Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/mlya4h4u67Z46srqrlaOFgZiCUM.roa
File:                     mlya4h4u67Z46srqrlaOFgZiCUM.roa (raw, json)
Hash identifier:          rfGRp60882BU4bvJFloDlrOsmnygmpWVRDyloPo4bzs=
Subject key identifier:   9A:5C:9A:E2:1E:2E:EB:B6:78:EA:CA:EA:AE:56:8E:16:06:62:09:43
Certificate issuer:       /CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
Certificate serial:       01856CE5F8036796A82510D4EE636B49299A
Authority key identifier: EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/mlya4h4u67Z46srqrlaOFgZiCUM.roa
Signing time:             Sun 01 Jan 2023 10:34:48 +0000
ROA not before:           Sun 01 Jan 2023 10:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     134823
IP address blocks:        193.42.40.0/22 maxlen: 24
                          2a13:2200::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e5:f8:03:67:96:a8:25:10:d4:ee:63:6b:49:29:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
        Validity
            Not Before: Jan  1 10:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a5c9ae21e2eebb678eacaeaae568e1606620943
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:10:1c:d0:63:b9:aa:29:fe:4a:3d:02:5f:3e:
                    2e:57:68:18:b7:20:70:31:3c:8f:c8:ff:eb:d4:76:
                    53:e1:ed:69:61:8d:fd:5f:4c:c1:1e:d8:f6:ed:10:
                    f7:34:f2:39:64:d3:aa:7a:c9:20:e2:cd:89:0d:ec:
                    a2:7f:15:f8:87:70:93:ed:d0:ce:30:b7:67:c2:03:
                    70:7a:61:26:71:e4:af:a8:2a:fe:b0:cf:ca:8d:7b:
                    51:7e:d3:2a:6e:88:34:dd:8c:48:d2:3d:52:72:a7:
                    d1:d4:cc:d9:11:3b:1a:f1:13:6e:86:c7:e3:b7:41:
                    05:ed:e6:a2:31:f7:ea:1d:67:67:00:92:61:c1:07:
                    8e:c5:c7:94:94:63:55:63:f0:85:1c:d4:e7:c5:28:
                    85:01:07:55:39:66:62:4f:38:c9:1f:99:14:5c:e0:
                    86:98:85:5d:a9:8e:8d:28:60:ca:ec:c9:f6:de:cf:
                    51:21:64:c4:00:81:d5:d2:42:a2:13:5d:2f:3c:eb:
                    06:16:09:3c:7e:31:c6:67:72:e5:85:1e:42:13:5d:
                    8c:c0:5e:ed:03:b1:cf:f3:7f:01:92:50:9a:99:97:
                    1b:94:65:e3:29:fe:45:b8:2b:11:62:18:e8:c4:7c:
                    70:ba:1b:a6:e9:c4:8f:f0:99:1a:a5:af:14:dc:17:
                    2a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:5C:9A:E2:1E:2E:EB:B6:78:EA:CA:EA:AE:56:8E:16:06:62:09:43
            X509v3 Authority Key Identifier:
                keyid:EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/mlya4h4u67Z46srqrlaOFgZiCUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.42.40.0/22
                IPv6:
