Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/MvaZyIxU_YWFDBKmJFEfmnHX-GM.roa
File:                     MvaZyIxU_YWFDBKmJFEfmnHX-GM.roa (raw, json)
Hash identifier:          x/P6aadgezVoVz2wuuUSUW82w1wGl9H23XqJyG8MczE=
Subject key identifier:   32:F6:99:C8:8C:54:FD:85:85:0C:12:A6:24:51:1F:9A:71:D7:F8:63
Certificate issuer:       /CN=d9c91317283276937d436f4b216dcda3efbe2a88
Certificate serial:       01856DA642AFECC0989080C4C8944853957C
Authority key identifier: D9:C9:13:17:28:32:76:93:7D:43:6F:4B:21:6D:CD:A3:EF:BE:2A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/MvaZyIxU_YWFDBKmJFEfmnHX-GM.roa
Signing time:             Sun 01 Jan 2023 14:04:50 +0000
ROA not before:           Sun 01 Jan 2023 14:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57693
IP address blocks:        91.217.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:42:af:ec:c0:98:90:80:c4:c8:94:48:53:95:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9c91317283276937d436f4b216dcda3efbe2a88
        Validity
            Not Before: Jan  1 14:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32f699c88c54fd85850c12a624511f9a71d7f863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:19:fb:96:97:15:26:77:3e:6e:e4:f2:d5:39:
                    d5:9c:d5:76:b5:c2:a5:8e:4e:c0:f0:cd:b8:42:02:
                    85:e2:d9:e8:9f:ae:9e:bc:d6:93:4c:89:fd:c5:b8:
                    90:3f:86:d2:ce:d3:37:f3:9a:c5:86:55:8e:5e:fa:
                    66:39:db:4d:e3:fe:a7:2e:99:75:04:d8:6f:ff:2f:
                    78:db:f5:50:54:dd:5e:f3:c5:76:90:32:d2:76:d3:
                    80:42:e8:0c:8c:af:2d:3e:a8:75:aa:2b:be:2a:57:
                    da:c2:09:dc:e8:ad:d0:ee:f2:7e:be:9e:5f:03:b9:
                    18:dc:1d:38:66:c7:d0:56:20:ad:43:32:b0:7c:01:
                    cf:a2:3b:53:29:75:51:02:1b:47:a7:6a:e1:03:9f:
                    7c:01:8a:55:76:62:0e:86:7c:c1:63:b6:04:2d:fd:
                    97:1a:26:f3:84:68:0c:8c:8e:aa:d4:53:70:b9:7e:
                    fc:26:bc:ee:63:ae:ac:94:2e:9b:41:f4:13:37:df:
                    31:2c:13:b2:25:28:5b:1a:b0:23:5b:09:f0:69:1e:
                    eb:ea:14:c4:37:a6:3c:72:62:ac:b4:2f:e9:b7:00:
                    56:b8:cc:06:29:58:12:a1:4f:b5:e9:e2:ac:7d:37:
                    99:16:58:02:f8:37:e9:e2:f4:f5:de:f5:51:ee:12:
                    ff:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:F6:99:C8:8C:54:FD:85:85:0C:12:A6:24:51:1F:9A:71:D7:F8:63
            X509v3 Authority Key Identifier:
                keyid:D9:C9:13:17:28:32:76:93:7D:43:6F:4B:21:6D:CD:A3:EF:BE:2A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/MvaZyIxU_YWFDBKmJFEfmnHX-GM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/2ckTFygydpN9Q29LIW3No---Kog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:53:99:c0:35:81:2d:ad:91:1a:2b:21:20:00:4b:ab:b1:67:
