Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/mRawo-3zDVL7BdsaxSVXTRO3Zbo.roa
File:                     mRawo-3zDVL7BdsaxSVXTRO3Zbo.roa (raw, json)
Hash identifier:          AFk7r3XwE2f/T1nAjSWmG35zWxO64xjsNZdUyPjVpxQ=
Subject key identifier:   99:16:B0:A3:ED:F3:0D:52:FB:05:DB:1A:C5:25:57:4D:13:B7:65:BA
Certificate issuer:       /CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Certificate serial:       0188713F457D62815E0B278B4927115432C4
Authority key identifier: 7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/mRawo-3zDVL7BdsaxSVXTRO3Zbo.roa
Signing time:             Wed 31 May 2023 09:59:11 +0000
ROA not before:           Wed 31 May 2023 09:59:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208830
IP address blocks:        45.82.236.0/22 maxlen: 24
                          2a0e:7580::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:3f:45:7d:62:81:5e:0b:27:8b:49:27:11:54:32:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
        Validity
            Not Before: May 31 09:59:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9916b0a3edf30d52fb05db1ac525574d13b765ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:37:ed:d4:83:72:81:a2:09:c7:43:6e:ae:7a:
                    d0:a6:ec:16:99:0a:77:a2:8a:9f:7d:9a:bf:b1:8e:
                    d6:4b:65:45:fd:38:67:45:73:62:55:aa:ff:99:e8:
                    f8:21:6d:c4:13:b7:4a:f8:57:2f:9b:f8:a1:04:a5:
                    50:74:22:55:70:38:c0:0d:16:72:af:95:e2:21:72:
                    ce:b5:fb:76:52:2d:ab:d7:71:8a:23:95:e8:cc:aa:
                    26:c4:04:33:20:d9:97:0e:6c:97:d2:ce:d1:4b:32:
                    a3:0e:20:b2:98:3f:3f:2e:8c:3d:cf:9e:40:02:32:
                    f9:a5:b4:e2:3d:97:1b:71:ca:60:82:bb:4f:1d:1a:
                    e6:4d:4e:cb:8b:fc:a6:4c:0e:64:2c:a6:84:e0:61:
                    24:ab:6c:b2:45:7b:9b:ae:b9:4e:80:5f:f9:8e:04:
                    b0:34:86:45:a3:b5:99:6c:f8:34:c9:de:e5:95:46:
                    ca:8c:52:3c:10:19:bb:ac:9b:04:be:bd:80:64:dd:
                    25:0a:83:82:47:24:88:c6:29:90:3e:37:f2:b4:89:
                    7f:c8:c1:53:d0:f7:7c:e8:a9:67:88:38:88:62:02:
                    bc:eb:3a:32:c4:77:e6:41:60:4c:c9:46:c8:46:8d:
                    a6:40:d4:e9:f2:74:b0:ea:d4:64:1a:58:2d:5b:8a:
                    32:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:16:B0:A3:ED:F3:0D:52:FB:05:DB:1A:C5:25:57:4D:13:B7:65:BA
            X509v3 Authority Key Identifier:
                keyid:7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/mRawo-3zDVL7BdsaxSVXTRO3Zbo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/e6K-mEOLmO5ooNG4xBRFIL0KYj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.236.0/22
                IPv6:
                  2a0e:7580::/29

    Signature Algorithm: sha256WithRSAEncryption
         65:7e:4c:18:d8:d2:44:4d:e0:23:fe:a6:de:1c:f6:bb:c4:b3:
         9c:85:9a:e7:9b:01:78:c9:e0:7c:88:6a:13:a8:97:26:2b:59:
         3a:01:60:dc:4c:63:b1:8e:20:ca:c4:c6:ab:ba:d9:4c:40:c7:
         9c:1a:03:df:74:9e:e3:9b:30:e6:e4:14:2f:07:59:f5:65:a9:
         66:a5:e7:48:01:0f:93:f6:db:9e:33:d7:84:2b:ce:e5:09:59:
         5b:0c:b9:1c:9a:91:13:c8:40:93:73:ad:c6:2f:a0:c9:52:1b:
         85:20:b8:7e:ef:e6:10:f1:06:75:47:b6:e6:fa:e1:ae:9a:46:
         68:a3:0f:f4:86:15:f8:58:20:d8:02:d2:9b:ab:ad:27:22:1a:
         7c:71:28:5c:1c:f3:d1:e6:b1:69:91:31:e7:c3:0e:bc:f3:4f:
         08:9f:8d:57:5f:f5:f5:d6:b7:a1:77:ba:12:68:92:67:15:9e:
         55:9e:fa:ac:e5:b3:27:6e:15:53:58:b1:ed:5c:2b:b5:4e:1c:
         ec:84:4f:57:1e:95:eb:e6:49:50:bd:c5:b9:8e:64:36:9d:98:
         a8:95:7e:74:d2:73:aa:d6:8a:86:2e:8d:ff:b8:6f:91:45:90:
         e7:da:dc:38:db:8e:66:86:a3:84:55:79:1a:0e:c9:0b:5a:b9:
         a4:4e:c8:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhxP0V9YoFeCyeLSScRVDLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTJiZTk4NDM4Yjk4ZWU2OGEwZDFiOGM0MTQ0NTIwYmQw
YTYyM2QwHhcNMjMwNTMxMDk1OTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE2YjBhM2VkZjMwZDUyZmIwNWRiMWFjNTI1NTc0ZDEzYjc2NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzft1INygaIJx0NurnrQpuwWmQp3
ooqffZq/sY7WS2VF/ThnRXNiVar/mej4IW3EE7dK+Fcvm/ihBKVQdCJVcDjADRZy
r5XiIXLOtft2Ui2r13GKI5XozKomxAQzINmXDmyX0s7RSzKjDiCymD8/Low9z55A
AjL5pbTiPZcbccpggrtPHRrmTU7Li/ymTA5kLKaE4GEkq2yyRXubrrlOgF/5jgSw
NIZFo7WZbPg0yd7llUbKjFI8EBm7rJsEvr2AZN0lCoOCRySIximQPjfytIl/yMFT
0Pd86KlniDiIYgK86zoyxHfmQWBMyUbIRo2mQNTp8nSw6tRkGlgtW4oyHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJkWsKPt8w1S+wXbGsUlV00Tt2W6MB8GA1UdIwQY
MBaAFHuivphDi5juaKDRuMQURSC9CmI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYt
NDkzNWIzZjVjMjA5LzEvbVJhd28tM3pEVkw3QmRzYXhTVlhUUk8zWmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYtNDkzNWIzZjVjMjA5
LzEvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVLsMA0E
AgACMAcDBQMqDnWAMA0GCSqGSIb3DQEBCwUAA4IBAQBlfkwY2NJETeAj/qbeHPa7
xLOchZrnmwF4yeB8iGoTqJcmK1k6AWDcTGOxjiDKxMarutlMQMecGgPfdJ7jmzDm
5BQvB1n1ZalmpedIAQ+T9tueM9eEK87lCVlbDLkcmpETyECTc63GL6DJUhuFILh+
7+YQ8QZ1R7bm+uGumkZoow/0hhX4WCDYAtKbq60nIhp8cShcHPPR5rFpkTHnww68
808In41XX/X11rehd7oSaJJnFZ5Vnvqs5bMnbhVTWLHtXCu1ThzshE9XHpXr5klQ
vcW5jmQ2nZiolX500nOq1oqGLo3/uG+RRZDn2tw4245mhqOEVXkaDskLWrmkTsiZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:26 2024 by rpki-client on console-fra.rpki-client.org