Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/MLBa17QbD7gWpAm5GCeGaCJp6Lc.roa
File:                     MLBa17QbD7gWpAm5GCeGaCJp6Lc.roa (raw, json)
Hash identifier:          njvzv+zxW2xwKOXx56hXH4PFBFq4UPI6omcNjG9qg90=
Subject key identifier:   30:B0:5A:D7:B4:1B:0F:B8:16:A4:09:B9:18:27:86:68:22:69:E8:B7
Certificate issuer:       /CN=53cbd1477044a03404c7fc43961c2c83bba75bbc
Certificate serial:       01856C65D3E80E9BC0558CF0FFC3A13C90E1
Authority key identifier: 53:CB:D1:47:70:44:A0:34:04:C7:FC:43:96:1C:2C:83:BB:A7:5B:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U8vRR3BEoDQEx_xDlhwsg7unW7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/MLBa17QbD7gWpAm5GCeGaCJp6Lc.roa
Signing time:             Sun 01 Jan 2023 08:14:50 +0000
ROA not before:           Sun 01 Jan 2023 08:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        195.88.162.0/23 maxlen: 23
                          91.211.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:65:d3:e8:0e:9b:c0:55:8c:f0:ff:c3:a1:3c:90:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53cbd1477044a03404c7fc43961c2c83bba75bbc
        Validity
            Not Before: Jan  1 08:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30b05ad7b41b0fb816a409b9182786682269e8b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:13:ba:1d:fe:c9:0a:c4:33:e1:1a:cb:62:a9:
                    4e:71:a3:94:72:de:e5:c9:6c:f0:bf:d1:c5:73:f0:
                    35:73:d2:07:bc:08:59:a2:e2:a7:12:c6:5e:e2:71:
                    b7:55:3b:62:98:8f:ea:89:70:7c:43:95:8b:6d:0f:
                    86:37:fc:7c:a0:63:a8:6d:e4:c7:7c:ec:d5:83:db:
                    28:37:4e:5e:91:e1:aa:b7:dc:92:eb:c3:71:59:58:
                    03:b9:bd:68:72:11:4a:d2:38:cc:d7:5b:3d:b1:c2:
                    b7:61:68:1f:c1:98:6c:c6:00:4b:10:6b:d9:02:2a:
                    1d:62:12:42:c9:9c:c5:b3:a9:92:aa:ae:55:f5:aa:
                    52:db:36:5c:68:61:8c:e1:cc:bf:bf:5a:ce:e3:54:
                    c9:51:0d:92:49:87:97:30:cb:6c:fb:d0:3f:23:4e:
                    b3:4c:a3:5b:1d:51:56:50:ac:67:de:ca:4b:1d:50:
                    fc:14:12:f3:9d:ac:55:ae:32:38:8b:29:d7:88:ba:
                    47:6e:d1:db:94:74:bf:79:a1:10:7a:5a:13:94:32:
                    1e:99:f7:e4:5d:42:e7:ad:10:ea:ce:e4:63:94:7c:
                    1e:54:4a:93:eb:b7:02:14:27:3d:01:5a:e5:b5:79:
                    d3:a5:0e:7c:51:be:98:c2:4d:60:7f:75:b4:da:6a:
                    c7:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:B0:5A:D7:B4:1B:0F:B8:16:A4:09:B9:18:27:86:68:22:69:E8:B7
            X509v3 Authority Key Identifier:
                keyid:53:CB:D1:47:70:44:A0:34:04:C7:FC:43:96:1C:2C:83:BB:A7:5B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8vRR3BEoDQEx_xDlhwsg7unW7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/MLBa17QbD7gWpAm5GCeGaCJp6Lc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/U8vRR3BEoDQEx_xDlhwsg7unW7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.211.25.0/24
