Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/MAmnnSSiztZPWfFAnHNmVd11hOI.roa
File:                     MAmnnSSiztZPWfFAnHNmVd11hOI.roa (raw, json)
Hash identifier:          Obi3CU+FQmpTBxPCp+SjPYo+PUa73Ee9/k1Soa8diig=
Subject key identifier:   30:09:A7:9D:24:A2:CE:D6:4F:59:F1:40:9C:73:66:55:DD:75:84:E2
Certificate issuer:       /CN=7bc09998ce39cfdca66ecfd8dd3ac38644d3c8a6
Certificate serial:       018571278341D51DF4E96398F95FFD2285C7
Authority key identifier: 7B:C0:99:98:CE:39:CF:DC:A6:6E:CF:D8:DD:3A:C3:86:44:D3:C8:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e8CZmM45z9ymbs_Y3TrDhkTTyKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/MAmnnSSiztZPWfFAnHNmVd11hOI.roa
Signing time:             Mon 02 Jan 2023 06:24:52 +0000
ROA not before:           Mon 02 Jan 2023 06:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50599
IP address blocks:        185.200.44.0/22 maxlen: 22
                          2a0a:aac0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:83:41:d5:1d:f4:e9:63:98:f9:5f:fd:22:85:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bc09998ce39cfdca66ecfd8dd3ac38644d3c8a6
        Validity
            Not Before: Jan  2 06:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3009a79d24a2ced64f59f1409c736655dd7584e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ee:4c:fa:11:97:6c:df:df:f1:6f:05:8d:2b:
                    5c:59:1f:1d:6a:6c:36:bc:f3:4d:f7:0b:0e:fd:7d:
                    2f:96:7c:54:96:f0:97:ac:b4:56:01:89:e1:22:77:
                    e4:e4:e8:7c:bd:da:67:14:50:22:2b:e7:5a:aa:cb:
                    13:14:f3:b7:be:a2:fd:27:82:e8:cf:c1:20:1f:45:
                    10:ea:61:76:c4:eb:15:8f:76:36:0e:b7:9d:d7:ea:
                    51:8a:e4:fd:4f:ea:ac:7d:d3:c1:69:ab:a1:42:ed:
                    00:b4:09:04:2f:ba:6e:0c:27:a5:1a:64:6b:35:c9:
                    a2:8a:c5:7f:73:09:d6:d1:c7:f5:17:b2:3c:14:4a:
                    cb:2d:76:14:c4:08:55:3c:a1:59:f2:52:64:7b:46:
                    0b:b7:1e:e6:35:cb:91:19:2b:7e:a2:22:51:f5:fc:
                    3d:e5:47:03:2d:dc:be:1d:6b:db:0b:06:a0:4e:e8:
                    b7:6a:04:51:6f:47:52:7b:6d:77:58:aa:ea:06:c7:
                    d0:09:04:bf:49:b0:11:90:02:e2:ae:ca:85:b5:75:
                    84:85:81:6f:26:ef:b3:9a:fb:d4:6c:58:1e:ba:03:
                    3d:df:5c:fc:58:aa:1f:a0:cb:2e:77:49:03:37:71:
                    b5:d6:f8:08:71:8f:fa:99:d8:c1:ab:c9:53:21:85:
                    fe:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:09:A7:9D:24:A2:CE:D6:4F:59:F1:40:9C:73:66:55:DD:75:84:E2
            X509v3 Authority Key Identifier:
                keyid:7B:C0:99:98:CE:39:CF:DC:A6:6E:CF:D8:DD:3A:C3:86:44:D3:C8:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8CZmM45z9ymbs_Y3TrDhkTTyKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/MAmnnSSiztZPWfFAnHNmVd11hOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/e8CZmM45z9ymbs_Y3TrDhkTTyKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.200.44.0/22