                  2a13:2200::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:c3:60:ee:68:3a:20:06:49:06:d9:ae:19:19:b5:7a:93:be:
         eb:c6:cd:41:d7:c4:4b:aa:24:5a:e0:ba:08:5d:8f:19:57:e9:
         6b:b1:7d:e7:d2:af:4a:9f:53:90:7e:b2:3e:f1:87:e3:81:e7:
         39:c6:4e:61:3a:be:58:15:b0:fb:21:c4:c5:4c:be:12:7e:f3:
         3f:bb:a4:70:10:3d:5a:bb:e9:92:61:e5:3f:5e:a1:39:e3:ea:
         16:cf:6a:11:34:dd:ae:2d:ce:2f:d0:73:6a:d9:9b:3c:b9:96:
         a1:db:fd:c5:e6:2a:d9:ab:df:83:9e:57:08:98:b7:c4:59:0d:
         8a:ac:f5:35:8d:52:44:8a:e6:75:3d:31:65:f0:43:1e:8d:a6:
         3c:7f:be:7f:f2:11:0f:b1:25:59:59:30:2d:05:dc:a1:fd:55:
         53:c2:6b:6c:61:5f:d7:11:36:62:56:20:38:c4:83:45:a0:cb:
         c2:ab:93:c0:42:6d:5b:77:ca:58:6d:61:24:b9:93:b1:93:3e:
         d1:7b:d8:58:82:56:d5:c8:1f:c1:7f:65:e8:2c:c5:d4:13:c4:
         5d:1f:f3:39:38:d4:f4:e9:75:f7:de:5c:43:a4:df:01:bb:44:
         27:b5:b1:79:1e:13:18:c8:94:4e:b3:0f:fa:41:05:3a:41:88:
         c7:3d:a9:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5fgDZ5aoJRDU7mNrSSmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMmQxMDJiNjExMmIwZDlhOGI4ZWViYWM0Yjk3YzgxOWY5
N2M2MDYwHhcNMjMwMTAxMTAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTVjOWFlMjFlMmVlYmI2NzhlYWNhZWFhZTU2OGUxNjA2NjIwOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhAc0GO5qin+Sj0CXz4uV2gYtyBw
MTyPyP/r1HZT4e1pYY39X0zBHtj27RD3NPI5ZNOqeskg4s2JDeyifxX4h3CT7dDO
MLdnwgNwemEmceSvqCr+sM/KjXtRftMqbog03YxI0j1ScqfR1MzZETsa8RNuhsfj
t0EF7eaiMffqHWdnAJJhwQeOxceUlGNVY/CFHNTnxSiFAQdVOWZiTzjJH5kUXOCG
mIVdqY6NKGDK7Mn23s9RIWTEAIHV0kKiE10vPOsGFgk8fjHGZ3LlhR5CE12MwF7t
A7HP838BklCamZcblGXjKf5FuCsRYhjoxHxwuhum6cSP8Jkapa8U3BcqzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJpcmuIeLuu2eOrK6q5WjhYGYglDMB8GA1UdIwQY
MBaAFOotECthErDZqLjuusS5fIGfl8YGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmkwUUsyRVNzTm1vdU82NnhMbDhnWi1YeGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80Y2RlZmEtNWVlMi00NzE5LWE3ZTEt
YjgyOWNjNDAxMDMxLzEvbWx5YTRoNHU2N1o0NnNycXJsYU9GZ1ppQ1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80Y2RlZmEtNWVlMi00NzE5LWE3ZTEtYjgyOWNjNDAxMDMx
LzEvNmkwUUsyRVNzTm1vdU82NnhMbDhnWi1YeGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwSooMA0E
AgACMAcDBQMqEyIAMA0GCSqGSIb3DQEBCwUAA4IBAQBTw2DuaDogBkkG2a4ZGbV6
k77rxs1B18RLqiRa4LoIXY8ZV+lrsX3n0q9Kn1OQfrI+8Yfjgec5xk5hOr5YFbD7
IcTFTL4SfvM/u6RwED1au+mSYeU/XqE54+oWz2oRNN2uLc4v0HNq2Zs8uZah2/3F
5irZq9+DnlcImLfEWQ2KrPU1jVJEiuZ1PTFl8EMejaY8f75/8hEPsSVZWTAtBdyh
/VVTwmtsYV/XETZiViA4xINFoMvCq5PAQm1bd8pYbWEkuZOxkz7Re9hYglbVyB/B
f2XoLMXUE8RdH/M5ONT06XX33lxDpN8Bu0QntbF5HhMYyJROsw/6QQU6QYjHPakF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:36 2024 by rpki-client on console-fra.rpki-client.org