Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MlhIbLQRf4Sug6NMkcpqMDNtOto.roa
File:                     MlhIbLQRf4Sug6NMkcpqMDNtOto.roa (raw, json)
Hash identifier:          9mfW1LznACvF7o1W3OKAmWlWdvW6rwM6lRDHEAbgQIY=
Subject key identifier:   32:58:48:6C:B4:11:7F:84:AE:83:A3:4C:91:CA:6A:30:33:6D:3A:DA
Certificate issuer:       /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial:       018570D53E942F90BFF6DB1CDD6D3B820D29
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MlhIbLQRf4Sug6NMkcpqMDNtOto.roa
Signing time:             Mon 02 Jan 2023 04:55:01 +0000
ROA not before:           Mon 02 Jan 2023 04:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33103
IP address blocks:        202.22.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:d5:3e:94:2f:90:bf:f6:db:1c:dd:6d:3b:82:0d:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
        Validity
            Not Before: Jan  2 04:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3258486cb4117f84ae83a34c91ca6a30336d3ada
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:8c:84:d7:bb:eb:73:29:d1:47:28:3f:19:1b:
                    a7:40:94:0a:e1:d2:e5:3a:3b:61:b0:e9:d5:c6:07:
                    d5:05:96:f0:a2:f8:ee:e7:1e:70:95:62:26:59:d9:
                    d7:15:8a:d9:e3:85:94:7c:d4:67:42:a7:d9:97:bc:
                    cb:2f:8a:cd:c4:4b:fb:56:70:56:1b:db:b6:2e:e2:
                    0a:80:99:6b:8d:3e:29:d0:43:0d:e8:90:49:6f:fa:
                    d5:b9:a3:f4:49:40:fb:5a:f0:d7:2b:af:dc:f5:e6:
                    df:dd:04:74:f8:d4:44:93:9b:25:44:58:53:a6:b1:
                    59:b5:9b:96:fa:2c:a0:2b:4b:90:21:5f:ce:18:75:
                    ea:e6:62:2e:c9:fa:8f:36:b2:4c:e3:2e:e5:fb:bf:
                    d8:e0:96:b3:70:fc:32:09:ee:ac:51:98:8f:e5:db:
                    93:24:1c:8e:6d:c2:71:e4:e4:37:01:cb:3f:4a:11:
                    89:9d:8e:8b:8e:d6:ff:47:ec:b4:78:b7:18:ac:1b:
                    c8:d4:0e:12:a8:fb:a8:1b:5f:e4:c0:f2:9e:cd:45:
                    4c:54:4c:0c:18:c7:1b:13:a6:99:78:7a:34:77:10:
                    b0:35:91:1f:db:a8:ef:aa:6a:dd:2b:94:90:cf:26:
                    1d:d1:1d:a3:e4:1e:d2:07:9c:c0:b2:9c:85:02:bf:
                    a8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:58:48:6C:B4:11:7F:84:AE:83:A3:4C:91:CA:6A:30:33:6D:3A:DA
            X509v3 Authority Key Identifier:
                keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MlhIbLQRf4Sug6NMkcpqMDNtOto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.22.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:58:05:50:44:7d:52:72:ad:db:13:96:5a:fe:05:27:0d:d1:
         cb:70:b1:e1:ff:f1:ee:97:e6:25:c2:89:a9:db:ae:03:1a:ae:
         48:8f:66:cf:70:c6:f8:ef:cc:f9:b7:4b:6e:ca:27:c1:f0:a8:
         6a:44:3c:ea:2b:47:f8:d6:57:46:b9:8a:a9:a8:54:17:e8:12:
         bf:5c:b6:9e:c4:60:99:20:45:c3:44:29:7e:01:27:da:c1:42:
         02:c7:c5:09:5a:8e:99:11:dc:40:3e:5a:8c:31:39:ed:e5:d7:
         9c:9d:81:82:e0:2f:ed:1a:58:91:4b:58:de:70:3f:d4:73:9d:
         b5:28:19:7c:2d:18:e3:f8:90:0b:ca:2c:9f:ad:f8:92:15:b1:
         b3:c2:2e:3c:67:40:a3:89:8d:4a:62:60:60:ed:3b:33:be:95:
         a3:54:84:ed:e0:75:3c:56:e0:63:dc:bd:0b:30:43:dc:54:a3:
         eb:98:60:7a:58:58:a2:5a:c3:c6:79:f8:2d:63:44:aa:d2:fa:
         bb:16:4d:8d:22:38:ab:cf:fd:97:06:df:2d:94:76:46:40:c5:
         e5:bd:c1:e1:96:c4:01:0c:3f:45:d1:5b:52:37:67:62:c5:fb:
         e9:91:72:34:d9:1d:67:1c:72:5d:80:ec:fd:c1:46:17:96:e0:
         de:8f:78:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1T6UL5C/9tsc3W07gg0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjMwMTAyMDQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU4NDg2Y2I0MTE3Zjg0YWU4M2EzNGM5MWNhNmEzMDMzNmQzYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIyE17vrcynRRyg/GRunQJQK4dLl
OjthsOnVxgfVBZbwovju5x5wlWImWdnXFYrZ44WUfNRnQqfZl7zLL4rNxEv7VnBW
G9u2LuIKgJlrjT4p0EMN6JBJb/rVuaP0SUD7WvDXK6/c9ebf3QR0+NREk5slRFhT
prFZtZuW+iygK0uQIV/OGHXq5mIuyfqPNrJM4y7l+7/Y4JazcPwyCe6sUZiP5duT
JByObcJx5OQ3Acs/ShGJnY6Ljtb/R+y0eLcYrBvI1A4SqPuoG1/kwPKezUVMVEwM
GMcbE6aZeHo0dxCwNZEf26jvqmrdK5SQzyYd0R2j5B7SB5zAspyFAr+oVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJYSGy0EX+EroOjTJHKajAzbTraMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvTWxoSWJMUVJmNFN1ZzZOTWtjcHFNRE50T3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyhanMA0G
CSqGSIb3DQEBCwUAA4IBAQCEWAVQRH1Scq3bE5Za/gUnDdHLcLHh//Hul+Ylwomp
264DGq5Ij2bPcMb478z5t0tuyifB8KhqRDzqK0f41ldGuYqpqFQX6BK/XLaexGCZ
IEXDRCl+ASfawUICx8UJWo6ZEdxAPlqMMTnt5decnYGC4C/tGliRS1jecD/Uc521
KBl8LRjj+JALyiyfrfiSFbGzwi48Z0CjiY1KYmBg7TszvpWjVITt4HU8VuBj3L0L
MEPcVKPrmGB6WFiiWsPGefgtY0Sq0vq7Fk2NIjirz/2XBt8tlHZGQMXlvcHhlsQB
DD9F0VtSN2dixfvpkXI02R1nHHJdgOz9wUYXluDej3iz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:33 2024 by rpki-client on console-ams.rpki-client.org