Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MMnlZrv-PNDPxmduo5Pqa2AbhZk.roa
File:                     MMnlZrv-PNDPxmduo5Pqa2AbhZk.roa (raw, json)
Hash identifier:          AnC8LpnMMc/cw4gzdPmUXWmxa3LuirzbGy/B2c2Mwuo=
Subject key identifier:   30:C9:E5:66:BB:FE:3C:D0:CF:C6:67:6E:A3:93:EA:6B:60:1B:85:99
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01871034C7A232CAB7115B28A0BA7C1A3488
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MMnlZrv-PNDPxmduo5Pqa2AbhZk.roa
Signing time:             Thu 23 Mar 2023 20:41:47 +0000
ROA not before:           Thu 23 Mar 2023 20:41:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57724
IP address blocks:        45.155.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:10:34:c7:a2:32:ca:b7:11:5b:28:a0:ba:7c:1a:34:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 23 20:41:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30c9e566bbfe3cd0cfc6676ea393ea6b601b8599
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:50:85:68:3c:8c:a1:78:00:0d:16:c6:87:f5:
                    18:bc:38:75:88:ef:6f:9c:90:de:a5:07:26:b5:7a:
                    0d:f6:76:d6:83:57:b1:be:ea:7c:76:de:c0:92:95:
                    17:69:21:bd:25:7c:a2:2f:74:98:80:3a:c8:25:75:
                    20:0f:a5:d9:9a:46:af:71:ac:b0:71:20:e2:2f:6b:
                    78:d5:6d:4f:58:ab:cf:81:fa:31:ba:7c:eb:d3:9e:
                    8b:80:f1:55:ee:29:bc:3d:49:e8:67:ff:3e:c4:cf:
                    74:47:20:a9:d3:26:01:6e:27:3d:42:fb:b0:68:5e:
                    25:c5:a0:66:8d:43:ae:63:39:8c:bc:bf:c5:f1:93:
                    bd:26:66:f7:05:74:31:8d:e8:a2:88:ab:f0:18:d4:
                    2c:49:87:d4:c5:92:de:c9:60:cd:21:ce:a2:8e:27:
                    25:40:77:2a:fc:13:14:da:93:1d:59:9d:25:b3:a3:
                    87:c2:e5:2f:fb:26:5e:2c:54:0a:15:09:61:78:4e:
                    2e:8a:19:e9:4b:59:76:b5:e7:5f:d5:a7:10:0a:43:
                    0e:30:b6:2e:a3:30:1d:a4:df:0a:0f:a8:c6:79:51:
                    f1:2b:0d:82:31:e5:2e:89:51:a0:1b:cd:af:26:d8:
                    a5:a9:0d:41:a4:85:bd:8d:86:0d:58:01:d3:09:0e:
                    82:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:C9:E5:66:BB:FE:3C:D0:CF:C6:67:6E:A3:93:EA:6B:60:1B:85:99
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MMnlZrv-PNDPxmduo5Pqa2AbhZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:2a:3d:bd:54:74:72:09:e1:c6:d1:41:ef:38:16:31:d0:f3:
         30:6b:ea:80:60:95:70:7e:c0:36:7e:a0:14:7a:45:54:91:9f:
         1f:5a:83:a0:3c:c6:6f:ec:2e:b8:a8:a3:0c:ba:25:85:eb:ac:
         91:14:a7:a5:83:c7:ed:f4:39:7f:5b:c4:89:f8:a0:16:ad:71:
         90:aa:26:b6:43:0d:6f:ca:41:ef:64:93:88:08:c9:cb:9a:71:
         aa:3d:17:0e:6d:46:df:69:12:76:ea:21:b6:43:6e:e1:77:b3:
         0a:4a:28:9d:9a:f6:6b:df:93:76:50:e1:ba:7b:40:10:24:f4:
         2f:74:7e:8a:20:5c:b4:ff:2f:4f:40:8b:21:8b:c3:66:83:98:
         c2:72:d0:42:e4:45:d3:ac:03:d3:5d:79:86:c5:b0:c1:74:7d:
         12:8b:c6:ee:17:1a:5d:9f:64:5d:4d:49:a9:59:38:5f:34:fe:
         a3:ae:d1:04:79:ee:37:9f:c1:d4:7a:b3:b6:18:d5:b2:a6:8b:
         12:87:9f:5a:d4:42:32:94:6c:64:0c:db:2b:ff:cf:34:d2:4a:
         be:35:0d:e8:48:80:ee:87:e7:8e:76:50:ac:15:4c:c2:33:ba:
         f0:80:bf:a6:dd:61:c5:4a:8a:52:43:29:7a:4e:40:b7:5b:82:
         e2:b4:7b:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcQNMeiMsq3EVsooLp8GjSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwMzIzMjA0MTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM5ZTU2NmJiZmUzY2QwY2ZjNjY3NmVhMzkzZWE2YjYwMWI4NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FCFaDyMoXgADRbGh/UYvDh1iO9v
nJDepQcmtXoN9nbWg1exvup8dt7AkpUXaSG9JXyiL3SYgDrIJXUgD6XZmkavcayw
cSDiL2t41W1PWKvPgfoxunzr056LgPFV7im8PUnoZ/8+xM90RyCp0yYBbic9Qvuw
aF4lxaBmjUOuYzmMvL/F8ZO9Jmb3BXQxjeiiiKvwGNQsSYfUxZLeyWDNIc6ijicl
QHcq/BMU2pMdWZ0ls6OHwuUv+yZeLFQKFQlheE4uihnpS1l2tedf1acQCkMOMLYu
ozAdpN8KD6jGeVHxKw2CMeUuiVGgG82vJtilqQ1BpIW9jYYNWAHTCQ6CgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDJ5Wa7/jzQz8ZnbqOT6mtgG4WZMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvTU1ubFpydi1QTkRQeG1kdW81UHFhMkFiaFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZs8MA0G
CSqGSIb3DQEBCwUAA4IBAQBlKj29VHRyCeHG0UHvOBYx0PMwa+qAYJVwfsA2fqAU
ekVUkZ8fWoOgPMZv7C64qKMMuiWF66yRFKelg8ft9Dl/W8SJ+KAWrXGQqia2Qw1v
ykHvZJOICMnLmnGqPRcObUbfaRJ26iG2Q27hd7MKSiidmvZr35N2UOG6e0AQJPQv
dH6KIFy0/y9PQIshi8Nmg5jCctBC5EXTrAPTXXmGxbDBdH0Si8buFxpdn2RdTUmp
WThfNP6jrtEEee43n8HUerO2GNWyposSh59a1EIylGxkDNsr/8800kq+NQ3oSIDu
h+eOdlCsFUzCM7rwgL+m3WHFSopSQyl6TkC3W4LitHsq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org