Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0LEGZ80a09LqSkLerkCyvNX5jRA.roa
File:                     0LEGZ80a09LqSkLerkCyvNX5jRA.roa (raw, json)
Hash identifier:          GlXd73GfZuUJ4FvT2QR7mEaa7U0CLsC0AWuG4Pr93AQ=
Subject key identifier:   D0:B1:06:67:CD:1A:D3:D2:EA:4A:42:DE:AE:40:B2:BC:D5:F9:8D:10
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D821205AFFDD6D652EFF2724F861259
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0LEGZ80a09LqSkLerkCyvNX5jRA.roa
Signing time:             Sun 01 Jan 2023 13:25:18 +0000
ROA not before:           Sun 01 Jan 2023 13:25:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210211
IP address blocks:        87.121.41.0/24 maxlen: 24
                          87.121.40.0/24 maxlen: 24
                          31.13.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:12:05:af:fd:d6:d6:52:ef:f2:72:4f:86:12:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0b10667cd1ad3d2ea4a42deae40b2bcd5f98d10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0c:e6:fb:d3:db:c2:bc:d6:8e:54:52:78:09:
                    82:0d:76:90:f7:5a:b8:d9:18:30:df:aa:9f:f2:fc:
                    2f:72:6f:1a:42:de:0e:62:93:7e:78:4f:53:80:87:
                    36:38:c0:e8:ba:e7:e4:b7:ab:89:0f:a9:74:53:6b:
                    60:8a:8d:0f:50:b1:da:40:4d:29:e8:ca:fa:3f:94:
                    a8:cf:11:cb:c6:5b:cf:73:26:73:7c:54:70:0a:af:
                    b9:6b:96:ac:52:04:56:c8:1f:34:b3:53:df:a7:e8:
                    36:f0:65:b7:8d:e8:e1:a6:90:b7:01:94:26:79:9a:
                    1e:ab:b0:7c:f7:f0:4e:d4:fc:b9:41:32:06:91:71:
                    c6:c8:32:8b:1e:c3:29:95:72:f8:22:85:2e:3c:6c:
                    ae:f1:0f:56:17:9b:6d:13:27:8f:ba:c3:2f:1a:30:
                    da:22:45:26:b6:5a:72:f1:9b:33:72:38:d8:f3:18:
                    21:bf:bf:34:49:01:54:d0:72:8a:98:77:ac:01:f2:
                    d0:d8:16:42:56:59:55:0f:5d:ff:d0:8d:36:91:46:
                    a5:77:e1:a0:0e:89:e4:1d:18:69:c8:4b:7c:b0:46:
                    6b:fd:57:4b:5f:dc:6d:77:cf:6a:ba:73:b1:a0:41:
                    89:ce:e1:5c:1d:a0:ce:2b:42:14:bb:5e:9d:0a:bf:
                    60:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:B1:06:67:CD:1A:D3:D2:EA:4A:42:DE:AE:40:B2:BC:D5:F9:8D:10
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0LEGZ80a09LqSkLerkCyvNX5jRA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.226.0/24
                  87.121.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         47:5e:ac:12:cc:73:3f:b4:03:9f:47:d1:01:1d:7e:26:15:1d:
         81:68:c9:f6:e0:c7:3f:e9:3e:05:cb:b8:0f:04:e3:eb:1c:70:
         53:cb:b7:23:e1:62:a1:6e:db:4d:02:f4:47:0e:3e:78:d7:c1:
         ca:03:d1:57:7e:ee:20:d1:9b:ab:b9:2d:06:f8:76:3a:69:d1:
         1c:05:3e:f0:74:fa:2c:68:62:6f:2d:57:8a:30:4b:23:e3:84:
         95:7a:51:09:ab:8d:46:36:77:50:c5:89:e1:a3:07:61:08:85:
         3e:ac:53:9e:57:ce:e4:61:df:ab:92:60:2d:88:bf:84:fe:ad:
         d3:d4:59:ed:59:a8:91:54:51:ad:1f:52:aa:76:e7:25:2e:b3:
         e2:a2:7b:1e:88:42:f7:91:1c:78:a3:33:79:59:24:7d:bc:53:
         b0:59:90:05:f4:ae:3d:03:f5:31:30:2c:1f:af:88:ab:4f:24:
         43:2f:3e:0f:59:f0:91:eb:c2:4c:07:46:e7:d3:ac:cf:db:fb:
         e1:69:36:e1:10:ec:63:ad:78:b0:70:f4:29:2a:55:db:b1:fc:
         05:24:97:c7:35:14:fa:c9:9c:b2:d3:10:29:6e:38:03:91:d2:
         0c:6d:8a:63:eb:85:04:c9:5d:78:ed:37:41:8e:c3:d2:49:e2:
         05:6f:ea:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtghIFr/3W1lLv8nJPhhJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGIxMDY2N2NkMWFkM2QyZWE0YTQyZGVhZTQwYjJiY2Q1Zjk4ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qzm+9PbwrzWjlRSeAmCDXaQ91q4
2Rgw36qf8vwvcm8aQt4OYpN+eE9TgIc2OMDouufkt6uJD6l0U2tgio0PULHaQE0p
6Mr6P5SozxHLxlvPcyZzfFRwCq+5a5asUgRWyB80s1Pfp+g28GW3jejhppC3AZQm
eZoeq7B89/BO1Py5QTIGkXHGyDKLHsMplXL4IoUuPGyu8Q9WF5ttEyePusMvGjDa
IkUmtlpy8ZszcjjY8xghv780SQFU0HKKmHesAfLQ2BZCVllVD13/0I02kUald+Gg
DonkHRhpyEt8sEZr/VdLX9xtd89qunOxoEGJzuFcHaDOK0IUu16dCr9gIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNCxBmfNGtPS6kpC3q5AsrzV+Y0QMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMExFR1o4MGEwOUxxU2tMZXJrQ3l2Tlg1alJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw3iAwQB
V3koMA0GCSqGSIb3DQEBCwUAA4IBAQBHXqwSzHM/tAOfR9EBHX4mFR2BaMn24Mc/
6T4Fy7gPBOPrHHBTy7cj4WKhbttNAvRHDj5418HKA9FXfu4g0ZuruS0G+HY6adEc
BT7wdPosaGJvLVeKMEsj44SVelEJq41GNndQxYnhowdhCIU+rFOeV87kYd+rkmAt
iL+E/q3T1FntWaiRVFGtH1KqduclLrPionseiEL3kRx4ozN5WSR9vFOwWZAF9K49
A/UxMCwfr4irTyRDLz4PWfCR68JMB0bn06zP2/vhaTbhEOxjrXiwcPQpKlXbsfwF
JJfHNRT6yZyy0xApbjgDkdIMbYpj64UEyV147TdBjsPSSeIFb+pt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:21 2024 by rpki-client on console-ams.rpki-client.org