Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/mbK205NoPnzBbIA0l9uiSnTBhM0.roa
File:                     mbK205NoPnzBbIA0l9uiSnTBhM0.roa (raw, json)
Hash identifier:          aZAY4M82pZpwmTLtCaD/sVuvsSGK4F3faxqyJpetsps=
Subject key identifier:   99:B2:B6:D3:93:68:3E:7C:C1:6C:80:34:97:DB:A2:4A:74:C1:84:CD
Certificate issuer:       /CN=d5f065c8bdb78ff294f7c5454971dbfabfb6c184
Certificate serial:       018570E75870DFA1202DD2990957EE4D950D
Authority key identifier: D5:F0:65:C8:BD:B7:8F:F2:94:F7:C5:45:49:71:DB:FA:BF:B6:C1:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/mbK205NoPnzBbIA0l9uiSnTBhM0.roa
Signing time:             Mon 02 Jan 2023 05:14:47 +0000
ROA not before:           Mon 02 Jan 2023 05:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        193.178.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 15:09:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:58:70:df:a1:20:2d:d2:99:09:57:ee:4d:95:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f065c8bdb78ff294f7c5454971dbfabfb6c184
        Validity
            Not Before: Jan  2 05:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99b2b6d393683e7cc16c803497dba24a74c184cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:50:57:d7:ad:4b:68:d3:5c:96:79:5b:9f:42:
                    15:e2:81:49:46:eb:73:bd:20:f3:ac:4f:23:d6:d9:
                    44:56:24:26:38:10:74:fb:fe:55:fc:aa:f2:1a:de:
                    f0:d7:0e:09:9c:98:ad:32:46:b1:84:07:e5:92:64:
                    04:91:ea:3b:9b:c5:89:3e:53:17:df:55:ea:e3:35:
                    f0:73:b8:5c:7e:ef:7b:34:a2:e2:46:6c:c5:c0:19:
                    40:d9:2c:63:cf:1f:d1:09:2f:f0:34:4a:21:97:19:
                    21:f5:6d:fb:ed:61:52:ff:3e:c2:15:d7:1d:6f:dc:
                    25:ba:e0:0a:90:67:bd:32:31:3f:ef:e6:59:35:f8:
                    26:6c:d6:b8:f2:54:6e:8e:ac:88:38:32:9e:cd:eb:
                    07:2e:3e:38:b2:b7:2c:0d:a5:1d:3a:31:4e:da:77:
                    53:b4:8c:94:eb:71:15:60:b3:b7:9a:7c:01:09:cd:
                    b5:84:da:36:8f:a0:4b:4a:14:a3:a7:32:33:3e:99:
                    7d:0c:8d:bd:13:1e:86:e1:8b:75:93:52:d6:73:75:
                    0f:d4:bf:0c:dc:2e:48:76:6a:04:9a:d6:19:fc:b8:
                    6d:52:82:b0:6d:0b:12:61:b8:c1:8a:5f:96:f8:ba:
                    2f:20:a5:dc:e4:cb:2f:0b:43:00:79:ed:25:69:d9:
                    db:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:B2:B6:D3:93:68:3E:7C:C1:6C:80:34:97:DB:A2:4A:74:C1:84:CD
            X509v3 Authority Key Identifier:
                keyid:D5:F0:65:C8:BD:B7:8F:F2:94:F7:C5:45:49:71:DB:FA:BF:B6:C1:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/mbK205NoPnzBbIA0l9uiSnTBhM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1fBlyL23j_KU98VFSXHb-r-2wYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:45:84:af:6a:68:9c:a2:8f:c2:9b:0a:13:b3:36:84:a9:11:
