Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/g_1M-B30V5nzMzmUCJj6P7xl5es.roa
File:                     g_1M-B30V5nzMzmUCJj6P7xl5es.roa (raw, json)
Hash identifier:          nzc+Fsnc59NJleSljR8+GqGqnrOod1GdTXCwCK9E2pM=
Subject key identifier:   83:FD:4C:F8:1D:F4:57:99:F3:33:39:94:08:98:FA:3F:BC:65:E5:EB
Certificate issuer:       /CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Certificate serial:       018CC94D49DB634180E5CF579C35F502E3FE
Authority key identifier: 8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/g_1M-B30V5nzMzmUCJj6P7xl5es.roa
Signing time:             Tue 02 Jan 2024 08:32:14 +0000
ROA not before:           Tue 02 Jan 2024 08:32:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197746
IP address blocks:        31.22.112.0/24 maxlen: 24
                          31.22.113.0/24 maxlen: 24
                          31.22.114.0/24 maxlen: 24
                          31.22.118.0/24 maxlen: 24
                          31.22.115.0/24 maxlen: 24
                          31.22.119.0/24 maxlen: 24
                          185.23.88.0/24 maxlen: 24
                          185.23.89.0/24 maxlen: 24
                          2a00:6620:2000::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 12:07:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:49:db:63:41:80:e5:cf:57:9c:35:f5:02:e3:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
        Validity
            Not Before: Jan  2 08:32:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=83fd4cf81df45799f33339940898fa3fbc65e5eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:98:29:ef:49:44:46:54:ea:49:0e:8e:fa:66:
                    61:73:95:ed:c1:0e:9b:0b:4f:bf:1a:31:49:08:8b:
                    b6:42:c7:4e:52:ac:c9:5d:07:17:41:28:51:84:1c:
                    0f:74:8e:75:6f:6a:b8:de:74:4d:4a:57:90:ee:78:
                    ee:e1:54:45:52:cb:b3:fd:ea:a2:e9:3d:08:b1:e5:
                    4b:e7:2b:0f:22:70:db:13:ca:24:0d:be:4f:63:94:
                    9d:78:76:03:9d:91:16:7d:3d:c3:4e:b5:a3:33:af:
                    4a:4d:52:04:30:58:38:bc:ca:36:8f:3f:dd:00:d8:
                    60:03:eb:bd:ce:1c:23:3f:c4:80:fd:23:0d:4f:e5:
                    74:03:3a:ed:09:db:f4:2e:d0:40:1c:ad:40:7d:3d:
                    9b:e3:20:13:06:0c:81:10:b9:f8:c0:19:98:58:88:
                    ad:e8:58:07:f1:00:3b:08:07:5c:21:ee:3c:73:1a:
                    29:b3:93:85:74:bc:04:61:a1:08:c4:6a:95:53:2a:
                    e9:0f:e6:52:d7:37:9a:e8:47:f4:6b:0d:dc:df:56:
                    99:85:91:c5:6e:35:b9:41:a6:91:17:51:22:14:f8:
                    e7:25:63:a9:72:61:04:fd:53:57:56:4e:23:f7:f2:
                    77:28:d3:59:03:b4:3b:eb:01:55:9a:2d:73:c5:28:
                    d8:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:FD:4C:F8:1D:F4:57:99:F3:33:39:94:08:98:FA:3F:BC:65:E5:EB
            X509v3 Authority Key Identifier:
