Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MtaxWzaSzTTbNrWjNmSXlJ4NEfI.roa
File:                     MtaxWzaSzTTbNrWjNmSXlJ4NEfI.roa (raw, json)
Hash identifier:          VrNeUxTlTKtLc5mrPWfCVP6evF3ZzIHO+RqP9FoXhwI=
Subject key identifier:   32:D6:B1:5B:36:92:CD:34:DB:36:B5:A3:36:64:97:94:9E:0D:11:F2
Certificate issuer:       /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial:       01870DA28320F24D8DA7A6CA9A552B8A80D5
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MtaxWzaSzTTbNrWjNmSXlJ4NEfI.roa
Signing time:             Thu 23 Mar 2023 08:42:46 +0000
ROA not before:           Thu 23 Mar 2023 08:42:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204993
IP address blocks:        194.224.165.0/24 maxlen: 24
                          194.224.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:0d:a2:83:20:f2:4d:8d:a7:a6:ca:9a:55:2b:8a:80:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
        Validity
            Not Before: Mar 23 08:42:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32d6b15b3692cd34db36b5a3366497949e0d11f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c1:4f:43:47:1f:06:07:51:7e:6e:6d:a6:68:
                    8e:fd:dc:e9:36:eb:42:93:7a:86:ee:44:3c:08:b9:
                    82:dc:da:30:06:21:61:c0:dd:52:18:75:17:45:08:
                    59:2c:28:fe:d8:57:65:b0:69:52:e3:35:c7:7a:f6:
                    3f:1d:3a:5b:c2:0a:85:d5:fd:7d:a7:95:7b:e2:34:
                    1b:4c:9b:da:d1:a1:94:4c:ef:6b:85:3a:53:5d:1f:
                    cc:03:5f:65:ce:a1:50:e0:15:10:85:88:21:09:51:
                    47:80:08:2b:1f:15:4b:c7:57:58:28:d2:8c:88:b8:
                    f6:8c:0d:99:16:37:ab:e7:d2:b3:67:74:fa:c1:7a:
                    67:85:56:69:c8:3b:05:d4:8c:f9:85:83:f2:1b:8c:
                    76:22:5c:e2:c6:6e:31:6b:55:53:ea:53:70:cb:b2:
                    d2:65:85:10:7d:db:3e:7d:ba:85:a1:b3:90:66:dd:
                    5e:a8:82:47:7b:38:98:31:81:71:fc:50:08:2a:c3:
                    11:2b:bc:f6:ab:33:d3:f1:e8:5d:63:79:1c:a9:fc:
                    34:77:61:7d:c8:b7:f8:bf:d8:63:d5:97:3a:2b:8d:
                    f1:bb:e8:65:5a:f3:f1:5d:6a:90:39:05:ce:e6:c3:
                    2c:1f:06:70:70:12:7c:9b:fd:ac:f9:6b:60:fa:a3:
                    30:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D6:B1:5B:36:92:CD:34:DB:36:B5:A3:36:64:97:94:9E:0D:11:F2
            X509v3 Authority Key Identifier:
                keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MtaxWzaSzTTbNrWjNmSXlJ4NEfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.224.72.0/24
                  194.224.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:04:77:a1:ed:b6:1b:c9:b4:1f:93:a5:9c:b7:01:9c:27:fd:
         91:24:6a:c5:21:3b:c8:ca:cd:ad:ca:a3:62:15:bc:5d:61:f4:
         60:c7:96:07:65:34:34:86:8d:d1:b4:ed:44:13:4b:88:d2:69:
         bd:f2:48:ab:9c:58:ba:55:e7:29:ef:b2:e9:dd:42:00:67:d3:
         26:79:db:1e:f7:d1:3f:0f:5b:e0:29:86:a8:ba:c5:88:10:45:
         0b:4f:96:4d:a6:0a:ec:a5:49:d0:9f:66:09:2f:17:9c:83:31:
         f1:bc:52:12:98:cd:88:2d:ec:c5:9f:6b:9a:f6:11:3e:3a:de:
         91:5f:b8:67:69:80:fd:46:8b:47:b8:4f:d2:8d:03:aa:dd:a8:
         82:b3:d8:5e:a8:9e:3c:37:b5:f6:32:4c:03:5f:6f:bc:fc:c6:
         f7:d2:a0:ad:3d:ef:31:5f:e5:e6:55:59:b9:2a:09:b2:b7:5b:
         27:85:f9:e9:af:90:fa:ac:6c:b6:14:0a:e2:be:39:75:dc:01:
         8c:3d:8d:e3:dc:81:65:f1:27:51:77:3f:b7:e6:47:5e:4c:57:
         94:08:41:44:ce:d6:2c:37:93:24:05:87:6a:70:4a:21:0e:90:
         a7:ce:09:eb:e5:83:54:73:6c:73:a2:8e:21:3a:7a:ea:52:a1:
         84:96:7f:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcNooMg8k2Np6bKmlUrioDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzIzMDg0MjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ2YjE1YjM2OTJjZDM0ZGIzNmI1YTMzNjY0OTc5NDllMGQxMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncFPQ0cfBgdRfm5tpmiO/dzpNutC
k3qG7kQ8CLmC3NowBiFhwN1SGHUXRQhZLCj+2FdlsGlS4zXHevY/HTpbwgqF1f19
p5V74jQbTJva0aGUTO9rhTpTXR/MA19lzqFQ4BUQhYghCVFHgAgrHxVLx1dYKNKM
iLj2jA2ZFjer59KzZ3T6wXpnhVZpyDsF1Iz5hYPyG4x2Ilzixm4xa1VT6lNwy7LS
ZYUQfds+fbqFobOQZt1eqIJHeziYMYFx/FAIKsMRK7z2qzPT8ehdY3kcqfw0d2F9
yLf4v9hj1Zc6K43xu+hlWvPxXWqQOQXO5sMsHwZwcBJ8m/2s+Wtg+qMwdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDLWsVs2ks002za1ozZkl5SeDRHyMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvTXRheFd6YVN6VFRiTnJXak5tU1hsSjRORWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwuBIAwQA
wuClMA0GCSqGSIb3DQEBCwUAA4IBAQCzBHeh7bYbybQfk6WctwGcJ/2RJGrFITvI
ys2tyqNiFbxdYfRgx5YHZTQ0ho3RtO1EE0uI0mm98kirnFi6Vecp77Lp3UIAZ9Mm
edse99E/D1vgKYaousWIEEULT5ZNpgrspUnQn2YJLxecgzHxvFISmM2ILezFn2ua
9hE+Ot6RX7hnaYD9RotHuE/SjQOq3aiCs9heqJ48N7X2MkwDX2+8/Mb30qCtPe8x
X+XmVVm5Kgmyt1snhfnpr5D6rGy2FArivjl13AGMPY3j3IFl8SdRdz+35kdeTFeU
CEFEztYsN5MkBYdqcEohDpCnzgnr5YNUc2xzoo4hOnrqUqGEln9q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:13 2024 by rpki-client on console-ams.rpki-client.org