         d9:b1:d1:20:b9:c2:72:36:4e:81:4e:98:32:65:2b:fe:c8:23:
         86:0f:46:b7:74:d1:1f:15:5e:c3:88:62:7d:e7:7e:22:bd:a3:
         ad:fa:fd:67:c8:fc:64:ac:cc:04:c0:ab:5a:18:02:2a:30:c1:
         b8:7c:a1:9c:64:a9:38:18:8f:8b:34:75:af:3a:d8:5c:3a:ff:
         0d:2c:e0:bb:f0:6c:b5:3c:47:1c:ce:27:c6:6b:5c:47:73:ea:
         f0:68:2c:ec:9b:a1:eb:04:ba:32:4c:72:5c:3f:72:e5:b5:6d:
         96:66:a9:93:70:7d:94:7e:9f:5d:10:d1:f8:77:8d:46:27:93:
         40:a1:c3:bf:99:70:a1:78:b2:41:0c:a6:69:3d:06:8d:de:92:
         61:84:26:a2:36:d5:24:ce:06:2e:2e:03:cd:c2:ad:b8:53:d4:
         78:f4:6d:7a:59:1f:30:d6:d2:7d:0c:76:67:8c:5f:e3:12:7c:
         0d:f1:32:37:f8:28:a2:11:91:3b:2a:3a:db:eb:5a:f6:9c:c4:
         bc:23:9e:69:94:02:8d:a5:f1:9a:ea:9c:70:e5:63:43:5e:7f:
         88:28:79:76:09:6b:e5:c3:21:be:c8:9e:fe:66:96:5c:c2:b3:
         09:64:18:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51hw36EgLdKZCVfuTZUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjA2NWM4YmRiNzhmZjI5NGY3YzU0NTQ5NzFkYmZhYmZi
NmMxODQwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIyYjZkMzkzNjgzZTdjYzE2YzgwMzQ5N2RiYTI0YTc0YzE4NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVBX161LaNNclnlbn0IV4oFJRutz
vSDzrE8j1tlEViQmOBB0+/5V/KryGt7w1w4JnJitMkaxhAflkmQEkeo7m8WJPlMX
31Xq4zXwc7hcfu97NKLiRmzFwBlA2Sxjzx/RCS/wNEohlxkh9W377WFS/z7CFdcd
b9wluuAKkGe9MjE/7+ZZNfgmbNa48lRujqyIODKezesHLj44srcsDaUdOjFO2ndT
tIyU63EVYLO3mnwBCc21hNo2j6BLShSjpzIzPpl9DI29Ex6G4Yt1k1LWc3UP1L8M
3C5IdmoEmtYZ/LhtUoKwbQsSYbjBil+W+LovIKXc5MsvC0MAee0ladnbdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmyttOTaD58wWyANJfbokp0wYTNMB8GA1UdIwQY
MBaAFNXwZci9t4/ylPfFRUlx2/q/tsGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZCbHlMMjNqX0tVOThWRlNYSGItci0yd1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mMjc3ZWEtNzI2YS00MDUyLThlNWIt
MzVhNWRjMmM3OTJjLzEvbWJLMjA1Tm9QbnpCYklBMGw5dWlTblRCaE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mMjc3ZWEtNzI2YS00MDUyLThlNWItMzVhNWRjMmM3OTJj
LzEvMWZCbHlMMjNqX0tVOThWRlNYSGItci0yd1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbJzMA0G
CSqGSIb3DQEBCwUAA4IBAQCFRYSvamicoo/CmwoTszaEqRHZsdEgucJyNk6BTpgy
ZSv+yCOGD0a3dNEfFV7DiGJ9534ivaOt+v1nyPxkrMwEwKtaGAIqMMG4fKGcZKk4
GI+LNHWvOthcOv8NLOC78Gy1PEcczifGa1xHc+rwaCzsm6HrBLoyTHJcP3LltW2W
ZqmTcH2Ufp9dENH4d41GJ5NAocO/mXCheLJBDKZpPQaN3pJhhCaiNtUkzgYuLgPN
wq24U9R49G16WR8w1tJ9DHZnjF/jEnwN8TI3+CiiEZE7Kjrb61r2nMS8I55plAKN
pfGa6pxw5WNDXn+IKHl2CWvlwyG+yJ7+ZpZcwrMJZBgv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:32 2024 by rpki-client on console-ams.rpki-client.org