Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa
File:                     MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa (raw, json)
Hash identifier:          1aQ7en5Z+FY5xTdImJIo7JJqpau4Dz1PdWJ55VHjkTM=
Subject key identifier:   30:9E:57:5A:E4:2F:06:51:BC:4D:7D:99:1B:F6:02:B0:1A:FE:A5:59
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       0186A30964C369CC0E31FEFCD5421DC1D24F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa
Signing time:             Thu 02 Mar 2023 15:55:47 +0000
ROA not before:           Thu 02 Mar 2023 15:55:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202485
IP address blocks:        92.52.217.0/24 maxlen: 24
                          88.209.254.0/24 maxlen: 24
                          83.137.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 07:16:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a3:09:64:c3:69:cc:0e:31:fe:fc:d5:42:1d:c1:d2:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Mar  2 15:55:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=309e575ae42f0651bc4d7d991bf602b01afea559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9c:46:83:44:02:cd:90:7c:4e:44:28:71:48:
                    56:97:84:22:23:60:2c:59:6c:84:bc:17:c7:ea:5c:
                    f7:c4:54:68:f5:f4:4e:b2:26:b4:e2:ef:b6:5b:20:
                    31:96:c8:75:9e:09:a1:61:4f:d3:d8:5f:48:90:cf:
                    9f:7a:d6:ba:7c:21:3b:34:5c:ca:5d:28:6f:df:4c:
                    fc:51:88:85:f6:92:37:46:b2:f8:5d:d7:9e:8c:0e:
                    87:3c:65:5b:2b:f8:75:7c:87:95:a0:d2:49:e6:96:
                    1d:23:fc:28:d2:9c:6d:48:e9:46:59:56:57:a1:07:
                    7e:67:ad:30:2e:a0:2c:92:86:4d:5b:84:fe:d1:54:
                    8c:ab:3c:83:11:37:8d:42:50:69:86:3a:6d:37:93:
                    56:ee:74:8c:49:fb:8c:de:09:aa:8d:12:19:a6:61:
                    d2:b0:96:85:7e:f3:77:03:9d:12:61:53:c7:75:e6:
                    aa:5f:e5:50:1b:d8:9e:b8:40:af:9c:23:fc:97:45:
                    f6:76:de:98:c6:5b:fc:bb:a0:ee:4b:df:5b:ec:5b:
                    cc:14:5b:31:23:be:57:ae:6c:f8:fd:33:35:b2:fe:
                    63:a7:d5:64:2c:52:16:1a:34:ac:ae:33:ac:6e:c8:
                    5a:54:07:b4:cd:04:09:30:58:f8:c2:fb:07:d2:39:
                    33:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:9E:57:5A:E4:2F:06:51:BC:4D:7D:99:1B:F6:02:B0:1A:FE:A5:59
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.137.156.0/24
                  88.209.254.0/24
                  92.52.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:20:98:f2:2e:d2:6f:6d:36:60:77:e4:78:07:f1:0f:f2:bf:
         db:2d:ef:70:20:76:28:c9:e3:29:18:89:99:9f:27:ba:2b:6c:
         3d:f3:a2:62:e3:f7:20:f1:82:eb:8d:3d:c2:4b:36:3e:9c:f6:
         8d:ab:67:57:6a:65:1f:a4:5c:d3:dd:dc:e1:a9:e7:90:16:3e:
         b6:d1:29:03:60:58:f5:8e:c4:6a:9f:f5:51:60:30:96:f8:e5:
         4d:31:5d:3e:84:4a:da:98:fb:6b:24:0a:1f:96:d9:5a:67:91:
         25:7b:29:21:28:75:13:33:95:44:d1:4f:0e:fe:90:1d:cd:ac:
         cc:6a:af:2c:a4:ba:6c:a6:62:2e:9d:8e:67:7a:63:88:59:7f:
         53:32:dd:b8:e1:d6:85:cb:b9:d6:1c:f2:c8:f2:b7:e4:02:ed:
         fe:d7:b4:e8:bf:e6:5f:b5:d4:5e:f2:8f:12:34:0b:e4:01:ba:
         21:23:92:ff:ba:6b:eb:6e:8a:72:9f:42:61:f7:60:f1:1f:6d:
         03:2f:cc:9b:a7:12:75:54:fb:51:f4:8c:c6:ca:ba:46:cf:97:
         28:91:13:97:82:7f:2a:a5:49:ca:0f:aa:90:2e:b5:b3:3d:97:
         55:24:41:00:df:ad:4c:85:c6:9f:4b:54:da:e1:86:49:0f:0e:
         13:26:61:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYajCWTDacwOMf781UIdwdJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzAyMTU1NTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDllNTc1YWU0MmYwNjUxYmM0ZDdkOTkxYmY2MDJiMDFhZmVhNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpxGg0QCzZB8TkQocUhWl4QiI2As
WWyEvBfH6lz3xFRo9fROsia04u+2WyAxlsh1ngmhYU/T2F9IkM+feta6fCE7NFzK
XShv30z8UYiF9pI3RrL4XdeejA6HPGVbK/h1fIeVoNJJ5pYdI/wo0pxtSOlGWVZX
oQd+Z60wLqAskoZNW4T+0VSMqzyDETeNQlBphjptN5NW7nSMSfuM3gmqjRIZpmHS
sJaFfvN3A50SYVPHdeaqX+VQG9ieuECvnCP8l0X2dt6Yxlv8u6DuS99b7FvMFFsx
I75Xrmz4/TM1sv5jp9VkLFIWGjSsrjOsbshaVAe0zQQJMFj4wvsH0jkzGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDCeV1rkLwZRvE19mRv2ArAa/qVZMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTUo1WFd1UXZCbEc4VFgyWkdfWUNzQnItcFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU4mcAwQA
WNH+AwQAXDTZMA0GCSqGSIb3DQEBCwUAA4IBAQBEIJjyLtJvbTZgd+R4B/EP8r/b
Le9wIHYoyeMpGImZnye6K2w986Ji4/cg8YLrjT3CSzY+nPaNq2dXamUfpFzT3dzh
qeeQFj620SkDYFj1jsRqn/VRYDCW+OVNMV0+hEramPtrJAofltlaZ5EleykhKHUT
M5VE0U8O/pAdzazMaq8spLpspmIunY5nemOIWX9TMt244daFy7nWHPLI8rfkAu3+
17Tov+ZftdRe8o8SNAvkAbohI5L/umvrbopyn0Jh92DxH20DL8ybpxJ1VPtR9IzG
yrpGz5cokROXgn8qpUnKD6qQLrWzPZdVJEEA361MhcafS1Ta4YZJDw4TJmHk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org