Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/MFH9ymPNsapFPCI0OCLPOUhtyCA.roa
File:                     MFH9ymPNsapFPCI0OCLPOUhtyCA.roa (raw, json)
Hash identifier:          iZGHlD3eAe1dG6/TxSEu7vTZMib3Roq/9aIv9txSIW4=
Subject key identifier:   30:51:FD:CA:63:CD:B1:AA:45:3C:22:34:38:22:CF:39:48:6D:C8:20
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       01856CB84626516E8AFA90578D7D47983100
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/MFH9ymPNsapFPCI0OCLPOUhtyCA.roa
Signing time:             Sun 01 Jan 2023 09:44:53 +0000
ROA not before:           Sun 01 Jan 2023 09:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     27822
IP address blocks:        194.2.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:46:26:51:6e:8a:fa:90:57:8d:7d:47:98:31:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Jan  1 09:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3051fdca63cdb1aa453c22343822cf39486dc820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:14:2b:03:14:5e:cf:4a:99:0c:a8:b3:34:93:
                    f0:2a:75:74:25:c4:f4:61:0d:e3:78:4d:fb:b1:02:
                    aa:9e:40:60:e5:72:bd:40:bb:ad:75:5d:db:e7:ad:
                    68:55:d9:97:cf:60:b5:39:6c:37:8c:a6:d1:47:2a:
                    e1:12:4e:8c:e1:dd:57:d8:9a:68:e6:9a:ba:e0:ad:
                    2f:11:03:36:a7:91:d0:23:ae:1e:34:6d:84:31:86:
                    2d:9e:05:71:7e:61:ff:b5:d1:52:e5:27:09:08:f8:
                    4e:cb:6d:3e:ec:0d:30:cd:83:68:2f:a0:5b:1b:fd:
                    f5:10:64:97:0e:01:cb:21:e1:f1:d2:9a:72:b4:ba:
                    eb:53:9e:c3:d1:ca:49:2d:1d:c0:9a:42:4f:b0:f8:
                    f9:1d:73:ec:bb:40:8b:ea:d4:1c:24:1e:ad:b0:88:
                    29:7d:e6:62:58:81:bf:8d:a6:2f:46:d8:66:1d:8b:
                    8a:64:79:ce:59:bc:92:18:2c:34:58:06:23:d2:c6:
                    61:ea:0e:eb:c0:07:b6:16:3d:5d:b9:b0:df:dd:ab:
                    c5:da:b9:39:54:a0:9e:1b:ea:78:61:71:e9:12:aa:
                    42:56:84:53:1b:89:3d:97:9a:b8:18:4b:95:0f:e5:
                    5f:e0:3d:cc:94:bf:9b:5b:fb:2e:97:8a:1f:42:e1:
                    66:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:51:FD:CA:63:CD:B1:AA:45:3C:22:34:38:22:CF:39:48:6D:C8:20
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/MFH9ymPNsapFPCI0OCLPOUhtyCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.2.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:14:04:c5:1f:02:76:62:43:67:00:d8:69:45:dc:2c:fb:5e:
         d1:e9:50:cd:cc:cd:c7:31:2b:c7:5f:f0:e7:20:2e:15:b7:35:
         95:a6:09:f4:28:4d:7f:3d:2e:a8:25:35:17:7b:0e:1a:c3:83:
         0a:95:2a:a5:af:69:a8:5c:f3:c5:61:8f:e6:ca:a0:24:a0:1f:
         74:22:d5:70:19:db:44:db:c2:87:22:a3:95:c9:fd:7d:f6:b8:
         c9:63:04:d8:72:13:c8:a2:1c:20:5d:bb:99:db:6b:66:9a:3e:
         4c:f0:d2:ae:54:ee:23:68:87:e1:8a:a9:6b:09:11:0c:54:57:
         54:20:2d:7e:a7:5e:82:d5:89:bd:92:34:d1:d3:01:6d:90:f8:
         9d:c7:10:35:7e:c9:35:94:6d:2f:8f:46:c0:e9:19:f6:90:fb:
         ea:9c:72:01:b4:2b:86:3c:ed:69:64:e0:08:d3:32:f0:09:18:
         0e:d7:c8:47:aa:c1:24:41:30:af:03:db:f4:4b:79:3b:db:99:
         46:dd:1f:7e:da:cb:0d:45:15:5c:ca:f1:77:4d:c3:9a:a1:d4:
         96:20:97:d1:03:db:58:4e:c2:c1:bc:c3:89:b3:a6:8e:d2:d7:
         46:09:02:7e:3a:cc:89:c2:fa:15:4a:a8:e1:f3:fa:b2:41:db:
         33:ae:34:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuEYmUW6K+pBXjX1HmDEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUxZmRjYTYzY2RiMWFhNDUzYzIyMzQzODIyY2YzOTQ4NmRjODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBQrAxRez0qZDKizNJPwKnV0JcT0
YQ3jeE37sQKqnkBg5XK9QLutdV3b561oVdmXz2C1OWw3jKbRRyrhEk6M4d1X2Jpo
5pq64K0vEQM2p5HQI64eNG2EMYYtngVxfmH/tdFS5ScJCPhOy20+7A0wzYNoL6Bb
G/31EGSXDgHLIeHx0ppytLrrU57D0cpJLR3AmkJPsPj5HXPsu0CL6tQcJB6tsIgp
feZiWIG/jaYvRthmHYuKZHnOWbySGCw0WAYj0sZh6g7rwAe2Fj1dubDf3avF2rk5
VKCeG+p4YXHpEqpCVoRTG4k9l5q4GEuVD+Vf4D3MlL+bW/sul4ofQuFmJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBR/cpjzbGqRTwiNDgizzlIbcggMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvTUZIOXltUE5zYXBGUENJME9DTFBPVWh0eUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgJFMA0G
CSqGSIb3DQEBCwUAA4IBAQAkFATFHwJ2YkNnANhpRdws+17R6VDNzM3HMSvHX/Dn
IC4VtzWVpgn0KE1/PS6oJTUXew4aw4MKlSqlr2moXPPFYY/myqAkoB90ItVwGdtE
28KHIqOVyf199rjJYwTYchPIohwgXbuZ22tmmj5M8NKuVO4jaIfhiqlrCREMVFdU
IC1+p16C1Ym9kjTR0wFtkPidxxA1fsk1lG0vj0bA6Rn2kPvqnHIBtCuGPO1pZOAI
0zLwCRgO18hHqsEkQTCvA9v0S3k725lG3R9+2ssNRRVcyvF3TcOaodSWIJfRA9tY
TsLBvMOJs6aO0tdGCQJ+OsyJwvoVSqjh8/qyQdszrjS4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org