Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/MKTGcTrksagEAeMuTQVgREhYlhM.roa
File:                     MKTGcTrksagEAeMuTQVgREhYlhM.roa (raw, json)
Hash identifier:          D6kYCPowiwi649P4QVpHqa7nMydOqflrmz+jdCrjLto=
Subject key identifier:   30:A4:C6:71:3A:E4:B1:A8:04:01:E3:2E:4D:05:60:44:48:58:96:13
Certificate issuer:       /CN=75905949e963d3577be076326ca0b91ff32f9684
Certificate serial:       018AB69560AAF28A15E12CEF9DDA52BDD639
Authority key identifier: 75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/MKTGcTrksagEAeMuTQVgREhYlhM.roa
Signing time:             Thu 21 Sep 2023 07:12:37 +0000
ROA not before:           Thu 21 Sep 2023 07:12:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.229.146.0/24 maxlen: 24
                          185.229.147.0/24 maxlen: 24
                          2a0d:d600::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b6:95:60:aa:f2:8a:15:e1:2c:ef:9d:da:52:bd:d6:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75905949e963d3577be076326ca0b91ff32f9684
        Validity
            Not Before: Sep 21 07:12:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30a4c6713ae4b1a80401e32e4d05604448589613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:17:86:20:24:90:c9:4e:69:71:64:60:35:00:
                    88:5e:a7:1c:a7:c7:da:26:89:41:92:c8:31:de:32:
                    35:4f:1c:88:7c:78:3e:57:f2:59:d2:d0:53:1c:f5:
                    ff:9b:59:80:03:42:1f:69:7d:73:a0:8a:7d:9d:74:
                    19:b8:56:66:c3:3f:35:05:79:32:e7:ec:5b:43:e1:
                    67:17:2c:c1:f6:15:28:73:02:00:18:e8:73:2f:62:
                    26:35:c4:97:0c:af:82:e3:ba:7a:54:c4:25:a9:a2:
                    ad:51:90:e6:1b:90:b7:3b:76:ec:48:69:bb:72:1d:
                    d2:d1:63:61:4c:c6:89:02:ae:70:50:91:31:58:9c:
                    7a:4f:da:e6:ce:d4:91:8d:c8:ae:39:95:e1:30:21:
                    43:e2:1e:97:b7:68:f2:eb:97:16:5e:68:e1:87:70:
                    cd:09:93:bd:ca:a7:05:b7:21:29:be:17:2e:0c:64:
                    68:ad:54:a2:f8:22:42:94:a5:3a:52:bd:46:90:32:
                    dd:f9:00:f4:8b:3a:e1:42:e5:22:63:91:9e:c9:de:
                    2c:6e:3e:a3:96:db:88:e2:55:f3:77:90:c8:59:7c:
                    7f:2a:ee:f5:0b:8a:06:8f:bd:0a:f2:12:fc:6c:54:
                    98:04:55:bb:d1:07:0c:fa:8b:35:3f:36:59:f3:9e:
                    6b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:A4:C6:71:3A:E4:B1:A8:04:01:E3:2E:4D:05:60:44:48:58:96:13
            X509v3 Authority Key Identifier:
                keyid:75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/MKTGcTrksagEAeMuTQVgREhYlhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/dZBZSelj01d74HYybKC5H_MvloQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.146.0/23
                IPv6:
                  2a0d:d600::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:2e:25:73:b4:f7:24:2f:63:47:3e:1e:56:8b:2f:12:a4:91:
         b8:84:c2:c1:3a:64:04:a1:80:1e:f8:9f:fa:72:13:3d:f3:7f:
         91:d3:42:70:09:4d:69:97:08:8e:ad:8a:c4:c1:2f:88:73:9b:
         6a:69:98:fb:18:4c:01:51:09:4c:a2:b6:8f:9e:4d:af:ef:b7:
         cc:fa:5a:1d:87:b8:99:e3:9b:15:f8:a8:e1:f9:88:36:b5:27:
         49:3f:95:57:7b:e3:88:2f:65:7b:b5:48:c3:6c:3f:f5:f8:d2:
         2b:b7:60:db:60:98:c6:a4:65:6a:94:d5:36:b0:a5:76:82:f7:
         10:15:79:82:fc:cc:e4:cf:11:03:63:bc:12:59:f2:58:59:2d:
         4b:3c:11:b2:0b:ba:c2:ca:c1:92:66:b2:4a:a4:66:7b:9f:1a:
         4b:73:56:b8:03:7a:d4:64:d8:47:7d:ff:87:c5:e2:fc:35:e9:
         a1:ef:a4:46:a8:8d:cd:be:6a:9f:09:8f:be:a6:08:d4:9e:25:
         43:b9:40:48:d3:62:b6:19:51:7f:ec:ab:98:48:bb:fe:43:bd:
         09:73:8f:92:93:fc:47:5f:06:55:54:00:42:99:c5:da:f8:ef:
         c7:52:a1:3a:fe:4b:4e:25:2f:0b:99:d9:0f:11:6c:bb:b2:af:
         b4:4e:7e:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYq2lWCq8ooV4SzvndpSvdY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTA1OTQ5ZTk2M2QzNTc3YmUwNzYzMjZjYTBiOTFmZjMy
Zjk2ODQwHhcNMjMwOTIxMDcxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE0YzY3MTNhZTRiMWE4MDQwMWUzMmU0ZDA1NjA0NDQ4NTg5NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlReGICSQyU5pcWRgNQCIXqccp8fa
JolBksgx3jI1TxyIfHg+V/JZ0tBTHPX/m1mAA0IfaX1zoIp9nXQZuFZmwz81BXky
5+xbQ+FnFyzB9hUocwIAGOhzL2ImNcSXDK+C47p6VMQlqaKtUZDmG5C3O3bsSGm7
ch3S0WNhTMaJAq5wUJExWJx6T9rmztSRjciuOZXhMCFD4h6Xt2jy65cWXmjhh3DN
CZO9yqcFtyEpvhcuDGRorVSi+CJClKU6Ur1GkDLd+QD0izrhQuUiY5Geyd4sbj6j
ltuI4lXzd5DIWXx/Ku71C4oGj70K8hL8bFSYBFW70QcM+os1PzZZ855rGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDCkxnE65LGoBAHjLk0FYERIWJYTMB8GA1UdIwQY
MBaAFHWQWUnpY9NXe+B2MmyguR/zL5aEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQt
MWE4MzAxYjdlNmRlLzEvTUtUR2NUcmtzYWdFQWVNdVRRVmdSRWhZbGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQtMWE4MzAxYjdlNmRl
LzEvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBueWSMA0E
AgACMAcDBQAqDdYAMA0GCSqGSIb3DQEBCwUAA4IBAQApLiVztPckL2NHPh5Wiy8S
pJG4hMLBOmQEoYAe+J/6chM983+R00JwCU1plwiOrYrEwS+Ic5tqaZj7GEwBUQlM
oraPnk2v77fM+lodh7iZ45sV+Kjh+Yg2tSdJP5VXe+OIL2V7tUjDbD/1+NIrt2Db
YJjGpGVqlNU2sKV2gvcQFXmC/MzkzxEDY7wSWfJYWS1LPBGyC7rCysGSZrJKpGZ7
nxpLc1a4A3rUZNhHff+HxeL8Nemh76RGqI3NvmqfCY++pgjUniVDuUBI02K2GVF/
7KuYSLv+Q70Jc4+Sk/xHXwZVVABCmcXa+O/HUqE6/ktOJS8LmdkPEWy7sq+0Tn5Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:13 2024 by rpki-client on console-fra.rpki-client.org