Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MGPB6FhkhxLGROj3jj8PzxxGcL4.roa
File:                     MGPB6FhkhxLGROj3jj8PzxxGcL4.roa (raw, json)
Hash identifier:          cB+g7Sm7rDhiD2tKowInIVhLED5o8dA8qU/11JjQYGg=
Subject key identifier:   30:63:C1:E8:58:64:87:12:C6:44:E8:F7:8E:3F:0F:CF:1C:46:70:BE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E662F6318812A16215AE3849FC980948A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MGPB6FhkhxLGROj3jj8PzxxGcL4.roa
Signing time:             Fri 22 Mar 2024 12:42:45 +0000
ROA not before:           Fri 22 Mar 2024 12:42:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     134835
IP address blocks:        89.213.123.0/24 maxlen: 24
                          109.176.26.0/24 maxlen: 24
                          213.218.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Apr 2024 07:48:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:66:2f:63:18:81:2a:16:21:5a:e3:84:9f:c9:80:94:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 22 12:42:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3063c1e858648712c644e8f78e3f0fcf1c4670be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7a:37:76:63:70:15:53:af:90:80:29:24:b3:
                    cb:df:18:80:5d:84:08:df:a1:80:09:a1:b4:3d:c5:
                    fe:d5:b8:52:ca:4c:57:6b:72:aa:e6:2d:04:ab:4d:
                    60:af:b9:c3:76:c8:4e:a7:ad:c2:fd:c9:6c:1b:0f:
                    e7:b7:17:d2:f2:d2:30:19:0f:3a:d8:d4:0f:ca:7f:
                    31:10:f7:97:67:86:20:b0:29:ab:35:e7:77:bb:49:
                    ea:c5:3f:16:9f:99:48:4f:c5:f8:49:40:44:67:99:
                    eb:01:eb:fb:3b:f4:a2:ad:78:51:40:ff:9d:4a:47:
                    ac:54:cd:40:9f:e3:02:59:0a:8c:f7:5b:28:01:6a:
                    48:5b:98:11:19:24:c2:92:c4:d3:e2:8d:84:4a:65:
                    98:00:0d:16:29:79:d3:06:9c:9e:6f:98:a2:96:f8:
                    3e:50:06:0e:49:0d:23:d0:3c:92:8c:87:07:c0:af:
                    fe:e5:46:29:4f:cd:ee:be:50:f0:85:dd:ee:a3:1d:
                    a7:34:16:44:ba:17:53:5c:ae:c2:e6:05:b6:10:61:
                    69:af:ca:ac:43:72:b2:ee:a5:48:25:a1:f9:ab:e1:
                    cb:5c:31:7d:ab:10:a7:08:b5:b7:68:5e:9d:5b:95:
                    82:a9:c9:3b:21:45:b6:0c:32:67:98:e1:a6:76:c1:
                    d7:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:63:C1:E8:58:64:87:12:C6:44:E8:F7:8E:3F:0F:CF:1C:46:70:BE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MGPB6FhkhxLGROj3jj8PzxxGcL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.123.0/24
                  109.176.26.0/24
                  213.218.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:92:81:b1:be:91:a0:c6:33:5f:39:1f:2b:e5:33:0d:59:6e:
         f9:5c:5a:5c:5c:c3:eb:eb:4c:d5:b7:69:45:c8:e0:c6:a8:51:
         9d:76:b0:e1:5d:ba:6c:cf:fa:c5:04:2b:a0:97:74:ef:ad:37:
         01:d2:52:8b:11:ec:08:72:28:23:cb:4a:00:1a:9a:6a:27:ee:
         33:6e:cd:cf:02:d1:be:9d:fa:0b:3e:7a:98:de:25:b1:df:66:
         6d:03:34:8d:d6:f1:18:8e:b0:9c:79:f7:b2:30:a1:09:6e:b4:
         c9:99:db:eb:e0:01:16:29:7d:93:c2:be:57:0e:a0:a7:72:83:
         73:ba:17:56:41:04:0a:57:3c:b8:4b:80:69:c2:25:50:be:0f:
         ce:9b:7f:67:fd:73:42:3d:32:6b:61:8b:c3:fd:e7:da:b1:50:
         7c:99:d5:a6:4a:1c:6a:97:e0:8f:38:2a:96:d2:b5:f7:1f:c2:
         9e:fd:78:fb:de:58:05:73:e5:d6:96:57:f8:b5:06:34:ba:63:
         49:d2:d3:93:a2:d4:b0:a8:71:67:36:28:63:84:67:c1:36:66:
         bb:30:02:51:08:a1:2c:fd:94:83:e9:b8:fd:82:27:65:2d:95:
         da:45:51:24:15:59:02:63:dc:18:9e:7d:e4:2a:0f:7f:9c:1a:
         c2:f6:3c:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5mL2MYgSoWIVrjhJ/JgJSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIyMTI0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDYzYzFlODU4NjQ4NzEyYzY0NGU4Zjc4ZTNmMGZjZjFjNDY3MGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3o3dmNwFVOvkIApJLPL3xiAXYQI
36GACaG0PcX+1bhSykxXa3Kq5i0Eq01gr7nDdshOp63C/clsGw/ntxfS8tIwGQ86
2NQPyn8xEPeXZ4YgsCmrNed3u0nqxT8Wn5lIT8X4SUBEZ5nrAev7O/SirXhRQP+d
SkesVM1An+MCWQqM91soAWpIW5gRGSTCksTT4o2ESmWYAA0WKXnTBpyeb5iilvg+
UAYOSQ0j0DySjIcHwK/+5UYpT83uvlDwhd3uox2nNBZEuhdTXK7C5gW2EGFpr8qs
Q3Ky7qVIJaH5q+HLXDF9qxCnCLW3aF6dW5WCqck7IUW2DDJnmOGmdsHXAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDBjwehYZIcSxkTo944/D88cRnC+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTUdQQjZGaGtoeExHUk9qM2pqOFB6eHhHY0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdV7AwQA
bbAaAwQA1dr6MA0GCSqGSIb3DQEBCwUAA4IBAQBzkoGxvpGgxjNfOR8r5TMNWW75
XFpcXMPr60zVt2lFyODGqFGddrDhXbpsz/rFBCugl3TvrTcB0lKLEewIcigjy0oA
GppqJ+4zbs3PAtG+nfoLPnqY3iWx32ZtAzSN1vEYjrCcefeyMKEJbrTJmdvr4AEW
KX2Twr5XDqCncoNzuhdWQQQKVzy4S4BpwiVQvg/Om39n/XNCPTJrYYvD/efasVB8
mdWmShxql+CPOCqW0rX3H8Ke/Xj73lgFc+XWllf4tQY0umNJ0tOTotSwqHFnNihj
hGfBNma7MAJRCKEs/ZSD6bj9gidlLZXaRVEkFVkCY9wYnn3kKg9/nBrC9jwp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org