                keyid:8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/g_1M-B30V5nzMzmUCJj6P7xl5es.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.22.112.0/22
                  31.22.118.0/23
                  185.23.88.0/23
                IPv6:
                  2a00:6620:2000::/48

    Signature Algorithm: sha256WithRSAEncryption
         3f:91:19:ad:81:1e:78:c6:ab:c9:2c:8e:98:7b:92:d8:54:97:
         63:73:bc:b5:29:e6:50:9d:6c:06:f0:33:f2:1c:fe:d5:6c:c3:
         c1:70:31:4f:09:77:ef:0b:b3:ff:75:63:9b:29:a9:0c:87:76:
         c2:eb:b7:5a:3a:1a:8a:0e:2a:99:f2:72:70:ac:15:e6:8d:ad:
         ab:5f:d4:d5:98:19:66:03:51:ae:37:b4:30:c1:18:f4:d9:59:
         28:9b:a4:8b:1b:d3:c6:29:a6:26:21:41:09:ea:29:2e:ba:35:
         39:96:0e:16:b2:ed:9c:2f:7d:b1:ba:dc:d8:e5:69:95:0c:2a:
         aa:48:e4:da:a6:82:96:aa:05:08:6e:08:65:8e:80:b4:28:ba:
         51:2e:e4:c8:c4:19:f1:4a:d1:f9:d8:e8:19:58:37:ed:37:df:
         db:f1:40:dc:9a:ac:e9:55:43:48:7c:5e:41:f5:aa:27:89:97:
         44:96:83:79:82:70:46:5c:af:aa:f5:3f:93:02:55:88:eb:df:
         a7:0b:62:9c:91:33:f3:c3:7a:06:b1:9c:64:b5:b0:1f:33:01:
         a0:2e:c3:c9:e4:3a:35:4f:d6:05:83:8c:9c:29:60:a1:0b:c7:
         e4:fe:d6:fe:05:ff:c7:b3:a1:94:18:85:1b:4a:12:a5:1b:12:
         de:90:b5:ab
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJTUnbY0GA5c9XnDX1AuP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYTQzYmIzOGQ2ZTBiZThjMjg5MDk0YmE0YWRmMzg3ZDBk
ZTQwYTAwHhcNMjQwMTAyMDgzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZkNGNmODFkZjQ1Nzk5ZjMzMzM5OTQwODk4ZmEzZmJjNjVlNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZgp70lERlTqSQ6O+mZhc5XtwQ6b
C0+/GjFJCIu2QsdOUqzJXQcXQShRhBwPdI51b2q43nRNSleQ7nju4VRFUsuz/eqi
6T0IseVL5ysPInDbE8okDb5PY5SdeHYDnZEWfT3DTrWjM69KTVIEMFg4vMo2jz/d
ANhgA+u9zhwjP8SA/SMNT+V0AzrtCdv0LtBAHK1AfT2b4yATBgyBELn4wBmYWIit
6FgH8QA7CAdcIe48cxops5OFdLwEYaEIxGqVUyrpD+ZS1zea6Ef0aw3c31aZhZHF
bjW5QaaRF1EiFPjnJWOpcmEE/VNXVk4j9/J3KNNZA7Q76wFVmi1zxSjYvQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIP9TPgd9FeZ8zM5lAiY+j+8ZeXrMB8GA1UdIwQY
MBaAFI6kO7ONbgvowokJS6St84fQ3kCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanFRN3M0MXVDLWpDaVFsTHBLM3poOURlUUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82Zjg1YjEtNmEzYy00MDhkLWEzOWIt
MjRmN2Y5NDM2Y2VjLzEvZ18xTS1CMzBWNW56TXptVUNKajZQN3hsNWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82Zjg1YjEtNmEzYy00MDhkLWEzOWItMjRmN2Y5NDM2Y2Vj
LzEvanFRN3M0MXVDLWpDaVFsTHBLM3poOURlUUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCHxZwAwQB
HxZ2AwQBuRdYMA8EAgACMAkDBwAqAGYgIAAwDQYJKoZIhvcNAQELBQADggEBAD+R
Ga2BHnjGq8ksjph7kthUl2NzvLUp5lCdbAbwM/Ic/tVsw8FwMU8Jd+8Ls/91Y5sp
qQyHdsLrt1o6GooOKpnycnCsFeaNratf1NWYGWYDUa43tDDBGPTZWSibpIsb08Yp
piYhQQnqKS66NTmWDhay7ZwvfbG63NjlaZUMKqpI5NqmgpaqBQhuCGWOgLQoulEu
5MjEGfFK0fnY6BlYN+0339vxQNyarOlVQ0h8XkH1qieJl0SWg3mCcEZcr6r1P5MC
VYjr36cLYpyRM/PDegaxnGS1sB8zAaAuw8nkOjVP1gWDjJwpYKELx+T+1v4F/8ez
oZQYhRtKEqUbEt6Qtas=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:10 2024 by rpki-client on console-ams.rpki-client.org