Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/2lgx6WYJBXkp77O7qQGtPflqiUw.roa
File:                     2lgx6WYJBXkp77O7qQGtPflqiUw.roa (raw, json)
Hash identifier:          JYIItKQ71FfFsbyV/rnyUQtNKbuCPqmj9YIP9mCUsXI=
Subject key identifier:   DA:58:31:E9:66:09:05:79:29:EF:B3:BB:A9:01:AD:3D:F9:6A:89:4C
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       01883298CAC145EA2DF74D283D75E1EB2488
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/2lgx6WYJBXkp77O7qQGtPflqiUw.roa
Signing time:             Fri 19 May 2023 06:00:53 +0000
ROA not before:           Fri 19 May 2023 06:00:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.31.232.0/24 maxlen: 24
                          81.31.242.0/23 maxlen: 23
                          185.84.160.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 18 Jul 2023 08:21:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:32:98:ca:c1:45:ea:2d:f7:4d:28:3d:75:e1:eb:24:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: May 19 06:00:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da5831e96609057929efb3bba901ad3df96a894c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:9c:9b:7d:20:d0:94:30:98:0c:d6:10:be:6e:
                    22:bc:45:8f:06:86:dc:42:22:80:b4:0c:c8:a2:06:
                    64:d9:71:b7:e7:5e:fd:7d:70:03:f8:9a:fd:b5:b3:
                    74:6d:c9:00:3a:87:5b:d7:fe:1f:cd:99:14:b2:d3:
                    51:cd:52:76:e0:6f:13:b8:fe:82:d4:14:d0:d5:9e:
                    00:be:2c:ce:fc:27:3b:cc:51:7d:59:8a:7a:54:19:
                    51:c9:2a:3c:1d:3d:2d:cf:ec:a9:6b:e4:70:b9:0d:
                    03:72:7e:2c:cf:0e:0b:70:7e:d0:4f:fc:52:84:5e:
                    f0:d4:8d:82:b7:46:7f:9a:6b:45:c2:11:69:f1:ca:
                    06:cd:99:af:e6:21:0f:69:0f:4e:bf:70:4a:da:30:
                    26:de:70:77:56:63:e6:1f:46:85:95:b4:bf:25:c6:
                    24:93:71:f9:35:2f:1f:fb:f7:70:61:77:85:5a:36:
                    2a:1d:02:40:4a:24:8e:ab:37:7d:5b:5e:66:c6:1f:
                    31:91:c1:74:06:51:bd:3e:3f:e3:62:d9:80:19:41:
                    b3:f6:3e:18:98:f7:f2:29:77:ce:17:5c:8f:b5:af:
                    f8:66:a3:be:79:6b:16:42:bc:7f:e5:8e:93:62:01:
                    bf:d2:77:65:05:8d:14:6e:94:f8:e2:9f:80:c9:80:
                    d2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:58:31:E9:66:09:05:79:29:EF:B3:BB:A9:01:AD:3D:F9:6A:89:4C
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/2lgx6WYJBXkp77O7qQGtPflqiUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.232.0/24
                  81.31.242.0/23
                  185.84.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         88:f0:1c:76:f3:ae:6c:93:00:84:53:d0:9d:be:9d:e7:8b:ec:
         94:27:42:68:fa:dc:ca:95:a3:ba:c6:5e:0c:43:1a:98:f5:60:
         a8:94:df:eb:03:48:82:da:04:65:e9:2b:ad:fd:4d:54:da:60:
         31:3c:3b:57:82:89:dc:ce:28:cf:7c:24:53:d7:23:ca:39:2e:
         ca:1f:b9:67:78:45:1b:53:bf:0e:85:f7:bf:24:bf:5d:51:b1:
         6f:91:62:d8:4d:77:c0:e2:23:84:a0:05:5e:dc:1f:18:14:d4:
         14:fc:eb:91:ec:ce:c4:63:7f:28:a2:04:f8:49:84:ad:78:39:
         16:e3:aa:64:5d:1e:e7:79:c5:a6:b9:fd:fb:3f:32:34:5c:64:
         75:5b:21:8f:5e:b3:eb:80:b2:83:5c:c2:2e:f7:dd:eb:22:88:
         a8:f7:9d:1d:01:07:bf:b6:91:77:5a:97:d9:c8:dd:69:c6:54:
         ff:9b:a5:4f:2d:be:64:f9:16:e8:45:6a:b0:00:f7:2c:11:bf:
         fb:4a:dc:f4:02:55:7b:3f:fc:2d:c6:d5:95:8c:1f:d3:0d:93:
         c1:56:d5:31:66:6b:7d:68:e8:ad:f9:5c:d8:2f:79:9b:23:14:
         7d:00:5e:62:ab:07:a8:7d:72:ff:2d:11:d7:b0:08:30:4f:a5:
         56:2a:d2:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgymMrBReot900oPXXh6ySIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwNTE5MDYwMDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTU4MzFlOTY2MDkwNTc5MjllZmIzYmJhOTAxYWQzZGY5NmE4OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZybfSDQlDCYDNYQvm4ivEWPBobc
QiKAtAzIogZk2XG35179fXAD+Jr9tbN0bckAOodb1/4fzZkUstNRzVJ24G8TuP6C
1BTQ1Z4AvizO/Cc7zFF9WYp6VBlRySo8HT0tz+ypa+RwuQ0Dcn4szw4LcH7QT/xS
hF7w1I2Ct0Z/mmtFwhFp8coGzZmv5iEPaQ9Ov3BK2jAm3nB3VmPmH0aFlbS/JcYk
k3H5NS8f+/dwYXeFWjYqHQJASiSOqzd9W15mxh8xkcF0BlG9Pj/jYtmAGUGz9j4Y
mPfyKXfOF1yPta/4ZqO+eWsWQrx/5Y6TYgG/0ndlBY0UbpT44p+AyYDSbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNpYMelmCQV5Ke+zu6kBrT35aolMMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvMmxneDZXWUpCWGtwNzdPN3FRR3RQZmxxaVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUR/oAwQB
UR/yAwQBuVSgMA0GCSqGSIb3DQEBCwUAA4IBAQCI8Bx2865skwCEU9Cdvp3ni+yU
J0Jo+tzKlaO6xl4MQxqY9WColN/rA0iC2gRl6Sut/U1U2mAxPDtXgonczijPfCRT
1yPKOS7KH7lneEUbU78Ohfe/JL9dUbFvkWLYTXfA4iOEoAVe3B8YFNQU/OuR7M7E
Y38oogT4SYSteDkW46pkXR7necWmuf37PzI0XGR1WyGPXrPrgLKDXMIu993rIoio
950dAQe/tpF3WpfZyN1pxlT/m6VPLb5k+RboRWqwAPcsEb/7Stz0AlV7P/wtxtWV
jB/TDZPBVtUxZmt9aOit+VzYL3mbIxR9AF5iqweofXL/LRHXsAgwT6VWKtL/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org