                  195.88.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         aa:54:ac:66:5b:dd:87:2f:fd:74:01:a5:b1:88:54:c1:72:67:
         cc:13:b9:6f:07:a3:00:98:63:d8:99:32:96:ff:4f:11:bd:fd:
         ca:33:2f:18:a0:e2:55:17:42:d3:c4:78:3e:7b:1f:29:ae:57:
         3f:71:7a:59:e3:9c:2f:4c:09:f1:f0:33:42:9b:71:b8:38:95:
         91:90:17:69:3b:ec:10:31:85:f2:52:8d:23:1b:ce:97:8f:1a:
         7a:c5:d5:3a:79:e6:65:26:43:a4:cd:10:fe:d2:a1:02:75:22:
         00:e5:d8:76:be:bc:e8:66:75:12:3c:76:02:a7:38:35:e0:fa:
         b9:7b:ed:00:dc:5b:58:4e:b3:68:ab:c2:ab:ea:28:30:64:1f:
         b0:a7:d7:5b:97:2e:12:d7:8c:ec:16:b0:08:76:cb:3d:07:03:
         07:eb:79:50:7a:c2:75:18:67:71:7d:87:3b:67:6e:76:b4:05:
         b3:68:ec:2a:c7:e6:9f:e2:18:bb:9a:22:6b:ca:04:d3:3b:f6:
         48:00:b2:f6:ff:0d:76:e0:2e:50:e5:84:cf:bf:3b:1c:40:6f:
         47:d9:96:58:30:13:e7:e8:14:50:b4:02:47:f0:c7:2d:7f:df:
         5c:a5:49:5f:bb:f8:19:a8:47:67:cd:d5:5a:48:4f:16:e7:a4:
         62:41:db:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZdPoDpvAVYzw/8OhPJDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzY2JkMTQ3NzA0NGEwMzQwNGM3ZmM0Mzk2MWMyYzgzYmJh
NzViYmMwHhcNMjMwMTAxMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGIwNWFkN2I0MWIwZmI4MTZhNDA5YjkxODI3ODY2ODIyNjllOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hO6Hf7JCsQz4RrLYqlOcaOUct7l
yWzwv9HFc/A1c9IHvAhZouKnEsZe4nG3VTtimI/qiXB8Q5WLbQ+GN/x8oGOobeTH
fOzVg9soN05ekeGqt9yS68NxWVgDub1ochFK0jjM11s9scK3YWgfwZhsxgBLEGvZ
AiodYhJCyZzFs6mSqq5V9apS2zZcaGGM4cy/v1rO41TJUQ2SSYeXMMts+9A/I06z
TKNbHVFWUKxn3spLHVD8FBLznaxVrjI4iynXiLpHbtHblHS/eaEQeloTlDIemffk
XULnrRDqzuRjlHweVEqT67cCFCc9AVrltXnTpQ58Ub6Ywk1gf3W02mrHUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDCwWte0Gw+4FqQJuRgnhmgiaei3MB8GA1UdIwQY
MBaAFFPL0UdwRKA0BMf8Q5YcLIO7p1u8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTh2UlIzQkVvRFFFeF94RGxod3NnN3VuVzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kY2U0NGEtNGE5MC00M2VhLWIxZmIt
YTJkMTE2NTYwYWNhLzEvTUxCYTE3UWJEN2dXcEFtNUdDZUdhQ0pwNkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kY2U0NGEtNGE5MC00M2VhLWIxZmItYTJkMTE2NTYwYWNh
LzEvVTh2UlIzQkVvRFFFeF94RGxod3NnN3VuVzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9MZAwQB
w1iiMA0GCSqGSIb3DQEBCwUAA4IBAQCqVKxmW92HL/10AaWxiFTBcmfME7lvB6MA
mGPYmTKW/08Rvf3KMy8YoOJVF0LTxHg+ex8prlc/cXpZ45wvTAnx8DNCm3G4OJWR
kBdpO+wQMYXyUo0jG86Xjxp6xdU6eeZlJkOkzRD+0qECdSIA5dh2vrzoZnUSPHYC
pzg14Pq5e+0A3FtYTrNoq8Kr6igwZB+wp9dbly4S14zsFrAIdss9BwMH63lQesJ1
GGdxfYc7Z252tAWzaOwqx+af4hi7miJrygTTO/ZIALL2/w124C5Q5YTPvzscQG9H
2ZZYMBPn6BRQtAJH8Mctf99cpUlfu/gZqEdnzdVaSE8W56RiQdv9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:52 2024 by rpki-client on console-ams.rpki-client.org