Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/mcqaKSDapJOMOByNGC-ExtPFOGU.roa
File:                     mcqaKSDapJOMOByNGC-ExtPFOGU.roa (raw, json)
Hash identifier:          QxlLeYEivqyCyo5j1KxbTW4FftEjFNd8Y+RFlRCFyyw=
Subject key identifier:   99:CA:9A:29:20:DA:A4:93:8C:38:1C:8D:18:2F:84:C6:D3:C5:38:65
Certificate issuer:       /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial:       018CC3B717EE6812D1E3EB2ADD3F5976B03C
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/mcqaKSDapJOMOByNGC-ExtPFOGU.roa
Signing time:             Mon 01 Jan 2024 06:30:05 +0000
ROA not before:           Mon 01 Jan 2024 06:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58273
IP address blocks:        88.97.112.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 14:11:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:17:ee:68:12:d1:e3:eb:2a:dd:3f:59:76:b0:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
        Validity
            Not Before: Jan  1 06:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99ca9a2920daa4938c381c8d182f84c6d3c53865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5d:74:00:a7:bb:30:25:24:1a:25:a6:bd:7e:
                    24:0e:80:61:2b:27:d4:a1:31:a8:35:7f:5b:0a:0b:
                    b2:4b:3e:26:0c:97:55:50:8a:e2:76:d1:81:79:4a:
                    b7:b6:8a:5b:28:f8:97:4b:40:23:2f:f2:23:fa:f2:
                    68:42:2e:a0:0f:63:27:1b:12:af:29:56:1e:83:ea:
                    f2:cd:7a:52:3d:ba:ee:f9:33:a8:1a:92:3f:59:2c:
                    98:0a:05:b9:74:af:52:1b:37:50:1d:7b:9a:6b:4a:
                    3a:0f:f8:33:a6:a2:e5:33:06:e3:c2:03:2d:6b:1b:
                    f5:c1:e0:21:20:c0:a1:05:d8:45:c7:67:0c:9e:d8:
                    3c:44:1a:df:65:5b:29:2e:cd:e6:3a:34:99:e7:f5:
                    b2:c4:a0:62:2f:44:3b:6b:42:c0:c1:52:ba:b4:4c:
                    11:d7:66:59:65:ab:a6:2f:61:fc:71:8e:65:c2:59:
                    ab:18:36:8b:d8:c4:a0:44:bb:45:3a:b7:f0:c8:0b:
                    6d:7a:b5:25:2e:df:b1:ec:96:17:ea:5c:22:1e:46:
                    55:0f:ec:d2:1f:78:fb:20:e4:7e:75:04:35:5c:48:
                    cb:2d:8f:84:a8:bd:d7:30:03:86:30:1b:97:0c:06:
                    92:8e:63:a6:f7:cc:9b:f2:d0:e4:21:dd:23:a6:1a:
                    93:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:CA:9A:29:20:DA:A4:93:8C:38:1C:8D:18:2F:84:C6:D3:C5:38:65
            X509v3 Authority Key Identifier:
                keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/mcqaKSDapJOMOByNGC-ExtPFOGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.97.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         51:1f:fa:c6:b7:b8:b0:59:45:7c:70:ce:a4:ba:71:3c:75:7d:
         64:4f:42:10:b0:91:ee:46:f7:df:aa:a7:8d:53:74:04:7e:35:
         c8:0f:dd:3b:a5:a4:2f:ae:92:84:42:b4:0d:e7:fc:f7:e2:f7:
         e3:03:f2:5d:4c:a0:74:ef:3e:37:7c:75:6d:a3:52:87:35:f3:
         7b:d2:e6:8b:6b:24:a7:9c:6c:51:3d:31:3f:56:52:e9:99:79:
         65:01:f6:a4:af:2c:dd:fc:ba:26:a2:36:79:1a:fe:51:e3:e8:
         41:27:8b:7f:c7:49:4c:e6:d6:b7:8e:60:03:4a:7c:15:e1:39:
         d4:9b:0b:57:de:ad:a2:7b:34:33:94:cf:03:e5:70:88:f9:86:
         9b:2b:70:91:b3:bb:99:b0:c3:c3:81:cd:3c:66:21:23:5b:66:
         9a:77:6f:10:8c:2d:cf:9e:23:70:a2:f5:a2:24:cc:cc:1b:83:
         3c:ad:b3:f6:5d:57:51:64:47:ee:29:26:80:ae:d3:0f:ac:e4:
         a1:4e:ad:a7:6d:eb:03:d6:89:18:ab:28:ea:64:4f:8c:b0:06:
         08:0e:aa:5e:9c:9a:5d:ac:00:a2:6c:0e:92:fe:d1:3d:e3:61:
         4d:79:98:1a:22:07:c7:4f:c8:05:92:af:c6:16:6a:0d:5b:d5:
         0d:57:9c:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtxfuaBLR4+sq3T9ZdrA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWNhOWEyOTIwZGFhNDkzOGMzODFjOGQxODJmODRjNmQzYzUzODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl10AKe7MCUkGiWmvX4kDoBhKyfU
oTGoNX9bCguySz4mDJdVUIridtGBeUq3topbKPiXS0AjL/Ij+vJoQi6gD2MnGxKv
KVYeg+ryzXpSPbru+TOoGpI/WSyYCgW5dK9SGzdQHXuaa0o6D/gzpqLlMwbjwgMt
axv1weAhIMChBdhFx2cMntg8RBrfZVspLs3mOjSZ5/WyxKBiL0Q7a0LAwVK6tEwR
12ZZZaumL2H8cY5lwlmrGDaL2MSgRLtFOrfwyAtterUlLt+x7JYX6lwiHkZVD+zS
H3j7IOR+dQQ1XEjLLY+EqL3XMAOGMBuXDAaSjmOm98yb8tDkId0jphqTMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnKmikg2qSTjDgcjRgvhMbTxThlMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvbWNxYUtTRGFwSk9NT0J5TkdDLUV4dFBGT0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWGFwMA0G
CSqGSIb3DQEBCwUAA4IBAQBRH/rGt7iwWUV8cM6kunE8dX1kT0IQsJHuRvffqqeN
U3QEfjXID907paQvrpKEQrQN5/z34vfjA/JdTKB07z43fHVto1KHNfN70uaLaySn
nGxRPTE/VlLpmXllAfakryzd/LomojZ5Gv5R4+hBJ4t/x0lM5ta3jmADSnwV4TnU
mwtX3q2iezQzlM8D5XCI+YabK3CRs7uZsMPDgc08ZiEjW2aad28QjC3PniNwovWi
JMzMG4M8rbP2XVdRZEfuKSaArtMPrOShTq2nbesD1okYqyjqZE+MsAYIDqpenJpd
rACibA6S/tE942FNeZgaIgfHT8gFkq/GFmoNW9UNV5y2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org