Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/mpCK3yQ0Fi0-C4yWjpc-5DFmSJo.roa
File:                     mpCK3yQ0Fi0-C4yWjpc-5DFmSJo.roa (raw, json)
Hash identifier:          mzYqWPObkjzeWfYyjegnUSzDQm+LpXQXFZkzSYDI9pE=
Subject key identifier:   9A:90:8A:DF:24:34:16:2D:3E:0B:8C:96:8E:97:3E:E4:31:66:48:9A
Certificate issuer:       /CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Certificate serial:       01880BCE4D2EA8BF6598C1D9EAE893007F94
Authority key identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/mpCK3yQ0Fi0-C4yWjpc-5DFmSJo.roa
Signing time:             Thu 11 May 2023 17:14:09 +0000
ROA not before:           Thu 11 May 2023 17:14:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209854
IP address blocks:        185.239.190.0/24 maxlen: 24
                          185.239.189.0/24 maxlen: 24
                          185.239.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0b:ce:4d:2e:a8:bf:65:98:c1:d9:ea:e8:93:00:7f:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
        Validity
            Not Before: May 11 17:14:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a908adf2434162d3e0b8c968e973ee43166489a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:fb:e5:ba:59:68:7f:51:5e:1a:79:49:ae:9c:
                    28:c0:bb:a0:5e:d7:14:a6:89:43:2c:c8:68:27:75:
                    59:f3:1a:97:41:cf:9b:02:05:0c:86:d8:52:75:3e:
                    58:42:98:9f:0c:b1:27:b5:05:44:09:bf:4f:59:af:
                    45:55:67:25:b3:22:2a:0b:85:4a:e0:02:34:9e:e3:
                    6b:fa:21:07:1a:d7:49:0c:35:3d:76:7e:38:01:9c:
                    ac:1a:df:21:47:75:02:9e:7d:7e:9e:d4:79:b4:14:
                    8f:be:65:1c:00:c3:df:1b:41:b2:4e:91:ca:b0:72:
                    32:ba:34:c8:2b:88:b3:1a:71:f9:c2:bd:9b:72:b0:
                    f4:03:94:39:b6:57:68:cc:8f:a0:ad:09:ae:7c:12:
                    ed:fd:75:0c:8f:b6:95:e9:5e:35:34:3c:03:04:9e:
                    53:7b:e2:22:ed:43:b5:25:37:bf:6a:ed:97:48:91:
                    26:6f:ff:f1:d9:16:14:7f:cb:b1:3f:78:61:0c:10:
                    aa:1d:db:75:08:42:19:aa:e2:61:ac:31:50:53:29:
                    1f:ee:44:f3:13:e1:16:ca:13:0e:f9:5f:2f:e4:72:
                    f0:94:9d:b0:e5:ab:0d:e1:74:3a:3c:5d:ea:2f:21:
                    df:a9:16:04:eb:f5:22:5d:e8:61:ee:11:9d:99:01:
                    7b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:90:8A:DF:24:34:16:2D:3E:0B:8C:96:8E:97:3E:E4:31:66:48:9A
            X509v3 Authority Key Identifier:
                keyid:53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/mpCK3yQ0Fi0-C4yWjpc-5DFmSJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.188.0-185.239.190.255

    Signature Algorithm: sha256WithRSAEncryption
         7d:9b:e9:d7:a5:3f:1f:9e:36:f9:f6:1b:1f:99:1f:a2:86:53:
         df:1c:07:8e:e9:d3:f3:33:db:d5:f3:85:cf:03:ff:92:79:ec:
         2d:16:ef:54:cb:b4:4a:be:cd:bb:95:77:23:c2:d0:78:08:f8:
         0a:7a:4e:be:8b:e8:27:66:b5:26:02:d2:f8:5b:a5:99:82:5c:
         82:24:26:57:1f:42:a2:3b:48:e6:7d:3d:80:67:6f:c0:8f:fe:
         ff:4f:33:1c:6a:c8:18:ae:01:2e:4c:26:06:6c:54:ae:74:8b:
         5b:0d:46:2d:9f:8e:aa:8e:af:01:e6:2b:a8:8e:fc:ee:2e:98:
         ee:54:5c:a8:de:d3:7f:32:a5:67:6b:70:1a:f8:c8:8d:40:2f:
         d9:ac:cd:a8:2c:44:36:c1:7e:fc:0f:d5:2f:a4:c4:9c:23:18:
         50:d4:97:81:8b:1e:5f:94:35:c8:de:66:d5:68:6e:bf:7d:30:
         a3:80:09:1c:d5:9b:ae:91:74:fe:a2:0f:3e:2c:d7:4a:7f:d6:
         25:09:8b:a8:a4:dd:ff:07:5f:d0:49:92:22:91:60:69:da:8c:
         91:db:a7:98:96:fb:d4:19:dd:07:d3:fd:3e:77:46:bc:db:59:
         de:d5:93:0d:9b:8a:50:4b:4c:97:27:13:de:3f:9a:6b:61:e7:
         0e:0f:63:f4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYgLzk0uqL9lmMHZ6uiTAH+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDAzNTlmOWY4YjIwODE1Y2U0ZDk4OGUxMDliZjgyMzA2
ZTRjNzQwHhcNMjMwNTExMTcxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkwOGFkZjI0MzQxNjJkM2UwYjhjOTY4ZTk3M2VlNDMxNjY0ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/vlullof1FeGnlJrpwowLugXtcU
polDLMhoJ3VZ8xqXQc+bAgUMhthSdT5YQpifDLEntQVECb9PWa9FVWclsyIqC4VK
4AI0nuNr+iEHGtdJDDU9dn44AZysGt8hR3UCnn1+ntR5tBSPvmUcAMPfG0GyTpHK
sHIyujTIK4izGnH5wr2bcrD0A5Q5tldozI+grQmufBLt/XUMj7aV6V41NDwDBJ5T
e+Ii7UO1JTe/au2XSJEmb//x2RYUf8uxP3hhDBCqHdt1CEIZquJhrDFQUykf7kTz
E+EWyhMO+V8v5HLwlJ2w5asN4XQ6PF3qLyHfqRYE6/UiXehh7hGdmQF7UwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJqQit8kNBYtPguMlo6XPuQxZkiaMB8GA1UdIwQY
MBaAFFPQNZ+fiyCBXOTZiOEJv4Iwbkx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTkt
YTZjNDljZTkwNzU2LzEvbXBDSzN5UTBGaTAtQzR5V2pwYy01REZtU0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTktYTZjNDljZTkwNzU2
LzEvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK577wD
BAC5774wDQYJKoZIhvcNAQELBQADggEBAH2b6delPx+eNvn2Gx+ZH6KGU98cB47p
0/Mz29Xzhc8D/5J57C0W71TLtEq+zbuVdyPC0HgI+Ap6Tr6L6CdmtSYC0vhbpZmC
XIIkJlcfQqI7SOZ9PYBnb8CP/v9PMxxqyBiuAS5MJgZsVK50i1sNRi2fjqqOrwHm
K6iO/O4umO5UXKje038ypWdrcBr4yI1AL9mszagsRDbBfvwP1S+kxJwjGFDUl4GL
Hl+UNcjeZtVobr99MKOACRzVm66RdP6iDz4s10p/1iUJi6ik3f8HX9BJkiKRYGna
jJHbp5iW+9QZ3QfT/T53RrzbWd7Vkw2bilBLTJcnE94/mmth5w4PY/Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org