                IPv6:
                  2a0a:aac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:b9:67:07:df:88:b8:f9:2e:a4:59:e7:13:91:06:da:57:01:
         00:45:7d:7a:27:40:08:af:f8:40:8b:e9:b9:50:a4:b0:8f:e5:
         25:94:ac:e3:cf:ee:cd:23:14:71:72:9b:28:94:44:b3:ce:c4:
         e2:96:e8:3c:4a:2f:a8:c7:bc:b4:64:06:b5:3c:8f:84:75:1f:
         dc:46:12:66:1c:d4:07:83:a7:04:74:82:b9:f0:4b:10:2d:19:
         f2:ae:1d:92:6d:6d:48:2f:20:ad:ec:8a:3e:36:db:b8:a6:a7:
         d5:42:3b:18:5e:e5:6c:41:3a:07:96:48:62:77:4e:ac:87:0b:
         28:64:25:7c:95:15:9c:35:9b:c6:f2:62:fa:87:98:f9:3d:5e:
         eb:82:ff:48:db:69:19:66:76:3e:4e:b6:35:57:a1:0f:42:c6:
         4c:ac:5d:10:59:74:53:9a:42:53:be:b0:f9:5d:6d:28:01:51:
         eb:64:64:84:85:cd:8b:77:4b:dd:44:5c:c8:63:71:b6:12:d7:
         31:b8:9b:42:60:67:21:18:1f:d6:52:31:13:4e:b7:fc:12:3a:
         63:eb:54:f1:cd:29:e6:de:21:31:64:de:ff:29:0f:72:78:c0:
         9a:f3:78:39:8b:a3:99:d2:8f:2f:84:7d:73:1b:3d:c4:18:6c:
         7c:45:ed:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxJ4NB1R306WOY+V/9IoXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYzA5OTk4Y2UzOWNmZGNhNjZlY2ZkOGRkM2FjMzg2NDRk
M2M4YTYwHhcNMjMwMTAyMDYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA5YTc5ZDI0YTJjZWQ2NGY1OWYxNDA5YzczNjY1NWRkNzU4NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO5M+hGXbN/f8W8FjStcWR8damw2
vPNN9wsO/X0vlnxUlvCXrLRWAYnhInfk5Oh8vdpnFFAiK+daqssTFPO3vqL9J4Lo
z8EgH0UQ6mF2xOsVj3Y2Dred1+pRiuT9T+qsfdPBaauhQu0AtAkEL7puDCelGmRr
NcmiisV/cwnW0cf1F7I8FErLLXYUxAhVPKFZ8lJke0YLtx7mNcuRGSt+oiJR9fw9
5UcDLdy+HWvbCwagTui3agRRb0dSe213WKrqBsfQCQS/SbARkALirsqFtXWEhYFv
Ju+zmvvUbFgeugM931z8WKofoMsud0kDN3G11vgIcY/6mdjBq8lTIYX+GQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDAJp50kos7WT1nxQJxzZlXddYTiMB8GA1UdIwQY
MBaAFHvAmZjOOc/cpm7P2N06w4ZE08imMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThDWm1NNDV6OXltYnNfWTNUckRoa1RUeUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lZDY1ZTUtZjgxZi00ZDlkLTg0MDMt
MjJkNmNkMWUxYThhLzEvTUFtbm5TU2l6dFpQV2ZGQW5ITm1WZDExaE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lZDY1ZTUtZjgxZi00ZDlkLTg0MDMtMjJkNmNkMWUxYThh
LzEvZThDWm1NNDV6OXltYnNfWTNUckRoa1RUeUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucgsMA0E
AgACMAcDBQMqCqrAMA0GCSqGSIb3DQEBCwUAA4IBAQBouWcH34i4+S6kWecTkQba
VwEARX16J0AIr/hAi+m5UKSwj+UllKzjz+7NIxRxcpsolESzzsTilug8Si+ox7y0
ZAa1PI+EdR/cRhJmHNQHg6cEdIK58EsQLRnyrh2SbW1ILyCt7Io+Ntu4pqfVQjsY
XuVsQToHlkhid06shwsoZCV8lRWcNZvG8mL6h5j5PV7rgv9I22kZZnY+TrY1V6EP
QsZMrF0QWXRTmkJTvrD5XW0oAVHrZGSEhc2Ld0vdRFzIY3G2EtcxuJtCYGchGB/W
UjETTrf8Ejpj61TxzSnm3iExZN7/KQ9yeMCa83g5i6OZ0o8vhH1zGz3EGGx8Re3z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:50 2024 by rpki-client on console-fra.rpki-client.org