Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/MZNKJysIsYXSjUEdM55W91Td8Dc.roa
File:                     MZNKJysIsYXSjUEdM55W91Td8Dc.roa (raw, json)
Hash identifier:          yI0W0b6Jqem05e+BiTQxTfXnuTsyGoTjnPSshBWGIsc=
Subject key identifier:   31:93:4A:27:2B:08:B1:85:D2:8D:41:1D:33:9E:56:F7:54:DD:F0:37
Certificate issuer:       /CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Certificate serial:       01856D53DD18A371B917638C73B94EEF2250
Authority key identifier: CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/MZNKJysIsYXSjUEdM55W91Td8Dc.roa
Signing time:             Sun 01 Jan 2023 12:34:50 +0000
ROA not before:           Sun 01 Jan 2023 12:34:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        45.56.224.0/21 maxlen: 21
                          45.56.236.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:dd:18:a3:71:b9:17:63:8c:73:b9:4e:ef:22:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
        Validity
            Not Before: Jan  1 12:34:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=31934a272b08b185d28d411d339e56f754ddf037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:29:ad:cb:3c:bf:2d:97:68:52:82:60:0a:03:
                    09:7c:1f:20:ec:06:b2:7e:e7:8e:4f:a6:26:fa:35:
                    44:83:16:43:22:f2:06:5a:72:38:43:f1:c0:53:a3:
                    88:d3:66:e4:75:98:21:bf:cd:fb:6f:8d:3d:41:61:
                    9e:12:51:10:c4:b2:d0:2f:57:4e:ed:b6:f0:58:35:
                    3d:d1:d0:42:6a:90:2f:13:8d:24:bd:61:cc:1e:39:
                    00:ea:ba:2a:5f:b1:3d:cf:46:03:55:f3:ef:d5:fa:
                    2d:48:0f:6c:d9:5c:0f:c8:c5:6e:35:fa:a2:e8:3c:
                    41:ea:12:83:fe:43:16:75:7a:85:06:e5:1d:3d:10:
                    5c:a3:9e:c2:b1:63:4d:36:8a:e7:f7:8b:5c:25:33:
                    77:4d:79:94:c1:ea:dd:17:30:75:2f:c0:e3:03:73:
                    59:fe:da:3b:a0:54:4c:98:4c:64:60:a8:66:f0:73:
                    f1:da:52:75:2a:ee:73:99:2d:94:49:da:a4:84:8f:
                    f4:25:48:88:f0:b1:a7:18:c3:54:d4:05:13:3f:6e:
                    00:88:2f:6e:cd:a6:de:f9:c8:00:14:87:79:99:18:
                    5b:f3:0a:9f:e5:0e:40:aa:70:09:a1:0e:4b:51:a2:
                    27:e7:64:14:25:52:c7:33:bc:57:7f:71:ec:0f:89:
                    66:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:93:4A:27:2B:08:B1:85:D2:8D:41:1D:33:9E:56:F7:54:DD:F0:37
            X509v3 Authority Key Identifier:
                keyid:CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/MZNKJysIsYXSjUEdM55W91Td8Dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.56.224.0/21
                  45.56.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:10:44:68:75:3a:30:69:f4:15:b2:dd:ed:16:07:07:ae:e3:
         8c:4f:ff:2f:1f:63:eb:16:5d:b4:30:25:fa:c9:79:d0:6c:b2:
         41:be:dc:a2:bc:b5:f8:87:4b:2b:7d:39:94:7c:a8:1c:ad:a3:
         ee:96:93:1b:4f:35:a4:f0:9c:7d:ea:ed:32:60:6c:6f:27:e3:
         e2:4f:32:89:83:65:7b:ff:e3:75:c5:40:35:a3:e8:b5:4f:61:
         01:ea:e1:50:c8:91:e2:36:57:87:45:4c:0e:ae:7b:33:d7:c2:
         07:96:7a:85:bc:d3:a7:b5:f0:e5:8f:6e:3d:ab:93:b0:07:d8:
         1a:16:fb:71:3c:95:3f:7c:0f:30:b9:8b:4c:7d:be:35:8c:ec:
         52:ff:01:9c:7f:4a:f9:9e:3e:68:ae:2a:e9:27:ad:f8:fb:a6:
         34:67:44:ac:87:f6:57:83:68:4b:66:c1:1b:22:5f:d1:6e:18:
         09:62:50:cd:0e:66:9e:42:c0:fd:a9:85:51:88:f0:df:10:1f:
         df:f5:9e:92:6f:38:63:52:52:66:f1:bf:67:48:83:f6:44:dd:
         2e:38:df:e6:60:1a:66:28:be:dc:ef:d4:3e:e7:9e:36:e4:ce:
         95:fa:2c:a4:32:ba:5d:6d:60:df:5f:50:ef:d3:e0:10:09:59:
         9b:d0:2a:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU90Yo3G5F2OMc7lO7yJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzIxNjQxYmRiY2ZhYzI0YzU0YjZhNDg1OTQ4M2M1ZTQx
NjQwYjYwHhcNMjMwMTAxMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTkzNGEyNzJiMDhiMTg1ZDI4ZDQxMWQzMzllNTZmNzU0ZGRmMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSmtyzy/LZdoUoJgCgMJfB8g7Aay
fueOT6Ym+jVEgxZDIvIGWnI4Q/HAU6OI02bkdZghv837b409QWGeElEQxLLQL1dO
7bbwWDU90dBCapAvE40kvWHMHjkA6roqX7E9z0YDVfPv1fotSA9s2VwPyMVuNfqi
6DxB6hKD/kMWdXqFBuUdPRBco57CsWNNNorn94tcJTN3TXmUwerdFzB1L8DjA3NZ
/to7oFRMmExkYKhm8HPx2lJ1Ku5zmS2USdqkhI/0JUiI8LGnGMNU1AUTP24AiC9u
zabe+cgAFId5mRhb8wqf5Q5AqnAJoQ5LUaIn52QUJVLHM7xXf3HsD4lmqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDGTSicrCLGF0o1BHTOeVvdU3fA3MB8GA1UdIwQY
MBaAFMrCFkG9vPrCTFS2pIWUg8XkFkC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUt
OGFiZjVlZTZjNGFkLzEvTVpOS0p5c0lzWVhTalVFZE01NVc5MVRkOERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUtOGFiZjVlZTZjNGFk
LzEveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLTjgAwQB
LTjsMA0GCSqGSIb3DQEBCwUAA4IBAQB5EERodTowafQVst3tFgcHruOMT/8vH2Pr
Fl20MCX6yXnQbLJBvtyivLX4h0srfTmUfKgcraPulpMbTzWk8Jx96u0yYGxvJ+Pi
TzKJg2V7/+N1xUA1o+i1T2EB6uFQyJHiNleHRUwOrnsz18IHlnqFvNOntfDlj249
q5OwB9gaFvtxPJU/fA8wuYtMfb41jOxS/wGcf0r5nj5orirpJ634+6Y0Z0Ssh/ZX
g2hLZsEbIl/RbhgJYlDNDmaeQsD9qYVRiPDfEB/f9Z6SbzhjUlJm8b9nSIP2RN0u
ON/mYBpmKL7c79Q+55425M6V+iykMrpdbWDfX1Dv0+AQCVmb0CrF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:29 2024 by rpki-client on console-fra.rpki-client.org