Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/MKT11H45S6y3Ss9qaID3R7uX5fo.roa
File:                     MKT11H45S6y3Ss9qaID3R7uX5fo.roa (raw, json)
Hash identifier:          17hcik7fAko3OD+KOfX+prqx82H9G/9jc3cCN97ODus=
Subject key identifier:   30:A4:F5:D4:7E:39:4B:AC:B7:4A:CF:6A:68:80:F7:47:BB:97:E5:FA
Certificate issuer:       /CN=93b91eefa6d8046d918e364045604952640bc15d
Certificate serial:       01856B00B5A3D6170D0C86A7EBD49E9380EA
Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/MKT11H45S6y3Ss9qaID3R7uX5fo.roa
Signing time:             Sun 01 Jan 2023 01:44:46 +0000
ROA not before:           Sun 01 Jan 2023 01:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208017
IP address blocks:        139.28.158.0/23 maxlen: 23
                          139.28.156.0/24 maxlen: 24
                          139.28.156.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:00:b5:a3:d6:17:0d:0c:86:a7:eb:d4:9e:93:80:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d
        Validity
            Not Before: Jan  1 01:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30a4f5d47e394bacb74acf6a6880f747bb97e5fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:19:91:34:60:b9:48:0a:02:9b:bf:46:fd:ba:
                    3f:61:69:69:26:f7:e5:25:dd:a0:71:61:bc:33:f3:
                    bf:c7:f4:34:51:3d:f0:14:8d:19:c9:3d:70:44:57:
                    59:24:2f:b3:5a:1b:3a:5a:97:bb:26:23:b3:2d:c1:
                    a0:a1:31:5d:3e:d7:27:61:90:d7:e3:8a:13:1d:c5:
                    af:8e:c7:e3:8c:8e:dd:74:8f:ac:f5:a6:6a:d3:73:
                    85:be:23:ea:71:ea:fd:e4:ba:09:0a:d9:a6:b9:d7:
                    b0:63:3b:44:82:d2:33:f3:68:35:2c:1a:93:a1:82:
                    2a:24:b3:cd:41:9a:83:aa:c6:75:48:b6:b4:08:aa:
                    1e:00:6e:86:c2:9e:d3:37:58:59:73:3f:7b:2c:2a:
                    35:56:18:33:29:d7:b2:3f:22:34:4d:d3:61:1f:63:
                    1f:0d:90:b9:f2:c3:2e:33:84:15:bd:65:90:30:db:
                    e0:ce:2c:93:95:bd:e9:9c:05:f7:fe:a8:61:01:8a:
                    ba:c0:ac:49:a7:c8:cd:28:db:41:f9:9b:81:02:5d:
                    4c:6a:3f:bf:68:1d:42:fd:06:3c:8c:13:d0:24:83:
                    6c:59:46:1d:90:76:8f:67:5d:45:b6:28:6c:9f:ad:
                    ac:76:d2:6a:e6:a5:73:46:53:e9:7c:cc:62:f2:cd:
                    88:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:A4:F5:D4:7E:39:4B:AC:B7:4A:CF:6A:68:80:F7:47:BB:97:E5:FA
            X509v3 Authority Key Identifier:
                keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/MKT11H45S6y3Ss9qaID3R7uX5fo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:a7:96:97:b3:2b:3e:b5:20:e0:1a:65:99:9f:87:4a:47:d8:
         2f:d8:fa:4b:7d:a7:ec:05:c6:a3:bc:32:f0:c7:5a:c3:09:60:
         ee:ff:51:03:4f:ab:13:6f:d4:8b:e3:cd:2e:bf:f0:85:a7:e5:
         26:6f:b3:19:7e:a4:48:f3:04:29:ba:2a:fd:c0:a4:25:f0:5a:
         f5:5b:0b:66:46:5d:bd:c7:0c:d2:ba:05:80:6b:1f:e8:18:a2:
         53:73:11:66:eb:b9:48:3a:d4:64:fc:0f:66:62:70:f3:ce:cc:
         1f:d4:c7:8f:e7:f5:c9:84:9d:9b:a5:d6:59:1c:2d:a2:6e:6f:
         f7:ca:18:f9:ba:0b:30:5c:d9:fe:4e:28:4c:c9:fb:09:1b:b7:
         50:61:29:8f:d9:5a:8d:39:2a:98:20:b2:9e:45:25:b2:4f:1f:
         59:da:7f:7b:81:58:2d:bf:24:a2:a8:47:c5:8e:72:69:37:35:
         92:80:51:47:be:fa:6d:be:50:0a:7e:0c:e4:a5:5c:c6:41:14:
         80:1d:eb:01:3f:2e:1b:d9:34:a5:73:02:97:13:35:8b:e0:ec:
         bc:1b:9c:d6:c5:af:d4:a4:98:2b:14:46:63:1e:2b:4d:fd:0f:
         5c:98:36:4c:51:43:68:7d:ab:1a:59:f9:ef:a1:d3:a3:77:8f:
         88:54:8d:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrALWj1hcNDIan69Sek4DqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw
YmMxNWQwHhcNMjMwMTAxMDE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE0ZjVkNDdlMzk0YmFjYjc0YWNmNmE2ODgwZjc0N2JiOTdlNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhmRNGC5SAoCm79G/bo/YWlpJvfl
Jd2gcWG8M/O/x/Q0UT3wFI0ZyT1wRFdZJC+zWhs6Wpe7JiOzLcGgoTFdPtcnYZDX
44oTHcWvjsfjjI7ddI+s9aZq03OFviPqcer95LoJCtmmudewYztEgtIz82g1LBqT
oYIqJLPNQZqDqsZ1SLa0CKoeAG6Gwp7TN1hZcz97LCo1VhgzKdeyPyI0TdNhH2Mf
DZC58sMuM4QVvWWQMNvgziyTlb3pnAX3/qhhAYq6wKxJp8jNKNtB+ZuBAl1Maj+/
aB1C/QY8jBPQJINsWUYdkHaPZ11Ftihsn62sdtJq5qVzRlPpfMxi8s2IOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCk9dR+OUust0rPamiA90e7l+X6MB8GA1UdIwQY
MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt
MzU4NmFhZTEzZGE3LzEvTUtUMTFINDVTNnkzU3M5cWFJRDNSN3VYNWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3
LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixycMA0G
CSqGSIb3DQEBCwUAA4IBAQBXp5aXsys+tSDgGmWZn4dKR9gv2PpLfafsBcajvDLw
x1rDCWDu/1EDT6sTb9SL480uv/CFp+Umb7MZfqRI8wQpuir9wKQl8Fr1WwtmRl29
xwzSugWAax/oGKJTcxFm67lIOtRk/A9mYnDzzswf1MeP5/XJhJ2bpdZZHC2ibm/3
yhj5ugswXNn+TihMyfsJG7dQYSmP2VqNOSqYILKeRSWyTx9Z2n97gVgtvySiqEfF
jnJpNzWSgFFHvvptvlAKfgzkpVzGQRSAHesBPy4b2TSlcwKXEzWL4Oy8G5zWxa/U
pJgrFEZjHitN/Q9cmDZMUUNofasaWfnvodOjd4+IVI14
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:30 2024 by rpki-client on console-ams.rpki-client.org