Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/MHox34B0fBxAdVEOs-nxdABEDYg.roa
File:                     MHox34B0fBxAdVEOs-nxdABEDYg.roa (raw, json)
Hash identifier:          4cww9grjwbuFGYB8JuZZRIUrnPqpOQvYgxA2SP0brvw=
Subject key identifier:   30:7A:31:DF:80:74:7C:1C:40:75:51:0E:B3:E9:F1:74:00:44:0D:88
Certificate issuer:       /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial:       0185E98B86AFB58BBC65B57CB61CCED13A32
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/MHox34B0fBxAdVEOs-nxdABEDYg.roa
Signing time:             Wed 25 Jan 2023 15:28:33 +0000
ROA not before:           Wed 25 Jan 2023 15:28:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212027
IP address blocks:        37.230.138.0/24 maxlen: 24
                          81.16.176.0/24 maxlen: 24
                          81.16.177.0/24 maxlen: 24
                          91.208.92.0/24 maxlen: 24
                          194.213.3.0/24 maxlen: 24
                          45.143.196.0/22 maxlen: 22
                          2a10:e780::/40 maxlen: 40

Validation:               Failed, certificate revoked on Sun 05 Feb 2023 00:47:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e9:8b:86:af:b5:8b:bc:65:b5:7c:b6:1c:ce:d1:3a:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
        Validity
            Not Before: Jan 25 15:28:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=307a31df80747c1c4075510eb3e9f17400440d88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f2:60:0a:3d:0f:86:c0:a3:bb:4a:69:df:70:
                    ef:63:b5:88:fc:cd:1d:79:fc:8a:62:c0:7e:c0:56:
                    92:64:62:04:1e:90:e6:d9:2f:a9:26:cc:fb:f9:97:
                    09:52:dc:f1:92:93:60:41:74:e5:44:c9:53:64:d1:
                    53:4f:6e:b0:d3:08:9d:35:20:8a:ec:49:e8:9f:1f:
                    85:73:2e:c4:fe:83:f0:cf:07:38:bb:eb:d9:75:5d:
                    cc:46:1d:1f:0f:6e:6e:45:20:ea:92:41:c5:fd:ed:
                    ec:4c:64:05:26:8e:ea:f0:2f:43:93:a3:51:5a:92:
                    2e:fb:d6:a6:67:2c:25:3f:99:9c:29:47:42:46:00:
                    eb:f8:d3:11:dc:3a:3c:6a:0b:69:12:1c:09:7c:90:
                    cf:9f:8b:1f:5d:71:dc:24:4c:10:ca:ca:95:18:b7:
                    02:81:fe:21:fc:21:a7:97:37:53:4f:ef:db:33:fc:
                    63:59:a3:f0:4a:6b:9a:be:62:f2:be:b0:eb:b3:a3:
                    a3:fc:6b:f3:9c:26:4f:b0:ca:d3:f4:90:7e:ca:34:
                    f0:b3:94:07:31:0b:cd:cd:1b:ec:c3:c5:7a:ae:c9:
                    63:36:f1:a5:e5:aa:c4:04:81:16:f0:19:99:25:0d:
                    a3:38:39:66:ce:2b:07:36:ce:6a:8e:06:11:02:2a:
                    39:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:7A:31:DF:80:74:7C:1C:40:75:51:0E:B3:E9:F1:74:00:44:0D:88
            X509v3 Authority Key Identifier:
                keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/MHox34B0fBxAdVEOs-nxdABEDYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.138.0/24
                  45.143.196.0/22
                  81.16.176.0/23
                  91.208.92.0/24
                  194.213.3.0/24
                IPv6:
                  2a10:e780::/40

    Signature Algorithm: sha256WithRSAEncryption
         ab:e1:ba:16:fd:02:38:7b:50:17:19:22:68:0a:de:59:5d:32:
         7e:68:26:a5:9d:de:60:71:f8:94:e4:87:c0:ee:39:ca:12:ed:
         a1:e7:ba:ea:1f:b8:d7:13:01:42:54:ef:00:2b:54:20:14:92:
         16:ee:1a:f2:9a:4f:ca:25:97:2b:58:6c:80:ce:9f:10:02:19:
         42:a9:ab:0f:57:ca:7f:32:00:2d:c7:c3:91:3a:2a:d3:4a:c1:
         b4:47:49:22:c7:4c:81:a1:da:62:13:77:72:d4:ba:2b:ae:00:
         f9:32:81:50:d4:b8:0d:41:57:5b:00:c6:ff:a6:2e:df:f0:63:
         9c:de:01:f6:7c:48:a2:4a:9c:ed:54:30:be:29:fc:90:45:13:
         e3:5f:ab:7c:6f:bf:8f:42:6f:82:c1:2b:0f:71:e4:22:da:9a:
         24:7f:75:fc:17:a7:d7:21:44:81:45:45:dd:c2:41:c2:ff:69:
         80:66:f7:8c:52:e5:08:f7:df:ab:30:95:e9:5d:1c:3e:8f:9d:
         6e:52:57:4a:e8:27:4d:8d:8d:0b:4d:6a:47:ce:86:aa:63:c0:
         84:f9:df:1b:90:30:10:7f:cf:2b:55:32:ea:4f:1b:46:10:d8:
         db:e3:fd:bc:00:03:ad:98:18:ec:12:01:9a:5d:0e:71:ad:f9:
         09:13:6c:83
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYXpi4avtYu8ZbV8thzO0ToyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjMwMTI1MTUyODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdhMzFkZjgwNzQ3YzFjNDA3NTUxMGViM2U5ZjE3NDAwNDQwZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/JgCj0PhsCju0pp33DvY7WI/M0d
efyKYsB+wFaSZGIEHpDm2S+pJsz7+ZcJUtzxkpNgQXTlRMlTZNFTT26w0widNSCK
7Enonx+Fcy7E/oPwzwc4u+vZdV3MRh0fD25uRSDqkkHF/e3sTGQFJo7q8C9Dk6NR
WpIu+9amZywlP5mcKUdCRgDr+NMR3Do8agtpEhwJfJDPn4sfXXHcJEwQysqVGLcC
gf4h/CGnlzdTT+/bM/xjWaPwSmuavmLyvrDrs6Oj/GvznCZPsMrT9JB+yjTws5QH
MQvNzRvsw8V6rsljNvGl5arEBIEW8BmZJQ2jODlmzisHNs5qjgYRAio5uQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDB6Md+AdHwcQHVRDrPp8XQARA2IMB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvTUhveDM0QjBmQnhBZFZFT3MtbnhkQUJFRFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQAwtUDMA4EAgACMAgDBgAqEOeAADANBgkqhkiG9w0B
AQsFAAOCAQEAq+G6Fv0COHtQFxkiaAreWV0yfmgmpZ3eYHH4lOSHwO45yhLtoee6
6h+41xMBQlTvACtUIBSSFu4a8ppPyiWXK1hsgM6fEAIZQqmrD1fKfzIALcfDkToq
00rBtEdJIsdMgaHaYhN3ctS6K64A+TKBUNS4DUFXWwDG/6Yu3/BjnN4B9nxIokqc
7VQwvin8kEUT41+rfG+/j0JvgsErD3HkItqaJH91/Ben1yFEgUVF3cJBwv9pgGb3
jFLlCPffqzCV6V0cPo+dblJXSugnTY2NC01qR86GqmPAhPnfG5AwEH/PK1Uy6k8b
RhDY2+P9vAADrZgY7BIBml0Oca35CRNsgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org