Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MwSdd7NN0UHOtklBeANEWbF6onE.roa
File:                     MwSdd7NN0UHOtklBeANEWbF6onE.roa (raw, json)
Hash identifier:          Q6jrsH5Y3XiPRmkH6agGiDmKCtEGlBxYghTnXiIgbs8=
Subject key identifier:   33:04:9D:77:B3:4D:D1:41:CE:B6:49:41:78:03:44:59:B1:7A:A2:71
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C2BA5D2D71FBB07B230EE31FBC8E0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MwSdd7NN0UHOtklBeANEWbF6onE.roa
Signing time:             Mon 02 Jan 2023 05:55:01 +0000
ROA not before:           Mon 02 Jan 2023 05:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201624
IP address blocks:        176.118.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Jan 2023 15:23:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:2b:a5:d2:d7:1f:bb:07:b2:30:ee:31:fb:c8:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33049d77b34dd141ceb6494178034459b17aa271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3e:dc:55:7e:46:8a:4d:d3:52:79:f0:5a:47:
                    9c:10:e3:94:bc:2b:c7:81:68:4e:b9:e0:93:d5:31:
                    25:51:c9:95:e2:3e:d6:72:37:1f:13:db:fa:2e:60:
                    75:f0:7c:34:da:09:d0:bb:ac:6a:ed:a7:8c:ce:37:
                    fe:e9:5e:c1:4e:44:54:e9:42:c0:51:08:25:8c:56:
                    9d:c6:08:70:5d:ec:19:09:4b:48:e3:31:71:7b:ea:
                    24:98:6f:44:ec:af:a6:16:f2:d6:21:f3:a5:99:08:
                    9a:da:58:d2:8e:d6:ba:d3:39:df:57:82:59:58:b6:
                    31:d9:2c:a1:67:c6:11:64:30:ea:c1:c9:c7:78:82:
                    49:4e:4b:f9:87:2e:4b:17:e8:6e:fd:74:a0:74:ad:
                    d8:10:ed:93:65:59:6d:b3:fa:35:e2:61:7d:d2:e5:
                    13:c5:a2:0f:b4:de:8e:d2:b0:70:4b:54:a4:4b:a7:
                    17:23:9b:09:7b:1e:0a:db:0a:2a:89:89:05:f4:18:
                    0f:32:55:a6:14:d6:7d:70:35:16:91:fd:c0:10:ef:
                    a7:84:f8:c1:97:e6:4c:97:0d:18:b1:4a:16:e3:cc:
                    7b:5d:ec:2e:e0:4e:f4:c9:5e:aa:15:32:63:62:b1:
                    ee:32:74:c3:b1:06:e9:6f:98:45:7e:fb:1d:e8:92:
                    ae:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:04:9D:77:B3:4D:D1:41:CE:B6:49:41:78:03:44:59:B1:7A:A2:71
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MwSdd7NN0UHOtklBeANEWbF6onE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:97:82:a0:64:1b:2b:78:d7:2e:35:77:d3:32:9f:8f:60:7c:
         64:38:7e:63:82:90:10:6c:59:f5:8b:4a:23:db:8a:bb:2b:ac:
         df:55:d6:d5:93:fa:d1:a3:0e:e3:60:96:63:1c:db:7b:32:df:
         aa:e0:a1:fa:a5:8a:e0:b0:3a:b6:76:ca:e1:5e:11:15:7a:be:
         84:58:31:36:85:b8:e4:01:87:3c:57:fd:cb:18:f8:f5:65:07:
         83:11:00:d7:b5:ae:07:76:a2:9f:80:47:84:86:32:51:e6:84:
         0f:69:dc:dc:b2:18:04:ab:43:95:16:fc:f9:bf:40:c6:72:94:
         9a:a8:eb:b3:b1:a1:73:1a:ef:09:ab:b9:17:d6:88:5c:2b:15:
         96:d6:7f:6c:14:c8:12:69:56:b1:be:a7:09:78:43:60:97:c7:
         56:8d:79:75:0d:50:e0:25:a8:f6:30:7b:dc:94:4f:5f:45:24:
         6f:96:1b:1a:47:29:98:2c:79:00:9d:8c:84:42:ee:ec:e2:44:
         f5:c5:2b:5b:1b:b3:17:66:4d:dd:f1:8a:75:c7:bd:87:e3:08:
         0d:b1:15:89:26:65:43:e8:87:95:da:54:6d:39:8f:b6:af:57:
         e0:2b:b0:09:a3:9f:fb:f0:59:9b:05:7f:0f:76:2a:06:ba:51:
         06:ba:e4:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCul0tcfuweyMO4x+8jgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA0OWQ3N2IzNGRkMTQxY2ViNjQ5NDE3ODAzNDQ1OWIxN2FhMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD7cVX5Gik3TUnnwWkecEOOUvCvH
gWhOueCT1TElUcmV4j7WcjcfE9v6LmB18Hw02gnQu6xq7aeMzjf+6V7BTkRU6ULA
UQgljFadxghwXewZCUtI4zFxe+okmG9E7K+mFvLWIfOlmQia2ljSjta60znfV4JZ
WLYx2SyhZ8YRZDDqwcnHeIJJTkv5hy5LF+hu/XSgdK3YEO2TZVlts/o14mF90uUT
xaIPtN6O0rBwS1SkS6cXI5sJex4K2woqiYkF9BgPMlWmFNZ9cDUWkf3AEO+nhPjB
l+ZMlw0YsUoW48x7Xewu4E70yV6qFTJjYrHuMnTDsQbpb5hFfvsd6JKuXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMEnXezTdFBzrZJQXgDRFmxeqJxMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTXdTZGQ3Tk4wVUhPdGtsQmVBTkVXYkY2b25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHbHMA0G
CSqGSIb3DQEBCwUAA4IBAQAZl4KgZBsreNcuNXfTMp+PYHxkOH5jgpAQbFn1i0oj
24q7K6zfVdbVk/rRow7jYJZjHNt7Mt+q4KH6pYrgsDq2dsrhXhEVer6EWDE2hbjk
AYc8V/3LGPj1ZQeDEQDXta4HdqKfgEeEhjJR5oQPadzcshgEq0OVFvz5v0DGcpSa
qOuzsaFzGu8Jq7kX1ohcKxWW1n9sFMgSaVaxvqcJeENgl8dWjXl1DVDgJaj2MHvc
lE9fRSRvlhsaRymYLHkAnYyEQu7s4kT1xStbG7MXZk3d8Yp1x72H4wgNsRWJJmVD
6IeV2lRtOY+2r1fgK7AJo5/78FmbBX8PdioGulEGuuSb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org