Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/dmBpcIg1Ca7SGVuBD9zhRuQVZIg.roa
File:                     dmBpcIg1Ca7SGVuBD9zhRuQVZIg.roa (raw, json)
Hash identifier:          UgJnRjl5tNkkA62TwKdnHf+CSn7rdyuOnv+P/f5VmxM=
Subject key identifier:   76:60:69:70:88:35:09:AE:D2:19:5B:81:0F:DC:E1:46:E4:15:64:88
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       01856D1CD13B1CBAA43B52F36022F19D2373
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/dmBpcIg1Ca7SGVuBD9zhRuQVZIg.roa
Signing time:             Sun 01 Jan 2023 11:34:43 +0000
ROA not before:           Sun 01 Jan 2023 11:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56876
IP address blocks:        81.31.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:1c:d1:3b:1c:ba:a4:3b:52:f3:60:22:f1:9d:23:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jan  1 11:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76606970883509aed2195b810fdce146e4156488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:59:05:37:e1:18:62:65:66:14:ab:fc:92:57:
                    4e:c4:dd:c3:f7:75:61:15:d9:50:80:d9:de:a7:90:
                    03:ba:4e:fc:d1:c0:df:97:4a:3f:77:ff:6b:51:b7:
                    b1:7d:c1:9a:f3:1b:28:43:78:6b:cd:22:1c:b3:22:
                    e5:da:3f:83:3e:96:dc:66:e2:bb:9f:fe:fc:ca:c7:
                    73:a0:da:ff:c0:a7:9d:c5:09:59:aa:2e:91:eb:f7:
                    13:99:87:86:44:3d:71:52:bd:02:56:45:82:79:a3:
                    08:ff:02:57:97:a1:1b:4b:6b:b9:d7:b0:53:6d:8b:
                    d7:a4:05:9f:81:19:8d:08:15:1a:00:dc:50:cc:25:
                    57:de:8d:da:76:3d:8c:39:42:04:ef:65:78:ed:04:
                    ce:3e:81:c7:66:fa:8e:11:c1:88:61:a1:1f:22:be:
                    a9:15:54:d3:af:1b:04:35:8d:c1:67:d8:f4:ad:e5:
                    ad:ee:d5:bd:33:44:9c:ed:91:78:de:18:be:54:93:
                    05:bb:ba:d3:3c:c4:9b:5c:bf:f4:8f:96:75:22:df:
                    4d:cd:fe:6d:b1:88:88:12:89:3c:e5:94:14:48:dc:
                    8f:ca:3b:21:86:25:28:78:c0:c0:06:2c:13:4b:84:
                    1a:e4:dc:b2:d6:b8:03:1c:4c:1c:24:15:a3:c4:de:
                    e0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:60:69:70:88:35:09:AE:D2:19:5B:81:0F:DC:E1:46:E4:15:64:88
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/dmBpcIg1Ca7SGVuBD9zhRuQVZIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:43:f0:bf:16:fe:fc:76:f3:8c:85:76:c7:45:3a:c7:eb:e7:
         52:31:ad:1c:c5:88:0f:d5:92:7e:78:5f:fe:e4:9f:98:fc:97:
         90:f1:e4:33:d5:c2:56:7d:b7:08:6d:e1:30:73:98:ff:2c:83:
         e0:8f:ae:80:d6:12:10:bb:1d:48:df:bd:17:f8:c0:16:4c:9e:
         a8:cf:d7:b5:12:f5:69:b9:d0:39:f1:bb:28:8c:81:e4:0f:bb:
         d8:98:a0:1c:76:7a:c8:a5:d0:1e:de:e0:9b:92:e1:c9:60:a1:
         fd:bd:7f:15:db:15:f6:40:24:ee:8b:19:31:83:5f:f2:c3:2f:
         a5:f0:ca:72:28:9f:23:52:e5:68:34:bb:56:26:1c:c2:9c:65:
         df:1e:2f:d9:62:1e:41:d9:85:e6:a1:d2:f0:85:6e:bd:08:86:
         d9:02:3e:cf:44:ee:fb:ff:b5:38:81:85:82:30:95:88:85:b9:
         ef:16:e4:15:b1:fb:b3:e6:fa:6b:1a:6c:c4:6f:9e:31:2e:c6:
         25:d5:43:74:fb:bc:a7:cd:b2:7e:39:cc:06:64:e7:35:3f:1f:
         65:19:2a:a6:95:36:8b:79:c3:d9:40:46:16:97:8b:84:cc:77:
         ed:be:08:36:30:60:63:52:ca:c5:ec:8a:c2:6d:12:ba:f0:e5:
         13:bd:af:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtHNE7HLqkO1LzYCLxnSNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwMTAxMTEzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjYwNjk3MDg4MzUwOWFlZDIxOTViODEwZmRjZTE0NmU0MTU2NDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFkFN+EYYmVmFKv8kldOxN3D93Vh
FdlQgNnep5ADuk780cDfl0o/d/9rUbexfcGa8xsoQ3hrzSIcsyLl2j+DPpbcZuK7
n/78ysdzoNr/wKedxQlZqi6R6/cTmYeGRD1xUr0CVkWCeaMI/wJXl6EbS2u517BT
bYvXpAWfgRmNCBUaANxQzCVX3o3adj2MOUIE72V47QTOPoHHZvqOEcGIYaEfIr6p
FVTTrxsENY3BZ9j0reWt7tW9M0Sc7ZF43hi+VJMFu7rTPMSbXL/0j5Z1It9Nzf5t
sYiIEok85ZQUSNyPyjshhiUoeMDABiwTS4Qa5Nyy1rgDHEwcJBWjxN7gaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZgaXCINQmu0hlbgQ/c4UbkFWSIMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvZG1CcGNJZzFDYTdTR1Z1QkQ5emhSdVFWWklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUR/8MA0G
CSqGSIb3DQEBCwUAA4IBAQC5Q/C/Fv78dvOMhXbHRTrH6+dSMa0cxYgP1ZJ+eF/+
5J+Y/JeQ8eQz1cJWfbcIbeEwc5j/LIPgj66A1hIQux1I370X+MAWTJ6oz9e1EvVp
udA58bsojIHkD7vYmKAcdnrIpdAe3uCbkuHJYKH9vX8V2xX2QCTuixkxg1/ywy+l
8MpyKJ8jUuVoNLtWJhzCnGXfHi/ZYh5B2YXmodLwhW69CIbZAj7PRO77/7U4gYWC
MJWIhbnvFuQVsfuz5vprGmzEb54xLsYl1UN0+7ynzbJ+OcwGZOc1Px9lGSqmlTaL
ecPZQEYWl4uEzHftvgg2MGBjUsrF7IrCbRK68OUTva9z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org