Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa
File:                     MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa (raw, json)
Hash identifier:          wGizp5tBR8jiSXp56ecjPpCUI65c0kqVqU5EFCLnhC0=
Subject key identifier:   32:0B:43:A5:C3:75:5F:8C:5D:60:22:42:2D:D5:A0:C5:B6:50:2F:B0
Certificate issuer:       /CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
Certificate serial:       0185706752F74F0F6777C0D0F6CFA02C02A4
Authority key identifier: 11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa
Signing time:             Mon 02 Jan 2023 02:54:57 +0000
ROA not before:           Mon 02 Jan 2023 02:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9121
IP address blocks:        185.152.21.0/24 maxlen: 24
                          185.152.22.0/24 maxlen: 24
                          185.152.23.0/24 maxlen: 24
                          185.152.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:52:f7:4f:0f:67:77:c0:d0:f6:cf:a0:2c:02:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
        Validity
            Not Before: Jan  2 02:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=320b43a5c3755f8c5d6022422dd5a0c5b6502fb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:3a:8c:a7:ba:db:66:2f:49:6b:60:77:2d:f1:
                    b3:c9:07:57:29:a5:fc:36:5f:4d:1d:09:ab:a9:3c:
                    de:4e:69:c3:3b:50:84:14:ef:54:01:19:38:f5:e8:
                    0b:09:55:08:ef:0c:d6:34:8b:b3:a5:41:3d:7b:b3:
                    fd:80:24:e4:ed:1f:4d:58:f8:8a:10:dd:40:4c:13:
                    48:be:43:de:e7:f8:0a:67:ec:60:dc:8e:75:37:3e:
                    03:31:d3:d6:c3:19:cb:2f:d2:f2:04:88:40:6d:31:
                    c3:69:6b:05:41:e2:f0:3f:e9:80:5d:f9:8e:7e:43:
                    ec:38:d5:9e:f7:3f:54:72:6c:0b:bc:5c:62:dd:97:
                    26:93:46:24:c1:ae:35:1d:ab:b9:f4:8b:7f:85:5e:
                    af:08:e1:dd:3f:ca:e5:cc:a2:ab:0a:07:80:9d:06:
                    f7:01:a6:61:66:0a:49:77:a5:c9:72:b1:41:71:96:
                    ed:58:b2:25:93:70:bb:58:87:6a:3c:32:56:a3:e1:
                    84:b7:0b:ea:b9:bf:3e:97:9e:0b:a0:86:f0:f9:5d:
                    3b:26:d1:72:68:ce:c9:ea:78:1e:4d:60:2f:1c:fb:
                    5f:31:9e:3d:76:43:3b:bf:03:b1:51:1e:97:d4:57:
                    76:62:d2:e1:d6:db:b3:9c:88:99:87:6b:54:57:f8:
                    54:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:0B:43:A5:C3:75:5F:8C:5D:60:22:42:2D:D5:A0:C5:B6:50:2F:B0
            X509v3 Authority Key Identifier:
                keyid:11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/Ee_b1yf7W9U87GlXoptHwsNKg0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.152.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:d8:b9:e8:98:2c:4c:df:be:44:98:8d:b7:f6:8c:cd:c6:8b:
         23:94:82:82:8c:33:d9:fe:e7:0d:81:cf:c6:c2:4f:38:ef:73:
         ff:1c:73:87:d4:ca:26:e4:4f:66:47:43:2f:73:76:0a:78:c4:
         ba:5a:6b:80:32:8b:38:17:45:af:fe:12:5a:a9:01:ac:f9:e6:
         d2:5e:12:cc:4f:21:b5:ee:d9:07:f7:53:bd:30:1b:2e:c8:e8:
         26:49:86:d3:a9:3d:a6:9d:59:5a:5a:e9:52:63:ea:28:41:2f:
         47:8a:b9:38:0f:d0:98:8b:68:32:25:91:e5:3f:c8:9a:e9:60:
         22:f3:90:69:44:35:bd:14:27:58:90:22:2a:a6:d5:68:c5:d6:
         80:84:c7:ff:a7:11:fa:c9:c2:72:9b:d2:8d:28:05:28:57:48:
         64:75:cb:58:72:f3:f9:0c:7a:f8:ed:cd:e8:cc:d7:fe:60:24:
         17:9e:65:58:90:e7:f8:93:61:f6:7c:63:08:28:d3:c9:37:d1:
         66:4f:6b:b6:2c:39:3f:fa:14:a3:80:01:72:4e:3b:3a:91:d1:
         7a:88:27:54:ce:80:91:50:32:b8:0c:23:79:9a:57:95:26:c4:
         ba:7f:f2:b2:ae:1c:01:2b:0b:45:e0:27:6d:3a:72:3f:78:60:
         29:fb:82:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1L3Tw9nd8DQ9s+gLAKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWZkYmQ3MjdmYjViZDUzY2VjNjk1N2EyOWI0N2MyYzM0
YTgzNGMwHhcNMjMwMTAyMDI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBiNDNhNWMzNzU1ZjhjNWQ2MDIyNDIyZGQ1YTBjNWI2NTAyZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDqMp7rbZi9Ja2B3LfGzyQdXKaX8
Nl9NHQmrqTzeTmnDO1CEFO9UARk49egLCVUI7wzWNIuzpUE9e7P9gCTk7R9NWPiK
EN1ATBNIvkPe5/gKZ+xg3I51Nz4DMdPWwxnLL9LyBIhAbTHDaWsFQeLwP+mAXfmO
fkPsONWe9z9UcmwLvFxi3Zcmk0Ykwa41Hau59It/hV6vCOHdP8rlzKKrCgeAnQb3
AaZhZgpJd6XJcrFBcZbtWLIlk3C7WIdqPDJWo+GEtwvqub8+l54LoIbw+V07JtFy
aM7J6ngeTWAvHPtfMZ49dkM7vwOxUR6X1Fd2YtLh1tuznIiZh2tUV/hUKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDILQ6XDdV+MXWAiQi3VoMW2UC+wMB8GA1UdIwQY
MBaAFBHv29cn+1vVPOxpV6KbR8LDSoNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVfYjF5ZjdXOVU4N0dsWG9wdEh3c05LZzB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wNDdjZTQtNDRhZS00MjczLTk0ZmEt
ZGM2MzRlOGFhMmEzLzEvTWd0RHBjTjFYNHhkWUNKQ0xkV2d4YlpRTDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wNDdjZTQtNDRhZS00MjczLTk0ZmEtZGM2MzRlOGFhMmEz
LzEvRWVfYjF5ZjdXOVU4N0dsWG9wdEh3c05LZzB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZgUMA0G
CSqGSIb3DQEBCwUAA4IBAQBd2LnomCxM375EmI239ozNxosjlIKCjDPZ/ucNgc/G
wk8473P/HHOH1Mom5E9mR0Mvc3YKeMS6WmuAMos4F0Wv/hJaqQGs+ebSXhLMTyG1
7tkH91O9MBsuyOgmSYbTqT2mnVlaWulSY+ooQS9Hirk4D9CYi2gyJZHlP8ia6WAi
85BpRDW9FCdYkCIqptVoxdaAhMf/pxH6ycJym9KNKAUoV0hkdctYcvP5DHr47c3o
zNf+YCQXnmVYkOf4k2H2fGMIKNPJN9FmT2u2LDk/+hSjgAFyTjs6kdF6iCdUzoCR
UDK4DCN5mleVJsS6f/KyrhwBKwtF4CdtOnI/eGAp+4KB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:07 2024 by rpki-client on console-fra.rpki-client.org