Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/MjTBaQ6XdaVvTfhZQDBwNio6450.roa
File:                     MjTBaQ6XdaVvTfhZQDBwNio6450.roa (raw, json)
Hash identifier:          Db5jMugbAYMUbba/FoHZ7CTkSZbJ9rq8S/+CHOK3KVg=
Subject key identifier:   32:34:C1:69:0E:97:75:A5:6F:4D:F8:59:40:30:70:36:2A:3A:E3:9D
Certificate issuer:       /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial:       0189D6AF48E9538BC4E9C91803AAAC493433
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/MjTBaQ6XdaVvTfhZQDBwNio6450.roa
Signing time:             Tue 08 Aug 2023 19:45:58 +0000
ROA not before:           Tue 08 Aug 2023 19:45:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        178.236.244.0/24 maxlen: 24
                          178.236.243.0/24 maxlen: 24
                          178.236.253.0/24 maxlen: 24
                          194.59.186.0/24 maxlen: 24
                          178.236.254.0/24 maxlen: 24
                          94.228.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 30 Aug 2023 19:27:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d6:af:48:e9:53:8b:c4:e9:c9:18:03:aa:ac:49:34:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
        Validity
            Not Before: Aug  8 19:45:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3234c1690e9775a56f4df859403070362a3ae39d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:1b:eb:60:52:68:77:bc:24:5f:98:05:17:4b:
                    2d:24:34:71:74:3d:64:b4:cd:85:57:9e:c9:80:e8:
                    24:ac:92:21:31:40:eb:c8:fc:d8:f1:53:c3:96:10:
                    f5:ab:e5:25:a0:95:07:2e:03:b7:89:08:35:0f:97:
                    f2:6a:64:d8:f1:8b:93:c1:f7:9d:cb:74:ce:3e:57:
                    29:c0:45:c0:d4:a0:31:d2:d8:71:a3:be:ec:49:45:
                    bf:e9:a9:48:62:23:d7:ff:f4:d7:ed:c3:29:f1:28:
                    90:8f:a1:0d:93:d5:bb:36:5d:40:85:18:a0:e8:b6:
                    d6:9b:cd:8c:b4:05:26:67:10:1a:15:74:6a:4d:01:
                    bd:dd:9a:df:37:a8:0d:a0:8b:16:c4:91:73:06:4e:
                    40:27:38:59:fe:56:a2:04:89:51:9c:ab:ee:94:1d:
                    6f:28:37:1d:e1:90:47:04:a2:58:27:7c:48:aa:a9:
                    59:e2:25:8a:2b:98:f8:e0:7c:e4:ba:03:74:d3:f7:
                    e0:0f:78:da:a9:e6:5a:5c:ac:7c:3f:3f:fe:f1:1c:
                    f3:99:08:b8:76:39:23:db:42:98:7c:b7:b2:48:11:
                    f9:23:2b:7f:63:f4:b3:e1:54:d1:a3:4d:94:c8:99:
                    1a:be:df:e5:fc:18:f0:e3:4f:3b:53:9b:4c:12:e3:
                    1e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:34:C1:69:0E:97:75:A5:6F:4D:F8:59:40:30:70:36:2A:3A:E3:9D
            X509v3 Authority Key Identifier:
                keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/MjTBaQ6XdaVvTfhZQDBwNio6450.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.228.161.0/24
                  178.236.243.0-178.236.244.255
                  178.236.253.0-178.236.254.255
                  194.59.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:ac:e1:d8:63:37:ca:66:9b:8f:2f:9a:de:f1:27:16:30:a4:
         35:62:bf:26:34:b9:39:f7:9a:14:a2:47:80:5e:b3:db:f2:c4:
         d4:04:83:0a:62:e8:d8:bd:07:ef:99:81:05:1d:ab:fd:56:86:
         a5:06:4f:c7:ca:6d:48:92:bc:0f:25:55:94:e6:aa:85:f0:69:
         bc:1c:4c:43:76:3b:a6:33:94:b3:18:83:82:0e:7a:bb:9b:36:
         f2:1e:cf:23:90:3f:d0:f7:9f:17:f5:c1:23:c4:75:0e:27:fd:
         f3:27:46:48:53:81:80:a7:46:2e:fe:7a:35:22:69:be:fa:02:
         f7:0c:a6:44:78:2c:00:af:a2:21:93:cf:f7:a9:60:e6:92:f1:
         6f:cd:31:fe:6b:8b:8b:09:1a:80:32:c5:cb:00:5d:82:df:a5:
         18:54:f6:73:3f:9d:8a:f4:39:bc:1b:2e:9e:bc:2e:d5:5e:7d:
         ca:c4:c7:b6:ae:f1:c2:2e:12:12:2c:99:9b:40:ab:99:42:14:
         cd:e2:2f:b3:47:87:d7:ed:11:96:6c:05:ad:0b:17:7b:b2:36:
         fe:d2:f3:c4:a0:b4:ca:94:b9:a7:f7:db:c8:cf:ad:1a:a7:a1:
         66:b7:5b:ff:63:8b:71:de:1e:fc:0c:5f:66:ad:63:79:68:d6:
         2d:c2:5e:39
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYnWr0jpU4vE6ckYA6qsSTQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjMwODA4MTk0NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjM0YzE2OTBlOTc3NWE1NmY0ZGY4NTk0MDMwNzAzNjJhM2FlMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRvrYFJod7wkX5gFF0stJDRxdD1k
tM2FV57JgOgkrJIhMUDryPzY8VPDlhD1q+UloJUHLgO3iQg1D5fyamTY8YuTwfed
y3TOPlcpwEXA1KAx0thxo77sSUW/6alIYiPX//TX7cMp8SiQj6ENk9W7Nl1AhRig
6LbWm82MtAUmZxAaFXRqTQG93ZrfN6gNoIsWxJFzBk5AJzhZ/laiBIlRnKvulB1v
KDcd4ZBHBKJYJ3xIqqlZ4iWKK5j44HzkugN00/fgD3jaqeZaXKx8Pz/+8RzzmQi4
djkj20KYfLeySBH5Iyt/Y/Sz4VTRo02UyJkavt/l/Bjw4087U5tMEuMevQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDI0wWkOl3Wlb034WUAwcDYqOuOdMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvTWpUQmFRNlhkYVZ2VGZoWlFEQndOaW82NDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAXuShMAwD
BACy7PMDBACy7PQwDAMEALLs/QMEALLs/gMEAMI7ujANBgkqhkiG9w0BAQsFAAOC
AQEAqqzh2GM3ymabjy+a3vEnFjCkNWK/JjS5OfeaFKJHgF6z2/LE1ASDCmLo2L0H
75mBBR2r/VaGpQZPx8ptSJK8DyVVlOaqhfBpvBxMQ3Y7pjOUsxiDgg56u5s28h7P
I5A/0PefF/XBI8R1Dif98ydGSFOBgKdGLv56NSJpvvoC9wymRHgsAK+iIZPP96lg
5pLxb80x/muLiwkagDLFywBdgt+lGFT2cz+divQ5vBsunrwu1V59ysTHtq7xwi4S
EiyZm0CrmUIUzeIvs0eH1+0RlmwFrQsXe7I2/tLzxKC0ypS5p/fbyM+tGqehZrdb
/2OLcd4e/AxfZq1jeWjWLcJeOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:16 2024 by rpki-client on console-ams.rpki-client.org