Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/MBjLZZ7Og71LvSzNN43ILXgHp64.roa
File:                     MBjLZZ7Og71LvSzNN43ILXgHp64.roa (raw, json)
Hash identifier:          FitE7SRNLrFhYsE7vF1qOrlfJq9nZhnUG1oVwp7oG1k=
Subject key identifier:   30:18:CB:65:9E:CE:83:BD:4B:BD:2C:CD:37:8D:C8:2D:78:07:A7:AE
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       0187F58FA8820C783255B7AD9C31F7ADD0E1
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/MBjLZZ7Og71LvSzNN43ILXgHp64.roa
Signing time:             Sun 07 May 2023 09:34:05 +0000
ROA not before:           Sun 07 May 2023 09:34:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        91.240.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 May 2023 12:47:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f5:8f:a8:82:0c:78:32:55:b7:ad:9c:31:f7:ad:d0:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: May  7 09:34:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3018cb659ece83bd4bbd2ccd378dc82d7807a7ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:3a:ec:d1:fb:b9:e6:89:0f:c8:ef:72:c1:3d:
                    5d:fb:9f:70:23:0f:e2:6d:81:47:9d:27:20:e4:ad:
                    54:79:5d:d3:d0:ce:73:aa:cf:66:db:52:56:b2:5e:
                    a2:8e:e8:d5:bf:97:2b:20:94:27:39:50:08:fd:6b:
                    c7:a2:d9:11:19:80:56:3b:c3:59:7d:86:b9:ab:43:
                    9a:22:6d:13:22:da:aa:26:53:16:60:4d:7a:ee:b7:
                    3b:bf:5d:21:de:cf:ce:a6:d6:a6:04:05:ff:1c:21:
                    d1:48:9a:32:f6:f4:8d:d4:65:dd:74:ab:fb:af:67:
                    0a:12:10:16:1d:82:9d:31:15:d7:25:4b:7d:32:0d:
                    41:58:33:68:d0:c4:2a:40:38:9d:73:e5:20:91:8b:
                    79:de:ef:d6:d0:28:51:65:b1:7b:1e:27:64:30:5a:
                    38:f3:8c:57:fa:0f:b1:65:bc:c0:49:13:d8:ad:3b:
                    dd:34:f0:80:dc:ad:39:3d:05:77:87:42:ba:6c:cd:
                    61:5f:64:b4:bb:d5:91:75:ed:a9:15:32:da:9b:9c:
                    c9:f3:bc:99:ab:05:62:be:76:e6:78:7f:28:e2:31:
                    60:6c:86:3d:6b:aa:cc:29:c8:44:96:aa:1a:cf:63:
                    ca:a3:b8:fa:9c:65:46:26:a8:8f:c5:0b:aa:11:e2:
                    12:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:18:CB:65:9E:CE:83:BD:4B:BD:2C:CD:37:8D:C8:2D:78:07:A7:AE
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/MBjLZZ7Og71LvSzNN43ILXgHp64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:86:d0:56:20:ed:7b:d5:81:d6:5b:4b:3a:fb:dc:05:22:c1:
         b3:6e:05:6b:91:14:00:4d:d7:bf:37:60:7a:57:31:d2:48:b1:
         0a:05:72:5a:b9:44:72:b3:40:71:0d:7c:86:77:60:4a:ae:3e:
         1b:ff:c8:fa:39:68:7b:10:75:8d:c8:96:ca:19:fa:b8:3b:12:
         72:ba:fc:79:49:a3:f3:b8:73:9b:30:9d:78:ea:40:3c:2e:9e:
         ef:53:b3:37:6a:35:8c:86:34:ae:72:bb:ef:8b:f2:63:ed:48:
         04:d2:48:5d:63:af:03:73:ca:e2:c2:f9:e6:03:0e:88:f8:61:
         51:ce:10:92:b0:0a:1d:40:b7:0e:d3:52:01:6d:29:d8:c2:31:
         34:c8:a2:17:99:3d:75:60:7e:c5:74:ca:c7:d5:6a:b4:61:af:
         08:8f:11:9f:48:76:6f:b9:f5:5e:f7:fb:5d:29:e3:c9:22:80:
         1c:8e:36:e2:38:56:4f:ea:95:d9:e4:44:ed:41:05:28:10:c8:
         83:2c:6b:6f:00:c4:7e:46:b6:39:29:84:27:63:5b:ce:66:93:
         24:c4:dc:cd:3f:bc:3a:5d:e9:74:5c:1f:59:7a:79:f6:22:b9:
         0a:98:a8:70:b9:cd:83:21:52:03:1a:07:6f:79:f1:4c:29:df:
         0f:9a:b1:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf1j6iCDHgyVbetnDH3rdDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwNTA3MDkzNDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE4Y2I2NTllY2U4M2JkNGJiZDJjY2QzNzhkYzgyZDc4MDdhN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzrs0fu55okPyO9ywT1d+59wIw/i
bYFHnScg5K1UeV3T0M5zqs9m21JWsl6ijujVv5crIJQnOVAI/WvHotkRGYBWO8NZ
fYa5q0OaIm0TItqqJlMWYE167rc7v10h3s/OptamBAX/HCHRSJoy9vSN1GXddKv7
r2cKEhAWHYKdMRXXJUt9Mg1BWDNo0MQqQDidc+UgkYt53u/W0ChRZbF7HidkMFo4
84xX+g+xZbzASRPYrTvdNPCA3K05PQV3h0K6bM1hX2S0u9WRde2pFTLam5zJ87yZ
qwVivnbmeH8o4jFgbIY9a6rMKchElqoaz2PKo7j6nGVGJqiPxQuqEeISCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAYy2WezoO9S70szTeNyC14B6euMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvTUJqTFpaN09nNzFMdlN6Tk40M0lMWGdIcDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DzMA0G
CSqGSIb3DQEBCwUAA4IBAQAbhtBWIO171YHWW0s6+9wFIsGzbgVrkRQATde/N2B6
VzHSSLEKBXJauURys0BxDXyGd2BKrj4b/8j6OWh7EHWNyJbKGfq4OxJyuvx5SaPz
uHObMJ146kA8Lp7vU7M3ajWMhjSucrvvi/Jj7UgE0khdY68Dc8riwvnmAw6I+GFR
zhCSsAodQLcO01IBbSnYwjE0yKIXmT11YH7FdMrH1Wq0Ya8IjxGfSHZvufVe9/td
KePJIoAcjjbiOFZP6pXZ5ETtQQUoEMiDLGtvAMR+RrY5KYQnY1vOZpMkxNzNP7w6
Xel0XB9Zenn2IrkKmKhwuc2DIVIDGgdvefFMKd8PmrEq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org