Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/MqpvYWBE1L0W3tHVq9wHDGidZCM.roa
File:                     MqpvYWBE1L0W3tHVq9wHDGidZCM.roa (raw, json)
Hash identifier:          dXEcqvjOBlzlXnZETeK/oUdYW/Oyv1r/WufmaBAkKtk=
Subject key identifier:   32:AA:6F:61:60:44:D4:BD:16:DE:D1:D5:AB:DC:07:0C:68:9D:64:23
Certificate issuer:       /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial:       018EF51B3969C454E5463DD46EAE432E2547
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/MqpvYWBE1L0W3tHVq9wHDGidZCM.roa
Signing time:             Fri 19 Apr 2024 06:46:25 +0000
ROA not before:           Fri 19 Apr 2024 06:46:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     25311
IP address blocks:        86.105.206.0/23 maxlen: 24
                          89.34.180.0/22 maxlen: 24
                          188.209.96.0/20 maxlen: 24
                          195.182.220.0/23 maxlen: 24
                          2a03:9c20:2002::/48 maxlen: 56
                          2a03:9c20:3000::/36 maxlen: 48

Validation:               Failed, certificate revoked on Fri 26 Apr 2024 09:09:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f5:1b:39:69:c4:54:e5:46:3d:d4:6e:ae:43:2e:25:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
        Validity
            Not Before: Apr 19 06:46:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=32aa6f616044d4bd16ded1d5abdc070c689d6423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:5b:d7:73:6b:80:ac:ac:50:74:16:ac:3d:28:
                    34:70:22:3b:51:cb:bb:52:64:29:a5:e6:63:87:df:
                    fa:b9:9b:3b:6c:85:90:50:45:4e:4b:9b:df:cb:02:
                    cf:b9:98:e7:af:fe:e0:2f:0e:c9:31:c7:4a:44:5c:
                    6e:34:a9:67:1b:1a:bd:a3:94:33:05:d8:d2:1e:3c:
                    b0:ad:e7:5c:eb:09:90:01:61:6d:54:85:07:3e:07:
                    52:1e:e1:2f:d7:6f:4f:e3:32:6e:d2:e8:19:21:5d:
                    24:f6:d5:23:a0:d5:d7:ca:5a:7e:4e:64:a5:7e:8c:
                    8f:0f:01:cf:fb:a0:82:0a:32:23:89:35:03:29:86:
                    64:d5:19:c3:93:8f:d5:a9:31:45:8f:1f:6e:e1:7d:
                    bf:87:0e:35:48:96:d2:70:64:69:e0:9b:7f:9e:ed:
                    7d:fe:84:cd:85:0f:e9:5a:3a:0b:e8:dd:dc:05:f6:
                    56:b4:88:5d:cc:0e:4c:7c:4a:a7:5e:04:20:49:fd:
                    3b:46:bd:3b:80:80:e0:44:54:42:60:a9:f9:7d:1b:
                    c5:10:0e:7f:f2:04:55:5a:76:5b:2b:e1:d4:b4:59:
                    90:57:26:36:b0:22:25:9e:75:fa:2f:03:a5:46:9c:
                    cb:45:25:db:5c:a5:e4:18:db:f3:2a:5e:8b:09:16:
                    8c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:AA:6F:61:60:44:D4:BD:16:DE:D1:D5:AB:DC:07:0C:68:9D:64:23
            X509v3 Authority Key Identifier:
                keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/MqpvYWBE1L0W3tHVq9wHDGidZCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.105.206.0/23
                  89.34.180.0/22
                  188.209.96.0/20
                  195.182.220.0/23
                IPv6:
                  2a03:9c20:2002::/48
                  2a03:9c20:3000::/36

    Signature Algorithm: sha256WithRSAEncryption
         35:67:01:a9:2e:dd:77:2d:27:c0:e5:aa:e0:6a:db:eb:76:c1:
         15:f6:9b:14:f3:87:46:81:9a:4f:02:ae:d4:45:6c:08:1f:a3:
         fa:60:59:a3:39:03:4d:26:f8:49:9f:41:0f:4e:a9:06:28:59:
         05:d7:4c:65:96:0d:b1:ae:b7:28:72:25:b3:c3:76:9d:96:2c:
         7d:26:b9:50:a8:1d:f4:26:7f:e3:22:ce:f8:95:8a:8a:22:aa:
         49:8d:f8:ec:8e:59:4d:3c:b5:f4:66:a0:e5:e9:c7:32:87:2e:
         b3:5d:ae:db:86:0b:ae:23:29:35:36:8a:e2:dc:79:55:29:21:
         69:78:b4:f8:cf:ac:03:eb:a1:47:a9:93:5c:6b:2e:9c:63:db:
         e4:ce:9c:4e:b0:32:c7:45:54:f3:89:b9:95:84:d6:5f:4b:d7:
         3e:e7:30:a0:d1:d5:3c:ec:88:06:26:5e:6e:a6:3e:91:41:f9:
         80:4f:ff:5d:f3:7c:5b:35:8f:42:9f:5e:27:cc:81:15:5c:10:
         d3:e7:f0:52:d3:8b:e1:75:90:fd:11:e9:2b:6d:9c:ba:6c:43:
         04:91:e5:f2:97:3c:f9:ef:f9:59:f1:66:6c:a6:14:cc:be:94:
         e7:e0:e0:a7:36:40:92:a2:d3:ec:3d:99:94:07:9b:ce:fb:3d:
         d0:8f:6c:04
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY71GzlpxFTlRj3Ubq5DLiVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQwNDE5MDY0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFhNmY2MTYwNDRkNGJkMTZkZWQxZDVhYmRjMDcwYzY4OWQ2NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVvXc2uArKxQdBasPSg0cCI7Ucu7
UmQppeZjh9/6uZs7bIWQUEVOS5vfywLPuZjnr/7gLw7JMcdKRFxuNKlnGxq9o5Qz
BdjSHjywredc6wmQAWFtVIUHPgdSHuEv129P4zJu0ugZIV0k9tUjoNXXylp+TmSl
foyPDwHP+6CCCjIjiTUDKYZk1RnDk4/VqTFFjx9u4X2/hw41SJbScGRp4Jt/nu19
/oTNhQ/pWjoL6N3cBfZWtIhdzA5MfEqnXgQgSf07Rr07gIDgRFRCYKn5fRvFEA5/
8gRVWnZbK+HUtFmQVyY2sCIlnnX6LwOlRpzLRSXbXKXkGNvzKl6LCRaMyQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDKqb2FgRNS9Ft7R1avcBwxonWQjMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvTXFwdllXQkUxTDBXM3RIVnE5d0hER2lkWkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQBVmnOAwQC
WSK0AwQEvNFgAwQBw7bcMBcEAgACMBEDBwAqA5wgIAIDBgQqA5wgMDANBgkqhkiG
9w0BAQsFAAOCAQEANWcBqS7ddy0nwOWq4Grb63bBFfabFPOHRoGaTwKu1EVsCB+j
+mBZozkDTSb4SZ9BD06pBihZBddMZZYNsa63KHIls8N2nZYsfSa5UKgd9CZ/4yLO
+JWKiiKqSY347I5ZTTy19Gag5enHMocus12u24YLriMpNTaK4tx5VSkhaXi0+M+s
A+uhR6mTXGsunGPb5M6cTrAyx0VU84m5lYTWX0vXPucwoNHVPOyIBiZebqY+kUH5
gE//XfN8WzWPQp9eJ8yBFVwQ0+fwUtOL4XWQ/RHpK22cumxDBJHl8pc8+e/5WfFm
bKYUzL6U5+DgpzZAkqLT7D2ZlAebzvs90I9sBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:13 2024 by rpki-client on console-fra.rpki-client.org