Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/mMCV02MVPIGQfGDifaKnOC-cHDk.roa
File:                     mMCV02MVPIGQfGDifaKnOC-cHDk.roa (raw, json)
Hash identifier:          /zDlRsAmN6mUNB6QsQXXxJumEi8ZHEo+Io/NO9GidXA=
Subject key identifier:   98:C0:95:D3:63:15:3C:81:90:7C:60:E2:7D:A2:A7:38:2F:9C:1C:39
Certificate issuer:       /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial:       018CEA1E90FF5CECEC3852F4C6E82BFD41BF
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/mMCV02MVPIGQfGDifaKnOC-cHDk.roa
Signing time:             Mon 08 Jan 2024 17:28:40 +0000
ROA not before:           Mon 08 Jan 2024 17:28:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216129
IP address blocks:        202.181.188.0/24 maxlen: 24
                          107.161.154.0/24 maxlen: 24
                          199.83.103.0/24 maxlen: 24
                          2a13:d200:7::/48 maxlen: 48
                          2a13:d200::/29 maxlen: 29
                          2a13:d200:8::/48 maxlen: 48
                          2a13:d200:10::/48 maxlen: 48
                          2a13:d200:6::/48 maxlen: 48
                          2a13:d200:9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 20 Jan 2024 23:25:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ea:1e:90:ff:5c:ec:ec:38:52:f4:c6:e8:2b:fd:41:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
        Validity
            Not Before: Jan  8 17:28:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=98c095d363153c81907c60e27da2a7382f9c1c39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c2:05:f0:f8:a6:29:3c:b7:67:c1:39:72:7b:
                    da:12:94:bd:07:13:a7:30:2e:fd:15:54:db:53:04:
                    06:c6:e1:e4:42:3d:ee:90:66:4d:80:0d:9a:ed:0d:
                    ca:a2:a9:06:b8:d1:be:b8:ed:c1:82:c2:af:9e:8b:
                    1e:d2:c4:0f:90:67:af:9f:51:8f:be:d9:db:40:3b:
                    08:2b:af:6c:4e:3d:c3:f7:81:3b:98:dd:ae:66:eb:
                    19:c1:c8:b6:22:d1:b0:08:d8:41:bc:76:e8:8d:d6:
                    67:75:78:02:33:92:84:de:5d:06:2b:02:85:f4:7a:
                    b2:e2:4b:0f:f4:74:76:43:2a:04:02:8a:57:0b:a3:
                    fa:ef:61:38:8e:ac:1d:7e:65:3f:02:13:f4:fd:fc:
                    02:d7:8b:b1:59:1c:08:03:4e:fc:f1:76:d0:b8:e6:
                    81:a5:c4:5a:a1:7a:e2:0b:d6:9d:a9:e8:ca:63:50:
                    23:22:20:b8:9f:ab:23:96:94:a9:97:82:c7:d5:c7:
                    29:01:75:71:01:43:65:a4:f8:3d:c3:b9:69:98:1e:
                    f4:a3:94:fc:c6:05:f8:ae:da:c2:bd:9b:1d:95:62:
                    cc:f7:5a:73:54:55:21:b8:b8:20:d4:2f:68:0b:74:
                    3b:6e:a0:d0:25:84:33:44:7c:10:73:5a:a3:9f:55:
                    6a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C0:95:D3:63:15:3C:81:90:7C:60:E2:7D:A2:A7:38:2F:9C:1C:39
            X509v3 Authority Key Identifier:
                keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/mMCV02MVPIGQfGDifaKnOC-cHDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.161.154.0/24
                  199.83.103.0/24
                  202.181.188.0/24
                IPv6:
                  2a13:d200::/29

    Signature Algorithm: sha256WithRSAEncryption
         94:5b:d1:f7:27:d1:f8:49:1a:27:7f:4a:98:12:96:ed:35:3a:
         8b:cd:29:e8:78:6b:31:46:4e:80:5d:89:49:b7:dd:2d:41:3a:
         10:dc:6e:74:56:65:a9:87:63:c2:6c:50:84:8d:fe:56:52:47:
         dd:84:08:1a:72:7f:5f:fa:56:c6:80:54:a2:90:79:82:45:45:
         f6:76:3f:da:e7:b5:cc:4e:22:c1:02:8d:ba:98:5a:05:d1:0f:
         ae:3d:e5:17:0c:80:a9:f3:7c:3f:a3:99:d2:49:2f:5f:d4:ac:
         e7:e6:36:2e:7e:a8:4f:5d:d7:60:c5:73:21:02:12:b7:a1:fd:
         b6:e8:a1:11:fd:a0:4c:ce:bd:5b:9e:2c:2d:b4:3b:97:72:52:
         da:72:ae:f4:01:fc:b2:07:06:53:96:df:68:cc:c4:94:18:12:
         b0:87:2f:a6:bd:a4:05:26:d7:a0:9a:bf:cd:ac:3e:97:15:d3:
         87:2b:09:57:8a:dc:6b:ec:c2:63:7c:98:ef:09:a6:e7:f7:de:
         d0:ce:11:f3:0c:47:1d:1d:18:7e:13:23:b6:f9:a5:8f:c0:64:
         29:b2:ae:5e:23:b6:32:02:94:38:01:46:b6:61:e4:9a:9c:e2:
         d4:31:66:c2:9e:85:e9:88:97:a3:ce:24:d7:a4:ea:38:9c:b7:
         82:0f:85:ed
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzqHpD/XOzsOFL0xugr/UG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjQwMTA4MTcyODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGMwOTVkMzYzMTUzYzgxOTA3YzYwZTI3ZGEyYTczODJmOWMxYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMIF8PimKTy3Z8E5cnvaEpS9BxOn
MC79FVTbUwQGxuHkQj3ukGZNgA2a7Q3KoqkGuNG+uO3BgsKvnose0sQPkGevn1GP
vtnbQDsIK69sTj3D94E7mN2uZusZwci2ItGwCNhBvHbojdZndXgCM5KE3l0GKwKF
9Hqy4ksP9HR2QyoEAopXC6P672E4jqwdfmU/AhP0/fwC14uxWRwIA0788XbQuOaB
pcRaoXriC9adqejKY1AjIiC4n6sjlpSpl4LH1ccpAXVxAUNlpPg9w7lpmB70o5T8
xgX4rtrCvZsdlWLM91pzVFUhuLgg1C9oC3Q7bqDQJYQzRHwQc1qjn1Vq6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJjAldNjFTyBkHxg4n2ipzgvnBw5MB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvbU1DVjAyTVZQSUdRZkdEaWZhS25PQy1jSERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAa6GaAwQA
x1NnAwQAyrW8MA0EAgACMAcDBQMqE9IAMA0GCSqGSIb3DQEBCwUAA4IBAQCUW9H3
J9H4SRonf0qYEpbtNTqLzSnoeGsxRk6AXYlJt90tQToQ3G50VmWph2PCbFCEjf5W
UkfdhAgacn9f+lbGgFSikHmCRUX2dj/a57XMTiLBAo26mFoF0Q+uPeUXDICp83w/
o5nSSS9f1Kzn5jYufqhPXddgxXMhAhK3of226KER/aBMzr1bniwttDuXclLacq70
AfyyBwZTlt9ozMSUGBKwhy+mvaQFJtegmr/NrD6XFdOHKwlXitxr7MJjfJjvCabn
997QzhHzDEcdHRh+EyO2+aWPwGQpsq5eI7YyApQ4AUa2YeSanOLUMWbCnoXpiJej
ziTXpOo4nLeCD4Xt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:12 2024 by rpki-client on console-fra.rpki-client.org