Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/MbnyGT9yvBQFRC01Kr2MmgffU1A.roa
File:                     MbnyGT9yvBQFRC01Kr2MmgffU1A.roa (raw, json)
Hash identifier:          6+j6ER3OQN5EjXPSr4kyxRBBKUZy8KuifDRioPghv4k=
Subject key identifier:   31:B9:F2:19:3F:72:BC:14:05:44:2D:35:2A:BD:8C:9A:07:DF:53:50
Certificate issuer:       /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial:       01856E666D6F46871A72A7B81586ECC11FC5
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/MbnyGT9yvBQFRC01Kr2MmgffU1A.roa
Signing time:             Sun 01 Jan 2023 17:34:44 +0000
ROA not before:           Sun 01 Jan 2023 17:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50327
IP address blocks:        185.60.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:6d:6f:46:87:1a:72:a7:b8:15:86:ec:c1:1f:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
        Validity
            Not Before: Jan  1 17:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=31b9f2193f72bc1405442d352abd8c9a07df5350
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3f:e9:df:5b:58:ae:28:cb:e0:80:92:01:67:
                    6e:34:32:1b:83:bb:31:99:14:ac:0e:8e:6b:71:3e:
                    22:dd:4f:50:9d:8f:4a:5a:4b:78:7a:f4:13:c9:a8:
                    0c:de:60:4c:d0:62:f4:a1:8e:dc:1e:9e:d3:00:43:
                    1a:fd:e9:b2:71:f2:04:bd:6b:ef:e4:80:ee:9d:11:
                    64:3f:76:04:29:83:08:e9:66:29:b7:cc:23:de:75:
                    b8:e7:a2:ea:e8:1c:f4:0e:a4:6c:81:2d:5c:be:fe:
                    51:22:60:22:08:1a:52:11:1e:a2:fe:e3:b7:df:cc:
                    a8:d6:06:18:69:93:85:67:17:4d:00:23:c2:d6:0b:
                    36:d9:db:51:66:25:2a:2c:af:f1:84:34:28:0d:cb:
                    e8:59:68:96:10:d9:b0:98:66:57:be:5d:89:33:d5:
                    2a:f2:05:c0:39:d4:9b:84:66:bf:dc:38:9a:6c:4c:
                    26:e0:f4:cc:26:6f:00:20:6b:5c:9c:db:ac:d4:fc:
                    b5:f9:18:de:43:57:ed:19:f5:9e:3b:6b:4f:68:0c:
                    92:64:c3:7b:8c:43:7e:6a:74:fa:87:aa:d4:4a:29:
                    30:88:fa:0e:1b:e8:bf:ea:b8:e2:3b:c5:2e:2a:5d:
                    12:4b:85:aa:aa:00:90:ee:3a:f4:c0:a7:1d:a3:e9:
                    77:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B9:F2:19:3F:72:BC:14:05:44:2D:35:2A:BD:8C:9A:07:DF:53:50
            X509v3 Authority Key Identifier:
                keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/MbnyGT9yvBQFRC01Kr2MmgffU1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.60.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:45:bd:21:bc:19:17:98:02:74:27:06:2a:53:0d:76:c3:5f:
         96:12:97:b0:75:ea:7b:2d:ae:db:79:8c:1b:9b:a0:f8:84:25:
         85:c6:23:22:f6:71:36:d9:bb:6a:b1:52:09:63:72:14:75:46:
         0f:a2:85:84:1d:54:28:38:d8:f8:46:af:55:92:b7:0a:45:2a:
         d1:cd:48:b8:3a:40:37:91:11:95:c2:78:7c:60:e8:1a:1e:ea:
         32:c8:6b:11:ad:03:7d:a0:ec:0a:88:93:6a:fe:c9:0b:a6:7e:
         09:d4:50:03:87:93:9f:59:b1:02:e5:fb:03:b7:f4:e0:3f:98:
         ee:8c:d9:9e:fe:1d:fb:b9:8f:06:2b:b6:5e:db:02:fb:db:4d:
         75:4f:77:b0:82:43:2a:b9:0f:83:2c:e7:c6:f4:00:70:7e:6e:
         c1:65:93:fd:e0:70:13:0e:14:57:9f:1b:ed:63:13:8e:1f:41:
         f5:fb:b8:da:59:e5:34:0c:9c:10:73:0a:ec:7d:ad:59:9a:e5:
         8d:30:f6:71:62:50:d6:a2:b6:ab:f7:c4:60:b8:dd:fe:4e:d3:
         f2:5c:de:2e:e5:de:91:29:8f:27:c9:6b:cc:6e:70:f1:5f:3a:
         02:64:0d:fe:c9:4d:eb:2e:c6:33:f2:c5:e0:b1:08:8f:de:ec:
         72:2d:3e:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZm1vRocacqe4FYbswR/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjMwMTAxMTczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI5ZjIxOTNmNzJiYzE0MDU0NDJkMzUyYWJkOGM5YTA3ZGY1MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD/p31tYrijL4ICSAWduNDIbg7sx
mRSsDo5rcT4i3U9QnY9KWkt4evQTyagM3mBM0GL0oY7cHp7TAEMa/emycfIEvWvv
5IDunRFkP3YEKYMI6WYpt8wj3nW456Lq6Bz0DqRsgS1cvv5RImAiCBpSER6i/uO3
38yo1gYYaZOFZxdNACPC1gs22dtRZiUqLK/xhDQoDcvoWWiWENmwmGZXvl2JM9Uq
8gXAOdSbhGa/3DiabEwm4PTMJm8AIGtcnNus1Py1+RjeQ1ftGfWeO2tPaAySZMN7
jEN+anT6h6rUSikwiPoOG+i/6rjiO8UuKl0SS4WqqgCQ7jr0wKcdo+l3GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDG58hk/crwUBUQtNSq9jJoH31NQMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvTWJueUdUOXl2QlFGUkMwMUtyMk1tZ2ZmVTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTw0MA0G
CSqGSIb3DQEBCwUAA4IBAQAkRb0hvBkXmAJ0JwYqUw12w1+WEpewdep7La7beYwb
m6D4hCWFxiMi9nE22btqsVIJY3IUdUYPooWEHVQoONj4Rq9VkrcKRSrRzUi4OkA3
kRGVwnh8YOgaHuoyyGsRrQN9oOwKiJNq/skLpn4J1FADh5OfWbEC5fsDt/TgP5ju
jNme/h37uY8GK7Ze2wL72011T3ewgkMquQ+DLOfG9ABwfm7BZZP94HATDhRXnxvt
YxOOH0H1+7jaWeU0DJwQcwrsfa1ZmuWNMPZxYlDWorar98RguN3+TtPyXN4u5d6R
KY8nyWvMbnDxXzoCZA3+yU3rLsYz8sXgsQiP3uxyLT4d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:22 2024 by rpki-client on console-fra.rpki-client.org