Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/mxlThrs5lHGaS5dbXu8HpQpKIpE.roa
File:                     mxlThrs5lHGaS5dbXu8HpQpKIpE.roa (raw, json)
Hash identifier:          FX/cdOtYJYycGEpaM5TkHnFy4JDxRaDeshItH9yrS+o=
Subject key identifier:   9B:19:53:86:BB:39:94:71:9A:4B:97:5B:5E:EF:07:A5:0A:4A:22:91
Certificate issuer:       /CN=2c3e1c03efa2f2d9fff9dbec3325bc6c37694250
Certificate serial:       018572A7E1390F86977BA72139ACC3C300A6
Authority key identifier: 2C:3E:1C:03:EF:A2:F2:D9:FF:F9:DB:EC:33:25:BC:6C:37:69:42:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/mxlThrs5lHGaS5dbXu8HpQpKIpE.roa
Signing time:             Mon 02 Jan 2023 13:24:42 +0000
ROA not before:           Mon 02 Jan 2023 13:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57687
IP address blocks:        185.129.171.0/24 maxlen: 24
                          185.129.170.0/24 maxlen: 24
                          185.129.169.0/24 maxlen: 24
                          185.129.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:a7:e1:39:0f:86:97:7b:a7:21:39:ac:c3:c3:00:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c3e1c03efa2f2d9fff9dbec3325bc6c37694250
        Validity
            Not Before: Jan  2 13:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b195386bb3994719a4b975b5eef07a50a4a2291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:15:b7:a1:df:d1:16:43:73:5d:aa:68:9d:01:
                    d5:ea:34:c0:91:3b:01:a5:4d:1f:79:b9:dc:40:b5:
                    4d:21:56:68:6d:6a:e1:82:aa:c9:e2:7d:f3:48:49:
                    53:42:e4:4a:f8:30:dc:e9:83:09:f2:bf:0c:3b:4c:
                    d2:53:ba:29:f8:39:03:02:3b:e0:3d:08:d8:5d:66:
                    01:f8:10:41:2d:2a:91:38:d5:04:2a:94:10:e7:c3:
                    ac:69:c4:6c:fa:01:d5:7a:55:89:94:c9:2f:8b:16:
                    39:86:b6:14:7a:c1:5f:50:f3:25:57:0f:32:d5:31:
                    9a:18:5a:ce:7d:b2:55:ea:8e:08:e7:ce:62:22:9d:
                    14:d8:1d:e2:4d:3a:53:3c:24:47:99:b4:38:fb:a6:
                    89:62:f9:73:b3:c6:0f:6c:c6:4b:1d:2e:38:8b:d9:
                    06:a0:9b:53:cc:0c:d5:1c:3f:d6:0a:f3:16:df:8b:
                    d4:50:6f:73:62:7f:4c:8e:7f:c1:98:e6:c5:a3:8c:
                    28:c7:4d:e1:81:c6:bb:ce:bc:9e:8d:15:18:ef:ac:
                    ab:5d:8b:91:9e:36:f3:23:50:61:ed:67:47:2e:ac:
                    55:f4:5f:aa:1c:77:dd:5c:12:44:43:53:40:8b:49:
                    c7:13:fa:38:c6:b0:ed:d6:9f:37:b9:61:55:00:6f:
                    05:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:19:53:86:BB:39:94:71:9A:4B:97:5B:5E:EF:07:A5:0A:4A:22:91
            X509v3 Authority Key Identifier:
