Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mT0oPxNtUcNIkt6zwUBt0-4rcjo.roa
File:                     mT0oPxNtUcNIkt6zwUBt0-4rcjo.roa (raw, json)
Hash identifier:          yqBOoUBsIILzg3MfEH2oTWOzj7laeCJdGttstp1KWpg=
Subject key identifier:   99:3D:28:3F:13:6D:51:C3:48:92:DE:B3:C1:40:6D:D3:EE:2B:72:3A
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01865A5956DCB57A9256B9BD4C707DFA43FA
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mT0oPxNtUcNIkt6zwUBt0-4rcjo.roa
Signing time:             Thu 16 Feb 2023 13:10:49 +0000
ROA not before:           Thu 16 Feb 2023 13:10:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        185.68.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Apr 2023 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5a:59:56:dc:b5:7a:92:56:b9:bd:4c:70:7d:fa:43:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Feb 16 13:10:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=993d283f136d51c34892deb3c1406dd3ee2b723a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:74:da:f4:af:41:01:e8:ac:ff:b9:62:91:67:
                    e4:d8:bc:cb:ff:c6:83:b6:8a:62:d9:2e:ca:72:05:
                    70:6a:21:7d:5e:25:83:c4:bf:35:60:fa:1c:4c:2c:
                    27:86:db:b4:ae:53:92:3a:be:97:d1:a3:62:08:38:
                    30:2a:39:50:59:97:f5:5c:b0:3a:df:e4:d4:1a:d2:
                    c6:b2:3a:fd:e4:65:c4:76:b2:e6:03:ac:18:d6:04:
                    5d:bc:6d:8d:cb:cf:a9:8e:ec:b9:04:12:80:0c:05:
                    29:1b:4f:4d:62:6f:c5:f1:b4:19:da:08:62:a9:d5:
                    14:88:90:a6:de:98:6a:e2:8c:3e:e9:82:19:d6:5e:
                    a2:bb:a0:aa:8d:0d:bf:08:e8:88:fa:d5:1a:4f:ca:
                    88:14:15:24:58:66:91:96:89:c9:13:07:23:d1:35:
                    78:bd:99:15:5c:69:42:a9:9a:14:db:8a:f7:55:3c:
                    9a:c4:e7:8e:bc:92:5b:a5:16:3b:4a:ee:d2:80:80:
                    54:f9:a4:bf:09:56:30:7b:0c:64:35:e3:ed:63:c7:
                    75:35:88:91:9b:d7:48:e0:bf:ca:6a:f1:84:cf:c5:
                    30:c7:b3:4c:d9:27:b3:c7:07:be:e0:61:b2:a6:df:
                    8d:1d:2b:e3:24:c7:ba:8d:f6:f6:b4:31:b4:df:74:
                    fc:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:3D:28:3F:13:6D:51:C3:48:92:DE:B3:C1:40:6D:D3:EE:2B:72:3A
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mT0oPxNtUcNIkt6zwUBt0-4rcjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.68.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:28:48:fe:7c:23:8e:c6:e1:2f:02:ec:1d:2c:fb:3f:d6:c4:
         20:17:c6:67:f6:89:b1:ea:f2:c9:68:72:0a:07:f3:44:48:05:
         15:3d:f8:09:ca:1f:67:06:c5:f4:98:3b:d4:54:95:a8:fc:64:
         ed:3b:f5:a1:fc:96:a9:5b:31:ae:72:10:83:56:b2:07:e4:59:
         44:a3:a3:e7:fd:e1:bf:f8:73:fe:83:04:e8:ae:39:28:f5:40:
         08:10:80:d4:fe:e0:bb:dd:1b:7b:94:ae:a8:9e:5a:e3:9a:82:
         90:85:2e:59:cd:1d:61:75:42:15:7c:63:20:58:09:7a:4a:72:
         1b:fb:bf:23:c9:dc:95:6d:f5:db:ae:2f:d1:e7:4c:c6:c3:b7:
         16:96:35:59:3a:86:80:10:58:84:83:cc:a6:c8:d5:a2:66:bd:
         f0:95:63:55:51:77:e9:de:92:f9:c6:20:3f:a1:01:cd:ac:c8:
         22:de:45:4a:b2:2f:df:f3:0f:06:9e:37:83:24:82:ae:8d:a4:
         28:43:c3:9a:d8:59:9d:87:04:4d:d8:7e:3e:92:e1:92:d0:32:
         10:ac:76:f7:2a:02:0d:2b:23:29:5b:84:54:41:5b:af:d6:f4:
         41:4d:85:27:a1:e3:61:22:ef:ad:c6:8b:cb:8e:61:cd:03:3d:
         94:00:d1:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZaWVbctXqSVrm9THB9+kP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjE2MTMxMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNkMjgzZjEzNmQ1MWMzNDg5MmRlYjNjMTQwNmRkM2VlMmI3MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHTa9K9BAeis/7likWfk2LzL/8aD
topi2S7KcgVwaiF9XiWDxL81YPocTCwnhtu0rlOSOr6X0aNiCDgwKjlQWZf1XLA6
3+TUGtLGsjr95GXEdrLmA6wY1gRdvG2Ny8+pjuy5BBKADAUpG09NYm/F8bQZ2ghi
qdUUiJCm3phq4ow+6YIZ1l6iu6CqjQ2/COiI+tUaT8qIFBUkWGaRlonJEwcj0TV4
vZkVXGlCqZoU24r3VTyaxOeOvJJbpRY7Su7SgIBU+aS/CVYwewxkNePtY8d1NYiR
m9dI4L/KavGEz8Uwx7NM2Sezxwe+4GGypt+NHSvjJMe6jfb2tDG033T8fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJk9KD8TbVHDSJLes8FAbdPuK3I6MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvbVQwb1B4TnRVY05Ja3Q2endVQnQwLTRyY2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUT1MA0G
CSqGSIb3DQEBCwUAA4IBAQAFKEj+fCOOxuEvAuwdLPs/1sQgF8Zn9omx6vLJaHIK
B/NESAUVPfgJyh9nBsX0mDvUVJWo/GTtO/Wh/JapWzGuchCDVrIH5FlEo6Pn/eG/
+HP+gwTorjko9UAIEIDU/uC73Rt7lK6onlrjmoKQhS5ZzR1hdUIVfGMgWAl6SnIb
+78jydyVbfXbri/R50zGw7cWljVZOoaAEFiEg8ymyNWiZr3wlWNVUXfp3pL5xiA/
oQHNrMgi3kVKsi/f8w8GnjeDJIKujaQoQ8Oa2FmdhwRN2H4+kuGS0DIQrHb3KgIN
KyMpW4RUQVuv1vRBTYUnoeNhIu+txovLjmHNAz2UANH7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org