Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/MkgxXyRobbkI5KRpzEeS3ASrRyA.roa
File:                     MkgxXyRobbkI5KRpzEeS3ASrRyA.roa (raw, json)
Hash identifier:          f4fvf6dYTbXu7k76gvreGpiGvall1vWdOHp1etEnPFg=
Subject key identifier:   32:48:31:5F:24:68:6D:B9:08:E4:A4:69:CC:47:92:DC:04:AB:47:20
Certificate issuer:       /CN=67800aba40639bf38d1eb6c9157b994f19323b13
Certificate serial:       018CC94D87D1BEF56FE8A2AC436F60D431B5
Authority key identifier: 67:80:0A:BA:40:63:9B:F3:8D:1E:B6:C9:15:7B:99:4F:19:32:3B:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z4AKukBjm_ONHrbJFXuZTxkyOxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/MkgxXyRobbkI5KRpzEeS3ASrRyA.roa
Signing time:             Tue 02 Jan 2024 08:32:30 +0000
ROA not before:           Tue 02 Jan 2024 08:32:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49941
IP address blocks:        176.119.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 15:22:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:87:d1:be:f5:6f:e8:a2:ac:43:6f:60:d4:31:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67800aba40639bf38d1eb6c9157b994f19323b13
        Validity
            Not Before: Jan  2 08:32:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3248315f24686db908e4a469cc4792dc04ab4720
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:23:07:0e:6e:e9:1a:9a:07:3d:37:d2:40:af:
                    18:a6:8a:56:be:f5:14:f8:19:ea:8a:46:ae:46:fd:
                    e9:d1:aa:02:a9:f8:91:ce:f2:df:fe:d7:96:7e:ca:
                    fe:c9:b3:f9:42:7f:e9:18:58:4f:ca:18:be:35:bd:
                    c0:bc:fe:b9:16:67:e5:60:82:41:54:27:1d:5f:b5:
                    b3:f6:c2:78:12:03:56:32:e0:4d:84:5c:4e:a4:4b:
                    b6:de:e5:ac:41:ce:0b:5e:6a:ad:cc:3d:a6:ab:53:
                    d0:25:61:b7:a6:ec:51:b7:63:dd:25:4b:51:e6:27:
                    1a:0d:5b:23:d1:00:e3:53:b6:0f:af:ff:7e:51:e0:
                    4d:2b:19:2c:fe:1e:ab:ff:0d:87:60:49:f4:dd:d5:
                    39:ed:13:93:60:0f:2b:01:ee:e4:51:62:99:d3:7b:
                    f8:f4:65:60:a7:60:df:fd:60:4a:09:2c:26:d3:6b:
                    48:13:51:93:71:16:f3:1d:08:ca:bf:83:13:9f:d6:
                    81:da:4e:f4:52:b4:20:62:b5:99:41:e7:c0:f6:34:
                    f9:79:2d:06:47:7c:71:67:22:a6:86:56:45:1a:98:
                    a5:6a:4e:62:16:ab:f2:53:02:04:6a:87:1d:33:b6:
                    63:10:04:ef:73:d4:7c:35:19:9a:e2:80:3c:72:02:
                    7a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:48:31:5F:24:68:6D:B9:08:E4:A4:69:CC:47:92:DC:04:AB:47:20
            X509v3 Authority Key Identifier:
                keyid:67:80:0A:BA:40:63:9B:F3:8D:1E:B6:C9:15:7B:99:4F:19:32:3B:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4AKukBjm_ONHrbJFXuZTxkyOxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/MkgxXyRobbkI5KRpzEeS3ASrRyA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/Z4AKukBjm_ONHrbJFXuZTxkyOxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.119.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:17:7e:32:90:a8:d8:b5:04:c9:10:9d:e4:34:2e:a2:f8:c9:
         36:a4:06:c5:79:65:c0:e5:d2:58:7a:25:0c:be:1a:45:61:f2:
         e7:0f:43:26:fb:33:97:76:47:3a:01:48:a5:9b:9a:db:8d:ef:
         68:74:ef:75:9f:0f:9e:50:d9:f0:d3:31:db:31:07:78:ff:7e:
         25:2a:ad:bb:cd:ff:18:84:e8:da:aa:2e:48:2d:62:86:00:81:
         6c:cb:89:a4:e8:f4:80:c1:0f:4c:15:d8:8c:55:d0:8b:46:cb:
         6b:e4:8d:9b:41:4d:2c:df:40:88:01:ec:94:33:a5:29:a9:46:
         4e:06:88:ba:cf:14:71:3d:c3:0f:bc:f7:6b:af:2a:30:d9:c8:
         64:66:3e:14:0f:d5:43:db:a6:9b:69:7c:93:09:6c:5f:03:5d:
         1c:d7:2d:14:43:15:dc:b7:a1:25:22:cf:4d:24:99:9f:19:fd:
         54:bf:15:cf:a0:e4:cb:37:4e:13:71:f1:10:49:79:fe:cd:7b:
         0f:66:0b:b7:95:68:47:e6:0f:55:2f:93:c6:34:11:be:0f:00:
         33:d3:8c:fd:21:43:0d:c9:a9:39:4d:30:ad:e4:c4:28:ea:5c:
         61:e8:86:3b:6d:3d:bc:7e:33:86:eb:e2:9a:cd:d5:db:10:be:
         34:44:51:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTYfRvvVv6KKsQ29g1DG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ODAwYWJhNDA2MzliZjM4ZDFlYjZjOTE1N2I5OTRmMTkz
MjNiMTMwHhcNMjQwMTAyMDgzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ4MzE1ZjI0Njg2ZGI5MDhlNGE0NjljYzQ3OTJkYzA0YWI0NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SMHDm7pGpoHPTfSQK8YpopWvvUU
+BnqikauRv3p0aoCqfiRzvLf/teWfsr+ybP5Qn/pGFhPyhi+Nb3AvP65FmflYIJB
VCcdX7Wz9sJ4EgNWMuBNhFxOpEu23uWsQc4LXmqtzD2mq1PQJWG3puxRt2PdJUtR
5icaDVsj0QDjU7YPr/9+UeBNKxks/h6r/w2HYEn03dU57ROTYA8rAe7kUWKZ03v4
9GVgp2Df/WBKCSwm02tIE1GTcRbzHQjKv4MTn9aB2k70UrQgYrWZQefA9jT5eS0G
R3xxZyKmhlZFGpilak5iFqvyUwIEaocdM7ZjEATvc9R8NRma4oA8cgJ66wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJIMV8kaG25COSkacxHktwEq0cgMB8GA1UdIwQY
MBaAFGeACrpAY5vzjR62yRV7mU8ZMjsTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjRBS3VrQmptX09OSHJiSkZYdVpUeGt5T3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zYjU0ZDItNzgzZC00ZDViLTg5MWEt
MjkyNjI3OTA0MDlkLzEvTWtneFh5Um9iYmtJNUtScHpFZVMzQVNyUnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zYjU0ZDItNzgzZC00ZDViLTg5MWEtMjkyNjI3OTA0MDlk
LzEvWjRBS3VrQmptX09OSHJiSkZYdVpUeGt5T3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHfBMA0G
CSqGSIb3DQEBCwUAA4IBAQAfF34ykKjYtQTJEJ3kNC6i+Mk2pAbFeWXA5dJYeiUM
vhpFYfLnD0Mm+zOXdkc6AUilm5rbje9odO91nw+eUNnw0zHbMQd4/34lKq27zf8Y
hOjaqi5ILWKGAIFsy4mk6PSAwQ9MFdiMVdCLRstr5I2bQU0s30CIAeyUM6UpqUZO
Boi6zxRxPcMPvPdrryow2chkZj4UD9VD26abaXyTCWxfA10c1y0UQxXct6ElIs9N
JJmfGf1UvxXPoOTLN04TcfEQSXn+zXsPZgu3lWhH5g9VL5PGNBG+DwAz04z9IUMN
yak5TTCt5MQo6lxh6IY7bT28fjOG6+KazdXbEL40RFFB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:16 2024 by rpki-client on console-fra.rpki-client.org