         42:9a:77:7f:de:53:3a:d7:77:9a:72:9b:6a:fa:ef:4e:65:6f:
         7c:9e:08:b9:1a:45:0d:6f:34:85:67:e0:94:f5:43:98:7a:ac:
         6a:ed:20:c2:c3:47:32:2f:0f:df:31:ed:38:91:85:a0:17:5a:
         e6:04:89:72:0f:a5:16:9f:b6:58:49:0f:d8:43:cc:16:7e:c1:
         58:90:2d:17:e8:f6:4d:eb:e5:8b:f7:3c:12:dd:74:79:61:23:
         a8:8c:e1:7c:a9:6e:49:49:b2:ac:7b:fa:97:c1:22:6d:69:88:
         66:d1:c0:29:ca:ff:b6:bf:c3:7a:fa:8b:65:71:05:c2:3c:68:
         82:ad:19:2b:4e:cc:b4:21:ca:f9:ca:73:e4:0d:2b:f8:81:62:
         2d:4c:a8:5c:d0:1d:2f:7b:1d:65:71:d8:09:6f:4f:ad:86:64:
         87:7c:6b:29:57:f6:f6:9d:07:63:b0:f7:59:be:f1:41:f9:b2:
         07:8f:a5:86:ae:5e:3f:91:2d:2e:de:71:74:ae:fc:3c:08:75:
         eb:73:31:a6:4f:85:40:27:11:5f:0e:0d:5b:4d:ad:52:9f:5a:
         c8:0f:7f:69:2f:48:0c:a7:2f:5b:c4:24:61:a0:ec:ab:c1:ae:
         f3:ef:6e:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpkKv7MCYkIDEyJRIU5V8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzkxMzE3MjgzMjc2OTM3ZDQzNmY0YjIxNmRjZGEzZWZi
ZTJhODgwHhcNMjMwMTAxMTQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY2OTljODhjNTRmZDg1ODUwYzEyYTYyNDUxMWY5YTcxZDdmODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRn7lpcVJnc+buTy1TnVnNV2tcKl
jk7A8M24QgKF4tnon66evNaTTIn9xbiQP4bSztM385rFhlWOXvpmOdtN4/6nLpl1
BNhv/y942/VQVN1e88V2kDLSdtOAQugMjK8tPqh1qiu+Klfawgnc6K3Q7vJ+vp5f
A7kY3B04ZsfQViCtQzKwfAHPojtTKXVRAhtHp2rhA598AYpVdmIOhnzBY7YELf2X
GibzhGgMjI6q1FNwuX78JrzuY66slC6bQfQTN98xLBOyJShbGrAjWwnwaR7r6hTE
N6Y8cmKstC/ptwBWuMwGKVgSoU+16eKsfTeZFlgC+Dfp4vT13vVR7hL/kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDL2mciMVP2FhQwSpiRRH5px1/hjMB8GA1UdIwQY
MBaAFNnJExcoMnaTfUNvSyFtzaPvviqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNrVEZ5Z3lkcE45UTI5TElXM05vLS0tS29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mNjM2YzYtMTBkMi00ZjZmLWI0MTgt
NTBiOWQ1MjM2MWMzLzEvTXZhWnlJeFVfWVdGREJLbUpGRWZtbkhYLUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mNjM2YzYtMTBkMi00ZjZmLWI0MTgtNTBiOWQ1MjM2MWMz
LzEvMmNrVEZ5Z3lkcE45UTI5TElXM05vLS0tS29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nlMA0G
CSqGSIb3DQEBCwUAA4IBAQA1U5nANYEtrZEaKyEgAEursWdCmnd/3lM613eacptq
+u9OZW98ngi5GkUNbzSFZ+CU9UOYeqxq7SDCw0cyLw/fMe04kYWgF1rmBIlyD6UW
n7ZYSQ/YQ8wWfsFYkC0X6PZN6+WL9zwS3XR5YSOojOF8qW5JSbKse/qXwSJtaYhm
0cApyv+2v8N6+otlcQXCPGiCrRkrTsy0Icr5ynPkDSv4gWItTKhc0B0vex1lcdgJ
b0+thmSHfGspV/b2nQdjsPdZvvFB+bIHj6WGrl4/kS0u3nF0rvw8CHXrczGmT4VA
JxFfDg1bTa1Sn1rID39pL0gMpy9bxCRhoOyrwa7z727x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:14 2024 by rpki-client on console-ams.rpki-client.org