Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CVdOS5bxgg7kqS6F6BH7v2VTJyU.roa
File:                     CVdOS5bxgg7kqS6F6BH7v2VTJyU.roa (raw, json)
Hash identifier:          o2nkl1Bo0UMFBU6S1E4rvGuqvdoTMwwga7zH/GTRl3Q=
Subject key identifier:   09:57:4E:4B:96:F1:82:0E:E4:A9:2E:85:E8:11:FB:BF:65:53:27:25
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D82082A0A23E39F07B81542E9D9EE61
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CVdOS5bxgg7kqS6F6BH7v2VTJyU.roa
Signing time:             Sun 01 Jan 2023 13:25:16 +0000
ROA not before:           Sun 01 Jan 2023 13:25:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204469
IP address blocks:        31.13.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:08:2a:0a:23:e3:9f:07:b8:15:42:e9:d9:ee:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09574e4b96f1820ee4a92e85e811fbbf65532725
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:94:e8:90:bc:be:db:0d:bc:1e:ae:35:10:0c:
                    15:be:23:d8:07:59:8d:4f:87:34:cc:c3:40:cb:91:
                    9b:b8:9b:c2:86:42:9f:81:d6:9c:2e:7e:f6:38:0a:
                    17:70:2b:0f:8b:99:3b:15:89:ae:78:1d:a8:d1:3c:
                    84:44:74:32:1a:9e:5a:f8:82:2f:7d:20:53:9d:b0:
                    20:ad:af:8f:f5:33:85:48:51:3e:e5:69:90:c9:e6:
                    12:f7:c4:cc:e4:a0:76:19:30:68:bf:4c:a1:5e:74:
                    fb:68:8b:a7:83:05:fc:3a:67:ff:2f:3c:71:f3:f7:
                    8c:05:7c:c1:6a:50:f5:eb:9f:e9:85:10:c7:89:89:
                    03:97:8e:ce:2c:2a:24:64:75:46:3b:14:26:9a:87:
                    9a:a4:a3:ee:2f:0d:ef:25:f0:cf:b8:65:24:b8:1a:
                    77:eb:d9:78:1f:3f:96:5f:ff:e8:31:f8:4b:a7:92:
                    bd:14:11:d8:2e:24:61:86:a7:61:27:fd:f8:68:c7:
                    52:0d:ee:4a:2a:b9:2e:95:5e:39:a7:ad:af:3b:38:
                    68:d0:9f:ad:9a:c0:e4:8b:db:f4:b7:ae:50:58:9a:
                    7f:11:4e:0b:c1:97:9d:79:12:5b:99:bb:d5:50:9e:
                    2c:aa:c8:45:6b:a0:0f:12:c2:6f:17:37:43:ef:43:
                    ec:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:57:4E:4B:96:F1:82:0E:E4:A9:2E:85:E8:11:FB:BF:65:53:27:25
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CVdOS5bxgg7kqS6F6BH7v2VTJyU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:2e:41:55:34:96:83:c1:f3:ca:ad:3e:ca:82:44:07:cd:06:
         7f:db:25:8a:91:9a:97:8e:0a:1f:bd:d2:10:c1:03:9c:33:37:
         77:cc:cb:a3:de:bd:fb:05:3b:3a:3b:88:0c:41:fc:65:f1:e8:
         b3:0c:56:83:12:d1:1c:78:e7:2c:d9:8c:88:bb:e9:09:fa:b5:
         e1:85:0b:86:5a:05:bb:be:53:be:65:96:71:76:1b:c1:a4:4c:
         25:8b:64:f0:8c:dd:21:03:22:df:42:1c:20:94:4f:d4:a2:e4:
         40:51:d1:6c:a1:78:b8:da:fe:a0:a7:dc:9a:2c:ff:4a:89:64:
         96:ad:36:0e:d4:cb:0f:e1:1e:c7:ec:d8:4b:f9:c3:32:bc:ef:
         14:66:b0:d1:e2:33:7e:ce:f4:fc:a8:e1:88:4a:07:22:d2:c9:
         5a:b0:fe:40:1c:20:07:08:82:06:64:3c:a6:ee:b0:03:3d:3b:
         4a:84:fa:75:80:99:3c:94:12:84:f9:79:ef:d3:28:12:32:1a:
         e3:4c:d4:68:96:70:aa:26:a9:5e:31:f4:64:9b:bc:b1:45:df:
         a8:72:f7:83:3e:39:5d:3b:b2:18:64:56:68:bc:95:d5:0f:5c:
         58:14:71:2b:da:f3:5e:a5:d6:fa:0d:c7:a6:54:b3:cb:fd:75:
         af:f1:5d:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgggqCiPjnwe4FULp2e5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU3NGU0Yjk2ZjE4MjBlZTRhOTJlODVlODExZmJiZjY1NTMyNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJTokLy+2w28Hq41EAwVviPYB1mN
T4c0zMNAy5GbuJvChkKfgdacLn72OAoXcCsPi5k7FYmueB2o0TyERHQyGp5a+IIv
fSBTnbAgra+P9TOFSFE+5WmQyeYS98TM5KB2GTBov0yhXnT7aIungwX8Omf/Lzxx
8/eMBXzBalD165/phRDHiYkDl47OLCokZHVGOxQmmoeapKPuLw3vJfDPuGUkuBp3
69l4Hz+WX//oMfhLp5K9FBHYLiRhhqdhJ/34aMdSDe5KKrkulV45p62vOzho0J+t
msDki9v0t65QWJp/EU4LwZedeRJbmbvVUJ4sqshFa6APEsJvFzdD70PsswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlXTkuW8YIO5KkuhegR+79lUyclMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ1ZkT1M1YnhnZzdrcVM2RjZCSDd2MlZUSnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw3wMA0G
CSqGSIb3DQEBCwUAA4IBAQB2LkFVNJaDwfPKrT7KgkQHzQZ/2yWKkZqXjgofvdIQ
wQOcMzd3zMuj3r37BTs6O4gMQfxl8eizDFaDEtEceOcs2YyIu+kJ+rXhhQuGWgW7
vlO+ZZZxdhvBpEwli2TwjN0hAyLfQhwglE/UouRAUdFsoXi42v6gp9yaLP9KiWSW
rTYO1MsP4R7H7NhL+cMyvO8UZrDR4jN+zvT8qOGISgci0slasP5AHCAHCIIGZDym
7rADPTtKhPp1gJk8lBKE+Xnv0ygSMhrjTNRolnCqJqleMfRkm7yxRd+ocveDPjld
O7IYZFZovJXVD1xYFHEr2vNepdb6DcemVLPL/XWv8V08
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org