Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/MGlSF52wcyaHhzpf_D8CLvdm82U.roa
File:                     MGlSF52wcyaHhzpf_D8CLvdm82U.roa (raw, json)
Hash identifier:          bUNK13M6Z2Zib3qe23iO9qdZDIBV82THCX+2OKISoNc=
Subject key identifier:   30:69:52:17:9D:B0:73:26:87:87:3A:5F:FC:3F:02:2E:F7:66:F3:65
Certificate issuer:       /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial:       0189200494A18A35623954058684E3F021E1
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/MGlSF52wcyaHhzpf_D8CLvdm82U.roa
Signing time:             Tue 04 Jul 2023 08:28:38 +0000
ROA not before:           Tue 04 Jul 2023 08:28:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208911
IP address blocks:        92.118.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 10:40:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:20:04:94:a1:8a:35:62:39:54:05:86:84:e3:f0:21:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
        Validity
            Not Before: Jul  4 08:28:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=306952179db0732687873a5ffc3f022ef766f365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c4:d8:cd:ae:43:e4:68:7d:10:84:99:0d:0c:
                    90:e6:87:ec:b3:95:db:39:db:9e:8e:fd:31:e0:8a:
                    9a:d8:12:c9:2e:32:38:42:2f:37:58:b6:db:a1:37:
                    e7:fb:6b:9a:fd:d5:c1:f2:06:00:78:0e:53:08:9c:
                    ee:aa:d0:15:4b:96:fb:c4:64:30:ec:ab:31:e6:49:
                    fc:0f:d2:37:56:0f:c4:1e:34:d0:de:19:d7:0e:da:
                    07:9e:d5:40:9a:d0:f1:e8:30:b3:ad:c2:69:0a:c5:
                    12:4f:7d:1b:76:a6:8f:4c:97:25:90:62:d2:dc:8c:
                    dd:ef:4d:b8:00:a9:92:c9:2e:d2:94:34:a0:4f:87:
                    24:ae:2b:d1:88:03:97:f2:b6:7a:93:a2:c8:79:ca:
                    42:e7:3c:f1:cd:be:f1:72:47:79:50:bc:a8:74:f4:
                    ac:fe:3b:e5:ee:83:57:56:cb:95:9d:e5:fe:9c:f8:
                    8c:cc:21:2a:58:19:a6:d6:8c:2a:75:49:5f:ea:97:
                    4e:8b:b5:ac:01:40:db:36:6e:75:b9:22:0b:4b:f2:
                    ac:66:8b:73:99:ee:3c:d4:af:67:b6:d7:2d:66:cd:
                    12:6b:b3:d3:ae:f0:eb:59:de:27:7b:67:38:10:05:
                    66:ef:24:fc:70:f0:0d:c6:27:9f:fb:c3:f2:31:1f:
                    bd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:69:52:17:9D:B0:73:26:87:87:3A:5F:FC:3F:02:2E:F7:66:F3:65
            X509v3 Authority Key Identifier:
                keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/MGlSF52wcyaHhzpf_D8CLvdm82U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.118.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:11:15:d0:58:54:29:a9:7c:67:7f:bb:e5:79:d0:f5:6c:5e:
         a6:b3:f2:70:ff:8d:e0:ec:ec:10:16:09:53:41:8c:10:6d:f4:
         f5:55:b9:9e:5b:e6:01:59:57:e4:f9:6f:14:1e:6b:be:3c:df:
         0c:24:24:30:f5:d8:e3:70:84:37:b4:f0:71:cd:8b:7b:40:00:
         36:a3:d7:92:5b:66:ae:59:f6:65:84:55:89:fe:30:b5:35:13:
         4e:43:51:ce:17:6d:ab:43:91:b7:74:f0:3b:a0:40:85:1f:b6:
         d5:97:3a:61:35:dc:0c:91:01:67:26:c4:fe:c7:8f:c3:da:57:
         1f:3b:5c:24:08:8b:b7:ab:5c:f9:b7:f7:ae:8c:1f:2c:6b:cb:
         d8:f3:87:52:93:82:ef:38:ef:9e:89:3e:fe:1b:b8:36:80:f7:
         8a:23:16:c4:a6:13:a7:27:58:96:f8:6f:b0:48:17:fb:a9:c7:
         85:0b:ff:d8:09:4d:bf:b2:fc:39:66:47:6c:6a:5c:e7:42:fa:
         8c:d1:64:05:f6:6b:f0:9a:e8:3f:96:d8:03:89:8a:85:ec:ac:
         34:65:38:27:0b:02:68:69:03:f0:99:db:52:f4:91:1d:a6:d4:
         a0:b8:07:b6:4b:f3:e0:bd:2f:28:9c:03:17:cc:f6:a5:f5:62:
         8a:99:46:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkgBJShijViOVQFhoTj8CHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMwNzA0MDgyODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY5NTIxNzlkYjA3MzI2ODc4NzNhNWZmYzNmMDIyZWY3NjZmMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMTYza5D5Gh9EISZDQyQ5ofss5Xb
Oduejv0x4Iqa2BLJLjI4Qi83WLbboTfn+2ua/dXB8gYAeA5TCJzuqtAVS5b7xGQw
7Ksx5kn8D9I3Vg/EHjTQ3hnXDtoHntVAmtDx6DCzrcJpCsUST30bdqaPTJclkGLS
3Izd7024AKmSyS7SlDSgT4ckrivRiAOX8rZ6k6LIecpC5zzxzb7xckd5ULyodPSs
/jvl7oNXVsuVneX+nPiMzCEqWBmm1owqdUlf6pdOi7WsAUDbNm51uSILS/KsZotz
me481K9nttctZs0Sa7PTrvDrWd4ne2c4EAVm7yT8cPANxief+8PyMR+9hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBpUhedsHMmh4c6X/w/Ai73ZvNlMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvTUdsU0Y1MndjeWFIaHpwZl9EOENMdmRtODJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHZJMA0G
CSqGSIb3DQEBCwUAA4IBAQABERXQWFQpqXxnf7vledD1bF6ms/Jw/43g7OwQFglT
QYwQbfT1VbmeW+YBWVfk+W8UHmu+PN8MJCQw9djjcIQ3tPBxzYt7QAA2o9eSW2au
WfZlhFWJ/jC1NRNOQ1HOF22rQ5G3dPA7oECFH7bVlzphNdwMkQFnJsT+x4/D2lcf
O1wkCIu3q1z5t/eujB8sa8vY84dSk4LvOO+eiT7+G7g2gPeKIxbEphOnJ1iW+G+w
SBf7qceFC//YCU2/svw5ZkdsalznQvqM0WQF9mvwmug/ltgDiYqF7Kw0ZTgnCwJo
aQPwmdtS9JEdptSguAe2S/PgvS8onAMXzPal9WKKmUZe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org