwDPYCDmViOJ6mHkogGyhtaxozaGio5IqsfSUVj4qiwLG0q8NSz05nMF5Jizqo9
W0a/AbbyyDhd1OKem8ZGwj7abHHhOdA5rm5LiV/w8X5PbbDxCkA9vYS5PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFU/Zmo1VRYA3Vt9JVag99zPzBuMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvTVZUOW1halZWRmdEZFczMGxWcUQzM01fTUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BBdMA0G
CSqGSIb3DQEBCwUAA4IBAQCw/oIOXHs7oxmq1AsdAlMnj1DjAtUKx1m5zX38nN2Z
pBk4XS/Z2w42Z5YbJ/BawmpJMLNfpZ63gH8FJSHyBYr6EsG/cFYRVygx3SQKshhY
olRL5VWlga+NhoJjBNZDVYICMUKOyj7eMmDi2KmmuTIxiwjS1SzTeZmz/N3Dc681
CZD2qLd34fg9d1y+YdrDRkEHXk8/wNBaK8eDhnFaTkQ2T+2Zt5X5RlmEXU2OCGBv
gBl9h0HizkDMsLsIZDSYbWrwXJGVzeX205XlzytOjKMraEwj5h8Rb/LaGP6AI/c4
TBVl7q+jFde4KwYKKmLXSmjvALkJFaNiHHmVo7M4qJb1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org