Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MKUZTa2hJdvvJOTAcelx4uwffBE.roa
File:                     MKUZTa2hJdvvJOTAcelx4uwffBE.roa (raw, json)
Hash identifier:          E0axBnvrnCCXN/KsxKkX2vHEyY86fJonQzSIWUR+GiY=
Subject key identifier:   30:A5:19:4D:AD:A1:25:DB:EF:24:E4:C0:71:E9:71:E2:EC:1F:7C:11
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01896DCD23608656EF5C34F6763C130B8987
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MKUZTa2hJdvvJOTAcelx4uwffBE.roa
Signing time:             Wed 19 Jul 2023 10:58:27 +0000
ROA not before:           Wed 19 Jul 2023 10:58:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203511
IP address blocks:        213.152.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 08:57:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6d:cd:23:60:86:56:ef:5c:34:f6:76:3c:13:0b:89:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 19 10:58:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30a5194dada125dbef24e4c071e971e2ec1f7c11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b3:e1:89:ab:f9:8d:26:27:16:87:e4:a4:df:
                    20:36:f9:60:01:b4:f6:e0:b2:b9:54:fa:64:46:9c:
                    8c:59:48:16:77:fd:d2:96:8e:b5:09:36:b9:1e:6f:
                    3f:4c:cb:00:58:50:be:e1:fb:e2:4d:4d:32:93:82:
                    01:41:12:bb:92:1d:ff:44:38:43:d3:43:a5:c7:18:
                    77:0b:fa:6a:63:39:c0:b0:9c:31:68:ad:56:f7:65:
                    1e:53:eb:d4:d7:a1:da:bf:d9:45:48:f8:db:e3:eb:
                    7e:d0:d5:2d:8a:42:02:11:47:ee:36:47:a9:cc:70:
                    d2:fe:28:f6:8e:38:8f:1f:6f:a1:5d:56:2f:d9:03:
                    4d:6c:98:d7:6a:4d:97:ac:53:76:c4:91:eb:f3:6c:
                    03:3e:45:d2:56:74:d0:cf:9b:26:c1:8c:eb:d2:5f:
                    b8:7d:1b:b9:02:cb:75:7b:84:58:6f:d0:55:f5:50:
                    69:f6:cf:34:3a:13:0e:64:68:dd:b1:43:0d:82:d8:
                    e5:76:88:21:c1:b0:8f:f2:6a:8a:1f:2c:32:d5:44:
                    e8:7b:61:04:ab:d5:b1:46:89:b7:f0:81:eb:4d:5b:
                    1f:09:9c:4a:4e:ef:5f:ee:b2:75:bc:b5:54:47:f3:
                    2d:63:ae:6b:12:12:03:06:e9:02:bb:f7:dc:28:3b:
                    64:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:A5:19:4D:AD:A1:25:DB:EF:24:E4:C0:71:E9:71:E2:EC:1F:7C:11
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MKUZTa2hJdvvJOTAcelx4uwffBE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.152.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:7d:11:be:c4:3b:6a:22:59:47:2f:ed:70:24:0d:f2:9f:e3:
         7b:6e:41:2e:f1:d8:f6:ff:4a:d5:6a:b8:e7:a5:a9:bd:1b:fa:
         77:a1:30:6f:f1:0b:9f:14:8e:79:5e:76:88:82:8a:d1:c8:84:
         78:26:6c:93:47:1d:f0:cc:ab:c3:72:0b:52:84:ff:32:21:a7:
         ab:93:b0:d3:d4:14:8f:ba:99:aa:2d:e8:34:b1:4b:e8:17:43:
         cf:b3:77:1f:a6:17:1e:3f:ba:4d:4b:be:a4:ea:62:ab:b0:f5:
         8c:62:7f:c8:7e:a4:01:8a:08:f6:19:09:79:8a:cb:b7:94:da:
         49:72:25:9c:02:44:cb:77:49:22:88:85:74:66:ae:09:15:c9:
         46:7e:f1:a9:79:d3:c7:54:93:0c:6a:a8:81:08:85:89:ec:a6:
         fe:2c:99:eb:c8:7d:25:85:b2:8e:af:64:21:fb:56:7e:35:94:
         bd:77:83:38:fb:29:11:91:85:8d:6d:ce:6c:c9:da:86:ea:59:
         62:a2:2d:16:2b:67:85:98:fd:77:b5:f7:1c:30:b3:06:95:d7:
         63:62:0a:77:18:66:a1:e7:31:d9:c9:f2:5e:fc:92:56:0c:1e:
         ce:03:6c:d4:ff:f7:c1:09:85:95:6c:ae:e8:cb:b0:73:25:aa:
         97:b4:24:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYltzSNghlbvXDT2djwTC4mHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzE5MTA1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE1MTk0ZGFkYTEyNWRiZWYyNGU0YzA3MWU5NzFlMmVjMWY3YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7Phiav5jSYnFofkpN8gNvlgAbT2
4LK5VPpkRpyMWUgWd/3Slo61CTa5Hm8/TMsAWFC+4fviTU0yk4IBQRK7kh3/RDhD
00Olxxh3C/pqYznAsJwxaK1W92UeU+vU16Hav9lFSPjb4+t+0NUtikICEUfuNkep
zHDS/ij2jjiPH2+hXVYv2QNNbJjXak2XrFN2xJHr82wDPkXSVnTQz5smwYzr0l+4
fRu5Ast1e4RYb9BV9VBp9s80OhMOZGjdsUMNgtjldoghwbCP8mqKHywy1UToe2EE
q9WxRom38IHrTVsfCZxKTu9f7rJ1vLVUR/MtY65rEhIDBukCu/fcKDtkOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDClGU2toSXb7yTkwHHpceLsH3wRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTUtVWlRhMmhKZHZ2Sk9UQWNlbHg0dXdmZkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Zg+MA0G
CSqGSIb3DQEBCwUAA4IBAQCsfRG+xDtqIllHL+1wJA3yn+N7bkEu8dj2/0rVarjn
pam9G/p3oTBv8QufFI55XnaIgorRyIR4JmyTRx3wzKvDcgtShP8yIaerk7DT1BSP
upmqLeg0sUvoF0PPs3cfphceP7pNS76k6mKrsPWMYn/IfqQBigj2GQl5isu3lNpJ
ciWcAkTLd0kiiIV0Zq4JFclGfvGpedPHVJMMaqiBCIWJ7Kb+LJnryH0lhbKOr2Qh
+1Z+NZS9d4M4+ykRkYWNbc5sydqG6llioi0WK2eFmP13tfccMLMGlddjYgp3GGah
5zHZyfJe/JJWDB7OA2zU//fBCYWVbK7oy7BzJaqXtCS4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org