Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MQZ9N_HNsXuyooybuw9RoTsg1yE.roa
File:                     MQZ9N_HNsXuyooybuw9RoTsg1yE.roa (raw, json)
Hash identifier:          SBBEYzW95IeQor5QfYpaP335s2taQEMcB4JvK21hkBU=
Subject key identifier:   31:06:7D:37:F1:CD:B1:7B:B2:A2:8C:9B:BB:0F:51:A1:3B:20:D7:21
Certificate issuer:       /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial:       01857079755980C0EB33057A8763CB187834
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MQZ9N_HNsXuyooybuw9RoTsg1yE.roa
Signing time:             Mon 02 Jan 2023 03:14:46 +0000
ROA not before:           Mon 02 Jan 2023 03:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208375
IP address blocks:        45.155.77.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 12:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:75:59:80:c0:eb:33:05:7a:87:63:cb:18:78:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
        Validity
            Not Before: Jan  2 03:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=31067d37f1cdb17bb2a28c9bbb0f51a13b20d721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:8f:48:82:18:d4:75:df:98:e1:de:91:87:9d:
                    cf:83:ef:a1:81:7a:33:7e:67:fa:17:eb:73:85:e9:
                    ad:8c:ab:57:94:f7:80:57:f7:5c:f8:72:75:4f:b3:
                    ec:59:c0:1a:00:ab:50:65:19:25:3a:e9:2b:c6:19:
                    07:64:9c:4b:bd:22:3c:db:98:19:23:15:31:5d:10:
                    8f:84:55:c1:d5:19:5a:01:fb:44:13:e6:b8:48:24:
                    a5:dc:b4:d7:10:35:70:90:eb:e0:38:9c:7a:8e:34:
                    6d:01:6b:fe:e3:9d:14:23:02:10:82:ec:22:76:3a:
                    29:c9:38:21:19:7d:ea:94:41:d6:fa:a3:b2:52:46:
                    f3:c9:27:13:92:e4:eb:92:e4:1f:4f:e0:19:14:ca:
                    1b:c3:fc:86:09:f9:1f:3c:f6:6c:f6:5d:f2:33:42:
                    d9:91:b3:67:66:ed:0c:8c:50:06:14:8f:3d:43:bd:
                    04:db:8d:3d:e9:e5:ce:19:75:04:6a:5e:6b:b7:36:
                    97:77:a2:11:37:b5:15:5c:87:f6:e0:5c:30:46:d7:
                    52:17:fc:49:96:b9:3c:21:35:38:11:de:57:ac:91:
                    aa:76:3a:68:ee:4f:49:7b:6d:47:19:fb:3c:b7:99:
                    4d:43:c8:5c:97:b2:12:26:e9:a8:b7:39:30:0e:ce:
                    dc:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:06:7D:37:F1:CD:B1:7B:B2:A2:8C:9B:BB:0F:51:A1:3B:20:D7:21
            X509v3 Authority Key Identifier:
                keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MQZ9N_HNsXuyooybuw9RoTsg1yE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:a1:77:4b:51:7b:54:a4:9b:c7:72:5d:43:68:5e:47:92:d4:
         b1:ff:58:0f:4e:03:a0:41:a0:ff:9a:d2:40:55:9d:1e:91:5e:
         8f:65:2d:11:a3:dd:8f:75:ee:4a:ff:30:d6:c5:00:3f:34:4c:
         5c:ce:7a:1f:0a:97:10:c7:6e:87:12:e9:60:fc:96:fc:36:5e:
         cc:48:54:ef:e5:e5:ad:33:e7:74:93:bc:19:ba:15:76:d0:6a:
         2c:d4:6e:b1:2e:1f:0a:48:df:6f:0d:38:29:8e:74:2a:bb:ad:
         a1:80:3d:dc:b8:59:47:0d:4c:4e:8a:19:cc:a7:04:ec:18:d5:
         14:24:56:f4:74:73:98:f6:27:ce:3a:03:1e:6d:18:69:7a:8b:
         b8:d6:a7:d5:87:cf:4d:55:95:19:13:cb:56:d4:28:83:93:8d:
         06:c8:2f:1f:95:bb:b0:41:1e:ba:ae:96:98:b6:50:26:6b:9f:
         42:0d:88:64:57:44:55:69:7d:72:c6:82:71:aa:8c:2f:14:48:
         1d:45:73:5e:4e:d8:e9:e2:c4:1a:58:4b:21:85:07:00:68:4c:
         fe:84:20:b5:b6:6f:f4:5c:51:86:53:88:0f:18:f1:05:dd:eb:
         9a:be:cb:11:3a:e3:84:36:18:1c:1f:29:b7:c7:0f:e4:0f:14:
         69:52:e9:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweXVZgMDrMwV6h2PLGHg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwMTAyMDMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA2N2QzN2YxY2RiMTdiYjJhMjhjOWJiYjBmNTFhMTNiMjBkNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0o9IghjUdd+Y4d6Rh53Pg++hgXoz
fmf6F+tzhemtjKtXlPeAV/dc+HJ1T7PsWcAaAKtQZRklOukrxhkHZJxLvSI825gZ
IxUxXRCPhFXB1RlaAftEE+a4SCSl3LTXEDVwkOvgOJx6jjRtAWv+450UIwIQguwi
djopyTghGX3qlEHW+qOyUkbzyScTkuTrkuQfT+AZFMobw/yGCfkfPPZs9l3yM0LZ
kbNnZu0MjFAGFI89Q70E24096eXOGXUEal5rtzaXd6IRN7UVXIf24FwwRtdSF/xJ
lrk8ITU4Ed5XrJGqdjpo7k9Je21HGfs8t5lNQ8hcl7ISJumotzkwDs7cdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEGfTfxzbF7sqKMm7sPUaE7INchMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvTVFaOU5fSE5zWHV5b295YnV3OVJvVHNnMXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZtNMA0G
CSqGSIb3DQEBCwUAA4IBAQBAoXdLUXtUpJvHcl1DaF5HktSx/1gPTgOgQaD/mtJA
VZ0ekV6PZS0Ro92Pde5K/zDWxQA/NExcznofCpcQx26HEulg/Jb8Nl7MSFTv5eWt
M+d0k7wZuhV20Gos1G6xLh8KSN9vDTgpjnQqu62hgD3cuFlHDUxOihnMpwTsGNUU
JFb0dHOY9ifOOgMebRhpeou41qfVh89NVZUZE8tW1CiDk40GyC8flbuwQR66rpaY
tlAma59CDYhkV0RVaX1yxoJxqowvFEgdRXNeTtjp4sQaWEshhQcAaEz+hCC1tm/0
XFGGU4gPGPEF3euavssROuOENhgcHym3xw/kDxRpUulx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:53 2024 by rpki-client on console-fra.rpki-client.org