Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mfShn1TJGK6gwMzPUBVAB80ajPI.roa
File:                     mfShn1TJGK6gwMzPUBVAB80ajPI.roa (raw, json)
Hash identifier:          N4WZyIOrUIcS9dgWX1PHKDULr++LCQqPdTBLdK1Ny5M=
Subject key identifier:   99:F4:A1:9F:54:C9:18:AE:A0:C0:CC:CF:50:15:40:07:CD:1A:8C:F2
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018571B6531CE38D870AFF3D7837FCA3A135
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mfShn1TJGK6gwMzPUBVAB80ajPI.roa
Signing time:             Mon 02 Jan 2023 09:00:52 +0000
ROA not before:           Mon 02 Jan 2023 09:00:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        185.194.28.0/24 maxlen: 24
                          45.8.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b6:53:1c:e3:8d:87:0a:ff:3d:78:37:fc:a3:a1:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 09:00:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99f4a19f54c918aea0c0cccf50154007cd1a8cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:23:6c:51:e3:62:07:75:38:cd:bf:87:7a:4d:
                    01:39:04:3f:0a:98:bb:5a:a4:b4:a0:ab:45:6f:8b:
                    85:f0:fa:72:96:10:dd:a5:41:29:62:4b:6b:02:b8:
                    86:64:3a:ac:30:42:7b:b0:59:33:b8:86:ff:f9:5d:
                    c8:9e:09:76:6b:02:89:9f:7c:70:e2:fd:13:f0:d1:
                    58:96:02:13:3c:15:3f:f1:cf:85:33:40:57:e8:a1:
                    7e:ba:33:13:51:b5:7d:c1:19:7e:f7:7c:89:64:8e:
                    35:a6:55:29:e9:1f:61:65:3e:39:e0:06:6a:28:23:
                    e6:44:fa:5b:df:f2:ba:82:35:19:6f:c1:ef:a0:48:
                    6f:30:cf:64:67:29:68:38:04:e6:58:72:9c:10:10:
                    86:10:23:c2:0b:41:d7:10:57:af:6b:8b:ef:fb:be:
                    db:29:00:2d:a7:09:69:95:d5:c0:a8:f2:64:97:8f:
                    9b:86:7c:38:1e:85:76:ab:81:71:21:cc:7d:c2:5f:
                    ed:9b:3b:8d:3c:58:ea:88:fd:77:8d:2f:a9:25:b1:
                    86:93:79:54:f2:a6:96:cd:50:9e:5c:70:bd:a3:db:
                    54:59:25:40:d7:d5:16:b8:41:aa:b5:67:70:f0:27:
                    45:a6:08:a4:78:80:f7:49:2c:25:a0:dc:a6:80:5e:
                    bb:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F4:A1:9F:54:C9:18:AE:A0:C0:CC:CF:50:15:40:07:CD:1A:8C:F2
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mfShn1TJGK6gwMzPUBVAB80ajPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.20.0/24
                  185.194.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:cf:2d:25:4d:74:9a:3d:91:90:72:e2:28:34:39:76:0b:58:
         53:64:53:ee:da:b7:65:3c:bf:14:a2:c5:d1:18:cf:57:5d:74:
         29:8b:4c:ad:03:aa:e7:be:b4:42:c8:90:4e:77:09:21:1c:a8:
         b3:b2:27:2d:dc:8b:67:63:cc:90:a3:94:98:4f:f6:b3:1f:78:
         a8:70:65:7f:c7:2c:18:65:c6:01:f4:af:f5:b2:45:62:d7:d8:
         ac:d9:11:b2:2d:b6:42:0c:82:cd:c8:7c:83:8a:96:0e:58:5b:
         2a:e7:32:92:f6:86:2f:1a:0f:21:b1:93:e3:7d:ab:d7:41:10:
         ea:84:02:04:27:5f:c2:17:7d:22:6f:b8:0e:63:52:52:80:cc:
         ba:78:69:0e:e4:1c:92:f8:15:80:9c:44:fb:5f:ef:37:ba:ea:
         6c:66:52:58:a7:04:cb:d3:5f:08:b7:07:66:53:e3:6a:ed:b0:
         36:e8:2f:03:b6:23:e9:00:3e:a7:c4:af:0d:5d:19:92:f5:db:
         2d:60:37:ca:5b:80:93:2e:c4:da:26:df:2a:58:93:66:00:46:
         45:35:40:b4:45:5a:57:a2:f4:cb:f0:64:d1:81:a5:32:07:4b:
         66:85:b8:53:4c:8a:19:9b:c1:c5:b0:40:53:ea:74:24:0e:32:
         95:19:c4:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxtlMc442HCv89eDf8o6E1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY0YTE5ZjU0YzkxOGFlYTBjMGNjY2Y1MDE1NDAwN2NkMWE4Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiNsUeNiB3U4zb+Hek0BOQQ/Cpi7
WqS0oKtFb4uF8PpylhDdpUEpYktrAriGZDqsMEJ7sFkzuIb/+V3Ingl2awKJn3xw
4v0T8NFYlgITPBU/8c+FM0BX6KF+ujMTUbV9wRl+93yJZI41plUp6R9hZT454AZq
KCPmRPpb3/K6gjUZb8HvoEhvMM9kZyloOATmWHKcEBCGECPCC0HXEFeva4vv+77b
KQAtpwlpldXAqPJkl4+bhnw4HoV2q4FxIcx9wl/tmzuNPFjqiP13jS+pJbGGk3lU
8qaWzVCeXHC9o9tUWSVA19UWuEGqtWdw8CdFpgikeID3SSwloNymgF67MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJn0oZ9UyRiuoMDMz1AVQAfNGozyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbWZTaG4xVEpHSzZnd016UFVCVkFCODBhalBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQgUAwQA
ucIcMA0GCSqGSIb3DQEBCwUAA4IBAQA0zy0lTXSaPZGQcuIoNDl2C1hTZFPu2rdl
PL8UosXRGM9XXXQpi0ytA6rnvrRCyJBOdwkhHKizsict3ItnY8yQo5SYT/azH3io
cGV/xywYZcYB9K/1skVi19is2RGyLbZCDILNyHyDipYOWFsq5zKS9oYvGg8hsZPj
favXQRDqhAIEJ1/CF30ib7gOY1JSgMy6eGkO5ByS+BWAnET7X+83uupsZlJYpwTL
018ItwdmU+Nq7bA26C8DtiPpAD6nxK8NXRmS9dstYDfKW4CTLsTaJt8qWJNmAEZF
NUC0RVpXovTL8GTRgaUyB0tmhbhTTIoZm8HFsEBT6nQkDjKVGcRl
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:44 2024 by rpki-client on console-fra.rpki-client.org