Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xva2-2NnHRg8FCQYJOlgnPeIxrI.roa
File:                     Xva2-2NnHRg8FCQYJOlgnPeIxrI.roa (raw, json)
Hash identifier:          eIOSOf8owrL1ezUjCGmqrB3oYnD/TVsFg7FW+KL7ySk=
Subject key identifier:   5E:F6:B6:FB:63:67:1D:18:3C:14:24:18:24:E9:60:9C:F7:88:C6:B2
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D820DFBD0F60207D97A7A96FDF0547F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xva2-2NnHRg8FCQYJOlgnPeIxrI.roa
Signing time:             Sun 01 Jan 2023 13:25:17 +0000
ROA not before:           Sun 01 Jan 2023 13:25:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208224
IP address blocks:        31.13.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:0d:fb:d0:f6:02:07:d9:7a:7a:96:fd:f0:54:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ef6b6fb63671d183c14241824e9609cf788c6b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:14:2d:a3:1b:61:9d:78:5e:b0:0d:78:1d:27:
                    e8:c2:5a:0d:42:5a:b3:14:ef:b9:04:b1:cc:c5:a1:
                    c6:1b:7a:bc:7c:0d:06:7c:ec:e9:70:1d:33:5b:b7:
                    7a:db:ba:d0:44:f4:fe:91:60:f1:35:22:b5:2e:5d:
                    0f:2e:31:73:b3:14:81:87:9a:df:a8:65:29:d4:0c:
                    48:7e:38:95:7f:62:83:10:f9:c9:98:0c:57:06:13:
                    49:c7:f9:39:c8:7c:af:a0:03:53:a9:22:0c:84:9a:
                    e9:16:ef:2b:a8:aa:88:98:10:06:c4:2d:8b:0c:51:
                    04:8c:98:57:b3:9c:b5:5a:90:ec:1b:3f:af:fa:df:
                    b0:fe:a0:ab:16:8d:56:28:81:1c:53:fa:59:45:2d:
                    1b:3f:c7:44:ec:14:79:a0:ca:33:0d:bf:c9:07:e4:
                    72:14:94:0a:02:ba:32:98:36:fe:37:ea:1a:ac:cb:
                    6f:7c:c1:11:8c:66:00:57:9a:b0:6a:40:ce:61:11:
                    3b:69:79:33:73:90:32:47:46:f9:5a:5f:cc:79:bc:
                    a7:75:82:f5:93:6d:5a:c6:69:57:c3:d3:fc:6c:fc:
                    06:83:02:d4:40:ad:db:28:8f:29:75:31:12:a3:58:
                    6d:40:2d:90:39:ec:20:60:64:0f:1b:6f:f4:92:51:
                    1e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F6:B6:FB:63:67:1D:18:3C:14:24:18:24:E9:60:9C:F7:88:C6:B2
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xva2-2NnHRg8FCQYJOlgnPeIxrI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:aa:2b:26:c4:2a:14:d4:ed:00:e1:8e:b1:ba:ce:64:b0:36:
         cf:ff:75:f1:8f:86:91:9c:4e:79:aa:db:c8:10:8c:2d:df:42:
         bf:bc:d0:df:f3:b4:39:a4:74:32:68:66:cf:5d:88:b0:44:7e:
         cd:3e:ed:5f:66:5e:e7:a5:a6:eb:8c:18:7f:a2:88:50:6e:0b:
         f0:46:86:c4:24:3e:47:3c:bf:ae:29:a9:fd:18:6f:51:20:18:
         cd:dd:12:b5:0e:5f:33:09:6e:1a:ac:63:11:26:c7:b7:df:db:
         45:ff:3d:3d:de:09:e9:6f:83:19:e0:b9:5d:1b:6f:e0:b5:fb:
         15:c8:27:17:ce:d3:01:3a:62:e6:fa:a2:4a:66:d2:da:4d:da:
         ea:51:5e:55:65:fa:a5:dc:5c:4f:7d:5f:b4:30:99:84:d3:09:
         13:e8:df:a1:ab:50:69:06:94:e7:c4:d8:be:a6:81:7e:ac:22:
         0d:39:ac:2d:86:c5:af:d2:a5:f7:45:00:f0:03:0a:9c:1d:be:
         f5:86:b7:20:14:b3:c1:7c:57:8c:b9:e2:8a:7d:9f:aa:73:63:
         62:4c:90:83:b4:84:e4:f3:66:d2:5b:0a:2c:93:36:18:74:d2:
         b1:7d:67:e3:fb:d3:08:58:dd:79:ba:91:d5:35:f1:20:71:19:
         b5:4a:d3:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgg370PYCB9l6epb98FR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY2YjZmYjYzNjcxZDE4M2MxNDI0MTgyNGU5NjA5Y2Y3ODhjNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBQtoxthnXhesA14HSfowloNQlqz
FO+5BLHMxaHGG3q8fA0GfOzpcB0zW7d627rQRPT+kWDxNSK1Ll0PLjFzsxSBh5rf
qGUp1AxIfjiVf2KDEPnJmAxXBhNJx/k5yHyvoANTqSIMhJrpFu8rqKqImBAGxC2L
DFEEjJhXs5y1WpDsGz+v+t+w/qCrFo1WKIEcU/pZRS0bP8dE7BR5oMozDb/JB+Ry
FJQKAroymDb+N+oarMtvfMERjGYAV5qwakDOYRE7aXkzc5AyR0b5Wl/MebyndYL1
k21axmlXw9P8bPwGgwLUQK3bKI8pdTESo1htQC2QOewgYGQPG2/0klEeAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF72tvtjZx0YPBQkGCTpYJz3iMayMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWHZhMi0yTm5IUmc4RkNRWUpPbGduUGVJeHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw32MA0G
CSqGSIb3DQEBCwUAA4IBAQCZqismxCoU1O0A4Y6xus5ksDbP/3Xxj4aRnE55qtvI
EIwt30K/vNDf87Q5pHQyaGbPXYiwRH7NPu1fZl7npabrjBh/oohQbgvwRobEJD5H
PL+uKan9GG9RIBjN3RK1Dl8zCW4arGMRJse339tF/z093gnpb4MZ4LldG2/gtfsV
yCcXztMBOmLm+qJKZtLaTdrqUV5VZfql3FxPfV+0MJmE0wkT6N+hq1BpBpTnxNi+
poF+rCINOawthsWv0qX3RQDwAwqcHb71hrcgFLPBfFeMueKKfZ+qc2NiTJCDtITk
82bSWwoskzYYdNKxfWfj+9MIWN15upHVNfEgcRm1StPN
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:11 2024 by rpki-client on console-ams.rpki-client.org