                keyid:2C:3E:1C:03:EF:A2:F2:D9:FF:F9:DB:EC:33:25:BC:6C:37:69:42:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/mxlThrs5lHGaS5dbXu8HpQpKIpE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/LD4cA--i8tn_-dvsMyW8bDdpQlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.129.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:4b:65:0e:d6:8c:fe:ce:cc:e0:10:82:3e:3d:8e:7f:55:01:
         4e:31:c5:72:2a:6a:61:37:90:07:84:d3:8a:cd:dc:20:bf:bf:
         1a:66:dd:8f:b8:c6:6a:3b:1b:ca:0a:82:40:f3:a2:0f:cb:eb:
         f4:47:5d:f4:78:fe:48:44:c1:7b:a9:52:c1:a4:d2:3a:42:29:
         bd:35:9b:87:46:c0:46:6b:67:14:3e:96:cf:96:b5:94:c4:8d:
         32:01:6e:a1:fa:f4:26:18:71:6c:63:5a:c6:45:ac:32:3a:d9:
         34:f7:e7:d3:eb:e5:cc:23:a4:21:43:79:65:63:06:27:55:9d:
         88:33:c7:a8:05:ea:60:92:49:bd:f0:be:96:38:25:66:00:27:
         35:c8:59:a3:ad:d3:76:5a:15:8f:4a:7b:1b:54:3a:38:12:59:
         09:95:25:76:d7:11:a1:27:37:b1:81:04:d6:de:bc:02:0f:eb:
         a7:15:d5:cd:ec:b2:a0:4e:2f:a4:f2:88:0f:c6:50:1f:e3:21:
         3d:1c:e6:cd:5d:43:eb:0b:f2:49:2f:7c:82:b0:94:ad:bf:6c:
         c1:23:a9:f0:8c:70:89:84:1c:09:3e:d3:12:14:8e:e7:6f:c5:
         3e:5c:05:51:13:a0:86:81:1c:89:1f:21:f3:dc:ee:a9:3e:1d:
         00:4b:37:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyp+E5D4aXe6chOazDwwCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2UxYzAzZWZhMmYyZDlmZmY5ZGJlYzMzMjViYzZjMzc2
OTQyNTAwHhcNMjMwMTAyMTMyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE5NTM4NmJiMzk5NDcxOWE0Yjk3NWI1ZWVmMDdhNTBhNGEyMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhW3od/RFkNzXaponQHV6jTAkTsB
pU0febncQLVNIVZobWrhgqrJ4n3zSElTQuRK+DDc6YMJ8r8MO0zSU7op+DkDAjvg
PQjYXWYB+BBBLSqRONUEKpQQ58OsacRs+gHVelWJlMkvixY5hrYUesFfUPMlVw8y
1TGaGFrOfbJV6o4I585iIp0U2B3iTTpTPCRHmbQ4+6aJYvlzs8YPbMZLHS44i9kG
oJtTzAzVHD/WCvMW34vUUG9zYn9Mjn/BmObFo4wox03hgca7zryejRUY76yrXYuR
njbzI1Bh7WdHLqxV9F+qHHfdXBJEQ1NAi0nHE/o4xrDt1p83uWFVAG8FHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsZU4a7OZRxmkuXW17vB6UKSiKRMB8GA1UdIwQY
MBaAFCw+HAPvovLZ//nb7DMlvGw3aUJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEQ0Y0EtLWk4dG5fLWR2c015VzhiRGRwUWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9kY2JkM2EtNzUyOC00OTllLWEzYmQt
YmYyODg3NWFiMjYxLzEvbXhsVGhyczVsSEdhUzVkYlh1OEhwUXBLSXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9kY2JkM2EtNzUyOC00OTllLWEzYmQtYmYyODg3NWFiMjYx
LzEvTEQ0Y0EtLWk4dG5fLWR2c015VzhiRGRwUWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYGoMA0G
CSqGSIb3DQEBCwUAA4IBAQB3S2UO1oz+zszgEII+PY5/VQFOMcVyKmphN5AHhNOK
zdwgv78aZt2PuMZqOxvKCoJA86IPy+v0R130eP5IRMF7qVLBpNI6Qim9NZuHRsBG
a2cUPpbPlrWUxI0yAW6h+vQmGHFsY1rGRawyOtk09+fT6+XMI6QhQ3llYwYnVZ2I
M8eoBepgkkm98L6WOCVmACc1yFmjrdN2WhWPSnsbVDo4ElkJlSV21xGhJzexgQTW
3rwCD+unFdXN7LKgTi+k8ogPxlAf4yE9HObNXUPrC/JJL3yCsJStv2zBI6nwjHCJ
hBwJPtMSFI7nb8U+XAVRE6CGgRyJHyHz3O6pPh0ASze3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:53 2024 by rpki-client on console-ams.rpki-client.org