Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/7ef3e3-242d-4cb3-a524-c44c6beef382/1/N-Mkvnnzjc08r4g9Ad-4wznRHRU.roa
File:                     N-Mkvnnzjc08r4g9Ad-4wznRHRU.roa (raw, json)
Hash identifier:          Q6k7G301CJPPs75430W2MjvmPm+CBxOQd9hWI54C9cs=
Subject key identifier:   37:E3:24:BE:79:F3:8D:CD:3C:AF:88:3D:01:DF:B8:C3:39:D1:1D:15
Certificate issuer:       /CN=28927775b44db879e9f39c2977bdaed62a4ff24d
Certificate serial:       01856C6EE487ED7BFCCCBB6AFD56B62759F4
Authority key identifier: 28:92:77:75:B4:4D:B8:79:E9:F3:9C:29:77:BD:AE:D6:2A:4F:F2:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KJJ3dbRNuHnp85wpd72u1ipP8k0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/7ef3e3-242d-4cb3-a524-c44c6beef382/1/N-Mkvnnzjc08r4g9Ad-4wznRHRU.roa
Signing time:             Sun 01 Jan 2023 08:24:44 +0000
ROA not before:           Sun 01 Jan 2023 08:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12446
IP address blocks:        194.102.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:e4:87:ed:7b:fc:cc:bb:6a:fd:56:b6:27:59:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28927775b44db879e9f39c2977bdaed62a4ff24d
        Validity
            Not Before: Jan  1 08:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37e324be79f38dcd3caf883d01dfb8c339d11d15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:30:44:aa:6f:68:ca:11:d7:69:e0:a7:07:52:
                    98:ad:bf:77:7c:8f:bc:37:fd:5b:43:63:f0:70:00:
                    3e:3b:ed:21:a8:c9:03:52:56:67:61:a1:2f:34:51:
                    1d:85:25:67:da:2e:26:1c:5a:f8:eb:59:8b:a7:37:
                    b6:bf:42:4b:be:d3:b9:49:98:e8:8e:a2:f7:02:07:
                    8b:23:11:b4:fa:2f:f6:5b:e4:f2:8b:cc:4e:52:66:
                    c9:9e:55:14:a4:0d:91:de:74:39:07:13:64:b0:18:
                    c4:29:87:3b:43:3b:d5:5d:27:b4:44:02:d3:f1:51:
                    94:35:c9:8d:0c:50:7c:72:14:f8:49:eb:8c:8c:35:
                    fe:8e:6a:a2:35:6c:af:dd:af:9d:ae:ba:60:21:f2:
                    6c:b9:5f:48:7e:63:07:37:a3:2e:1c:8c:f4:85:f6:
                    71:bc:01:7e:29:52:82:0f:b0:58:9e:ef:ed:7d:96:
                    5b:2b:e1:98:bd:f8:91:6d:da:10:75:d6:af:0d:1c:
                    c9:66:71:c6:65:7e:04:b8:15:c8:d0:0d:ae:cb:e1:
                    1b:67:c6:21:9b:be:c3:02:02:4b:5b:24:cc:b7:a7:
                    bc:ff:e1:99:c0:14:41:d1:99:0f:c2:16:81:d7:e8:
                    d0:1f:55:82:c8:d3:70:c7:54:42:4b:24:ef:00:33:
                    e7:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E3:24:BE:79:F3:8D:CD:3C:AF:88:3D:01:DF:B8:C3:39:D1:1D:15
            X509v3 Authority Key Identifier:
