Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/MwXyhHisJqHatg9nPQPH_kPP5ZU.roa
File:                     MwXyhHisJqHatg9nPQPH_kPP5ZU.roa (raw, json)
Hash identifier:          77hJZ+g0KnkPbYI57kVIpO6pXcpUU5KxEHaiKDo8Yxo=
Subject key identifier:   33:05:F2:84:78:AC:26:A1:DA:B6:0F:67:3D:03:C7:FE:43:CF:E5:95
Certificate issuer:       /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial:       0186A22C7A0534F796317AAFE81311A47E4F
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/MwXyhHisJqHatg9nPQPH_kPP5ZU.roa
Signing time:             Thu 02 Mar 2023 11:54:29 +0000
ROA not before:           Thu 02 Mar 2023 11:54:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     98589
IP address blocks:        2a00:c9e7:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 04 Mar 2023 07:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:2c:7a:05:34:f7:96:31:7a:af:e8:13:11:a4:7e:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
        Validity
            Not Before: Mar  2 11:54:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3305f28478ac26a1dab60f673d03c7fe43cfe595
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:eb:97:4e:8b:a0:5e:7f:64:e4:4c:83:6b:a7:
                    f9:95:64:39:61:4d:61:83:af:5f:22:94:ca:96:2f:
                    ef:ea:a2:36:12:63:e8:e4:7d:69:01:71:d4:5a:8b:
                    59:ad:e1:83:d2:33:c1:a2:8c:3b:0c:3f:bf:1b:64:
                    23:13:d7:8d:6c:f5:63:2f:8e:1a:18:4a:8b:33:69:
                    37:e0:e3:18:b7:87:7b:b7:79:1f:0f:77:69:2a:d5:
                    a7:c7:11:c1:27:39:96:d0:e3:e4:88:40:ba:49:9a:
                    8e:f9:53:c8:67:ad:a6:b1:95:6e:a1:39:9b:ec:5e:
                    6c:4d:97:46:8c:b4:b4:a1:b3:33:39:78:f7:74:0f:
                    54:e2:45:11:90:0a:32:5a:89:93:5e:81:58:24:71:
                    88:09:40:d5:7d:45:5a:eb:b1:7b:71:38:72:51:f5:
                    a8:bd:17:a0:3f:6c:7f:f1:27:c7:a3:69:a2:9e:92:
                    ec:c4:1c:46:d9:ba:b5:37:e0:32:4b:75:95:b8:75:
                    28:f1:70:0d:57:af:f5:a3:cd:45:19:5f:28:85:4d:
                    89:eb:bd:99:ab:af:84:e5:19:be:77:a7:7d:59:14:
                    f8:25:7a:00:e1:15:0e:c3:41:05:9c:8d:62:87:1c:
                    33:b6:2a:27:73:0e:0b:d0:93:f8:cf:36:9c:42:cc:
                    0e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:05:F2:84:78:AC:26:A1:DA:B6:0F:67:3D:03:C7:FE:43:CF:E5:95
            X509v3 Authority Key Identifier:
                keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/MwXyhHisJqHatg9nPQPH_kPP5ZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:c9e7:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:48:a1:99:80:b4:da:dc:76:d4:a1:75:33:11:60:f1:bb:8c:
         a9:3c:ac:c3:16:9e:ad:6f:85:fa:15:ea:67:73:d5:b6:a2:de:
         ad:0a:5d:33:ee:b8:61:e8:16:15:33:f2:12:f0:0b:d1:85:b1:
         78:52:d8:a7:68:7c:ef:14:df:3c:c1:51:b6:fe:dc:b3:c0:7e:
         0c:ff:99:aa:57:8b:e4:94:19:0f:a1:ea:93:f8:23:b0:07:6c:
         5a:3b:e5:3a:fb:40:e3:03:0f:64:8f:5e:f6:23:2c:e5:2e:c6:
         9b:c4:2b:84:e3:55:11:5e:20:f3:1d:90:f1:bf:3d:9f:67:0a:
         4c:50:83:d9:70:d4:c0:76:4e:5e:b0:3e:ef:69:db:3f:e4:a6:
         7b:53:de:c7:02:a9:86:22:7d:93:b3:d8:5d:98:6b:35:a9:46:
         db:d5:42:a8:1f:6a:4d:b6:50:9a:db:70:9b:70:47:a4:06:ea:
         0f:89:b8:4e:39:8d:6e:13:27:2c:39:76:83:7b:78:23:25:47:
         75:32:1e:8b:64:ea:77:6d:1f:27:ee:ea:59:65:22:6a:04:67:
         fb:a0:64:11:63:ec:70:34:72:46:e7:e6:fb:52:54:52:ab:eb:
         cd:cc:9d:50:52:d0:da:9f:26:5c:62:d4:bc:cd:c5:cc:85:1a:
         24:f6:a9:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaiLHoFNPeWMXqv6BMRpH5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjMwMzAyMTE1NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA1ZjI4NDc4YWMyNmExZGFiNjBmNjczZDAzYzdmZTQzY2ZlNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeuXTougXn9k5EyDa6f5lWQ5YU1h
g69fIpTKli/v6qI2EmPo5H1pAXHUWotZreGD0jPBoow7DD+/G2QjE9eNbPVjL44a
GEqLM2k34OMYt4d7t3kfD3dpKtWnxxHBJzmW0OPkiEC6SZqO+VPIZ62msZVuoTmb
7F5sTZdGjLS0obMzOXj3dA9U4kURkAoyWomTXoFYJHGICUDVfUVa67F7cThyUfWo
vRegP2x/8SfHo2minpLsxBxG2bq1N+AyS3WVuHUo8XANV6/1o81FGV8ohU2J672Z
q6+E5Rm+d6d9WRT4JXoA4RUOw0EFnI1ihxwztioncw4L0JP4zzacQswOmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDMF8oR4rCah2rYPZz0Dx/5Dz+WVMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvTXdYeWhIaXNKcUhhdGc5blBRUEhfa1BQNVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDJ5wAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAOSKGZgLTa3HbUoXUzEWDxu4ypPKzDFp6tb4X6
Fepnc9W2ot6tCl0z7rhh6BYVM/IS8AvRhbF4UtinaHzvFN88wVG2/tyzwH4M/5mq
V4vklBkPoeqT+COwB2xaO+U6+0DjAw9kj172IyzlLsabxCuE41URXiDzHZDxvz2f
ZwpMUIPZcNTAdk5esD7vads/5KZ7U97HAqmGIn2Ts9hdmGs1qUbb1UKoH2pNtlCa
23CbcEekBuoPibhOOY1uEycsOXaDe3gjJUd1Mh6LZOp3bR8n7upZZSJqBGf7oGQR
Y+xwNHJG5+b7UlRSq+vNzJ1QUtDanyZcYtS8zcXMhRok9qlw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org