Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/MN0QhO7vQJQsxn6qcM2HZJ0ERvA.roa
File:                     MN0QhO7vQJQsxn6qcM2HZJ0ERvA.roa (raw, json)
Hash identifier:          z6KISbVL6KqVqc3Ouke+06AM8tZyZ6DmZaVXaNaqbgg=
Subject key identifier:   30:DD:10:84:EE:EF:40:94:2C:C6:7E:AA:70:CD:87:64:9D:04:46:F0
Certificate issuer:       /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial:       0189455563E6EE57E004E73AE15245B8269F
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/MN0QhO7vQJQsxn6qcM2HZJ0ERvA.roa
Signing time:             Tue 11 Jul 2023 14:22:51 +0000
ROA not before:           Tue 11 Jul 2023 14:22:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        188.214.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:55:63:e6:ee:57:e0:04:e7:3a:e1:52:45:b8:26:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
        Validity
            Not Before: Jul 11 14:22:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30dd1084eeef40942cc67eaa70cd87649d0446f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:87:5c:10:c0:82:50:2f:97:12:c4:3b:be:de:
                    de:68:02:2a:9f:df:49:a8:53:f7:9a:be:73:bb:54:
                    77:63:38:b8:19:0f:2e:48:a8:91:14:2b:fa:9a:25:
                    e8:d7:f8:21:7e:2b:dc:98:2e:a2:92:db:54:a9:c3:
                    69:b0:ae:95:55:f0:4e:18:88:24:d2:a9:a8:c6:d6:
                    96:0a:3c:93:ec:a6:c6:44:7a:97:d1:82:07:f3:ab:
                    cf:f0:0e:05:f1:33:13:70:28:bb:74:b4:e8:4d:66:
                    b0:10:18:0d:20:f9:a9:4b:09:14:f1:ff:56:53:95:
                    95:07:82:89:10:f2:0e:11:5c:d7:08:38:51:89:bb:
                    9f:50:f5:81:8c:5b:ba:24:1a:c2:34:bd:b8:a4:c7:
                    3d:7b:1a:d1:d8:ca:96:55:2e:d8:75:8c:da:be:85:
                    47:fa:74:76:b3:61:9d:22:7a:15:82:77:05:a7:fc:
                    d8:58:7d:ba:66:83:af:ad:77:7a:67:f7:6d:5f:a8:
                    4f:c8:39:7d:b8:b7:8f:af:ed:f9:44:d8:88:f9:9a:
                    6f:27:31:34:30:5a:bd:ff:8a:f3:dc:b0:dc:0d:b8:
                    33:7d:90:25:8c:9d:e8:f1:61:2d:7e:c7:7b:80:b6:
                    5d:c0:97:cc:bd:7a:8d:4e:04:1d:dd:ee:fc:86:03:
                    cf:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:DD:10:84:EE:EF:40:94:2C:C6:7E:AA:70:CD:87:64:9D:04:46:F0
            X509v3 Authority Key Identifier:
                keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/MN0QhO7vQJQsxn6qcM2HZJ0ERvA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:2c:79:04:ba:77:94:c7:c1:6d:f4:ea:33:c9:30:4a:e7:d1:
         70:ca:c3:0a:17:62:dc:b1:42:3c:f9:3f:0f:3f:f2:ce:57:7f:
         22:24:a9:7d:bb:f8:4c:66:a9:1e:87:2b:f3:71:2d:a7:cb:7e:
         31:80:3f:25:58:85:95:57:72:5f:5c:b2:48:07:96:85:ac:01:
         f8:c8:a3:a8:10:d4:9c:77:61:a3:bf:b2:cf:53:7d:fd:6b:bf:
         fe:0b:02:cb:5b:2b:12:da:9a:48:2d:ac:55:f2:5b:e8:da:4c:
         93:55:e7:a0:35:a1:42:76:d0:f1:f4:6c:c1:84:2b:3d:34:bd:
         a3:46:d2:21:e0:c3:a0:c6:b8:a7:79:3a:0e:94:e2:6c:9d:02:
         fd:6a:b7:c9:56:02:47:44:97:71:10:6d:81:d8:bf:a7:6c:0d:
         59:de:63:1f:0f:79:fe:45:c8:d2:dd:01:85:de:74:15:82:66:
         37:00:2e:ad:27:e1:4d:65:26:5f:12:25:7b:ee:20:98:93:7e:
         2d:4c:b8:ff:43:80:3d:e6:3b:80:32:e7:19:a0:b1:b3:bb:03:
         cf:a6:c3:ba:54:c0:99:e9:b8:c4:44:01:8f:d4:35:04:a2:4f:
         4f:50:f6:39:fe:3a:a2:c9:6e:d2:0d:7b:d6:4b:66:a7:0d:ac:
         c9:51:8e:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlFVWPm7lfgBOc64VJFuCafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwNzExMTQyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGRkMTA4NGVlZWY0MDk0MmNjNjdlYWE3MGNkODc2NDlkMDQ0NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4dcEMCCUC+XEsQ7vt7eaAIqn99J
qFP3mr5zu1R3Yzi4GQ8uSKiRFCv6miXo1/ghfivcmC6ikttUqcNpsK6VVfBOGIgk
0qmoxtaWCjyT7KbGRHqX0YIH86vP8A4F8TMTcCi7dLToTWawEBgNIPmpSwkU8f9W
U5WVB4KJEPIOEVzXCDhRibufUPWBjFu6JBrCNL24pMc9exrR2MqWVS7YdYzavoVH
+nR2s2GdInoVgncFp/zYWH26ZoOvrXd6Z/dtX6hPyDl9uLePr+35RNiI+ZpvJzE0
MFq9/4rz3LDcDbgzfZAljJ3o8WEtfsd7gLZdwJfMvXqNTgQd3e78hgPPGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDdEITu70CULMZ+qnDNh2SdBEbwMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvTU4wUWhPN3ZRSlFzeG42cWNNMkhaSjBFUnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNZeMA0G
CSqGSIb3DQEBCwUAA4IBAQCaLHkEuneUx8Ft9OozyTBK59FwysMKF2LcsUI8+T8P
P/LOV38iJKl9u/hMZqkehyvzcS2ny34xgD8lWIWVV3JfXLJIB5aFrAH4yKOoENSc
d2Gjv7LPU339a7/+CwLLWysS2ppILaxV8lvo2kyTVeegNaFCdtDx9GzBhCs9NL2j
RtIh4MOgxrineToOlOJsnQL9arfJVgJHRJdxEG2B2L+nbA1Z3mMfD3n+RcjS3QGF
3nQVgmY3AC6tJ+FNZSZfEiV77iCYk34tTLj/Q4A95juAMucZoLGzuwPPpsO6VMCZ
6bjERAGP1DUEok9PUPY5/jqiyW7SDXvWS2anDazJUY6e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:57 2024 by rpki-client on console-fra.rpki-client.org