                keyid:28:92:77:75:B4:4D:B8:79:E9:F3:9C:29:77:BD:AE:D6:2A:4F:F2:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJJ3dbRNuHnp85wpd72u1ipP8k0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/7ef3e3-242d-4cb3-a524-c44c6beef382/1/N-Mkvnnzjc08r4g9Ad-4wznRHRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/7ef3e3-242d-4cb3-a524-c44c6beef382/1/KJJ3dbRNuHnp85wpd72u1ipP8k0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:02:79:16:8c:36:16:87:c7:1c:0f:32:27:be:4c:79:67:64:
         95:0a:06:06:13:a8:e9:4f:f4:ae:e2:d4:68:92:83:9a:c6:68:
         94:35:b4:f5:b6:7c:7a:e7:b1:8f:4b:79:0e:58:15:2c:4c:a0:
         60:1e:6c:cd:d1:03:59:01:fa:e2:96:7c:0d:b0:cb:0a:3b:0d:
         47:31:45:11:04:c9:ac:8b:ec:7c:b7:46:80:28:4d:f0:d9:78:
         8f:e8:d3:91:ad:fd:5b:6d:8a:8d:c5:c4:ad:67:b3:37:28:74:
         c3:3b:1d:55:41:d1:f9:5a:90:44:2c:30:39:e2:96:3d:7f:3f:
         9c:37:d3:4c:4d:f4:f8:c9:9d:09:2d:61:86:ef:58:08:68:b3:
         8c:1c:f5:15:54:d8:b7:7a:a5:96:09:5a:80:24:20:13:d8:01:
         e8:a6:38:ab:11:e3:24:d2:02:df:39:8f:5f:39:66:f5:3b:77:
         96:c8:46:01:cd:92:74:68:61:88:c9:59:9c:4a:96:93:74:38:
         24:87:c8:46:1c:0d:5b:a2:dd:3e:ac:70:ce:98:82:84:8d:7f:
         da:a0:5e:9f:55:c8:54:03:d6:c1:cc:f9:79:7e:a2:45:dd:ad:
         0b:f8:3c:13:95:04:f4:4e:b4:44:fc:fa:68:ad:3a:fe:59:51:
         9b:58:27:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbuSH7Xv8zLtq/Va2J1n0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTI3Nzc1YjQ0ZGI4NzllOWYzOWMyOTc3YmRhZWQ2MmE0
ZmYyNGQwHhcNMjMwMTAxMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2UzMjRiZTc5ZjM4ZGNkM2NhZjg4M2QwMWRmYjhjMzM5ZDExZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozBEqm9oyhHXaeCnB1KYrb93fI+8
N/1bQ2PwcAA+O+0hqMkDUlZnYaEvNFEdhSVn2i4mHFr461mLpze2v0JLvtO5SZjo
jqL3AgeLIxG0+i/2W+Tyi8xOUmbJnlUUpA2R3nQ5BxNksBjEKYc7QzvVXSe0RALT
8VGUNcmNDFB8chT4SeuMjDX+jmqiNWyv3a+drrpgIfJsuV9IfmMHN6MuHIz0hfZx
vAF+KVKCD7BYnu/tfZZbK+GYvfiRbdoQddavDRzJZnHGZX4EuBXI0A2uy+EbZ8Yh
m77DAgJLWyTMt6e8/+GZwBRB0ZkPwhaB1+jQH1WCyNNwx1RCSyTvADPnTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfjJL55843NPK+IPQHfuMM50R0VMB8GA1UdIwQY
MBaAFCiSd3W0Tbh56fOcKXe9rtYqT/JNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pKM2RiUk51SG5wODV3cGQ3MnUxaXBQOGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi83ZWYzZTMtMjQyZC00Y2IzLWE1MjQt
YzQ0YzZiZWVmMzgyLzEvTi1Na3ZubnpqYzA4cjRnOUFkLTR3em5SSFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi83ZWYzZTMtMjQyZC00Y2IzLWE1MjQtYzQ0YzZiZWVmMzgy
LzEvS0pKM2RiUk51SG5wODV3cGQ3MnUxaXBQOGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmZlMA0G
CSqGSIb3DQEBCwUAA4IBAQAKAnkWjDYWh8ccDzInvkx5Z2SVCgYGE6jpT/Su4tRo
koOaxmiUNbT1tnx657GPS3kOWBUsTKBgHmzN0QNZAfrilnwNsMsKOw1HMUURBMms
i+x8t0aAKE3w2XiP6NORrf1bbYqNxcStZ7M3KHTDOx1VQdH5WpBELDA54pY9fz+c
N9NMTfT4yZ0JLWGG71gIaLOMHPUVVNi3eqWWCVqAJCAT2AHopjirEeMk0gLfOY9f
OWb1O3eWyEYBzZJ0aGGIyVmcSpaTdDgkh8hGHA1bot0+rHDOmIKEjX/aoF6fVchU
A9bBzPl5fqJF3a0L+DwTlQT0TrRE/PporTr+WVGbWCcx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:00 2024 by rpki-client on console-ams.rpki-client.org