Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/tdTmo-kcNsjEj1KchUNqICFCoVI.roa
File:                     tdTmo-kcNsjEj1KchUNqICFCoVI.roa (raw, json)
Hash identifier:          EQiZC7qtrR7vW/PlDCsWupi64X8sDcnVMbStdAMWcWI=
Subject key identifier:   B5:D4:E6:A3:E9:1C:36:C8:C4:8F:52:9C:85:43:6A:20:21:42:A1:52
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       018EAA178E1BC82AD8BD31A26E75F347687C
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/tdTmo-kcNsjEj1KchUNqICFCoVI.roa
Signing time:             Thu 04 Apr 2024 17:10:54 +0000
ROA not before:           Thu 04 Apr 2024 17:10:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47585
IP address blocks:        81.31.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 07:57:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:aa:17:8e:1b:c8:2a:d8:bd:31:a2:6e:75:f3:47:68:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Apr  4 17:10:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b5d4e6a3e91c36c8c48f529c85436a202142a152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a3:61:bc:b0:ae:49:c9:8b:77:8e:b4:14:fa:
                    a9:0a:a0:6e:c3:45:0d:0d:7c:18:6e:6d:a3:57:f9:
                    42:ec:ca:9d:71:67:28:ec:e4:20:94:4b:0a:14:fc:
                    15:e2:8b:4d:52:d7:b1:b0:89:31:70:91:c1:bd:bf:
                    d8:0c:b5:81:b9:56:09:98:9d:4a:0c:33:6d:f2:cf:
                    a6:48:bd:66:9e:54:c3:28:d0:cd:98:39:6c:12:72:
                    62:ca:ea:04:b8:3a:ca:4a:6a:dd:7a:54:9d:c0:d8:
                    d9:70:6b:2a:41:6b:00:0a:fd:98:b1:33:63:2e:0f:
                    44:39:51:03:f7:2c:3a:4b:6b:9e:5f:0e:88:3b:af:
                    e2:61:29:ff:0d:0d:a2:29:0a:1a:5c:7a:ec:44:9d:
                    f0:1c:37:7f:32:1e:34:07:92:5c:a2:01:77:3f:a5:
                    fd:b4:f1:07:6d:97:3f:68:99:ea:7d:67:ff:74:c5:
                    ec:68:0d:ea:ba:ad:f9:19:1e:71:90:a9:fd:f5:82:
                    14:1e:06:59:13:73:75:59:5b:9d:6d:bb:32:55:09:
                    e4:61:fb:ef:88:b2:05:b5:6a:4c:4e:75:ae:ad:0a:
                    a4:92:8e:65:8e:01:c6:cf:a4:2e:bf:9b:1b:7f:51:
                    df:85:4e:90:e2:b1:7f:83:ea:12:7b:da:77:bb:32:
                    da:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:D4:E6:A3:E9:1C:36:C8:C4:8F:52:9C:85:43:6A:20:21:42:A1:52
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/tdTmo-kcNsjEj1KchUNqICFCoVI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:b1:2d:8a:8f:97:f3:14:2b:c5:d0:bc:73:16:66:0c:60:8d:
         8f:b8:88:0b:48:89:17:0f:4b:c8:4c:72:61:77:25:98:f9:e9:
         c8:60:69:bc:2b:da:8f:61:0f:c5:d4:21:4b:0a:f8:28:00:2d:
         fb:6f:7a:ae:50:8d:6d:d0:c3:4e:b3:d3:d9:56:53:0b:44:df:
         bf:b0:8a:79:57:3f:7c:e2:bd:d8:23:0d:98:4f:ee:17:93:fc:
         6b:e5:45:44:8b:60:3e:c0:13:0c:82:f0:ab:f5:b3:77:23:29:
         0c:fc:e8:00:70:c5:64:d2:29:9d:1f:8c:2a:57:d0:ba:86:1d:
         f3:1b:f5:bf:13:dc:b6:f2:28:93:62:3a:9c:50:c4:ce:6d:c9:
         5c:d4:72:6b:0b:66:76:63:84:dc:e5:09:ee:16:20:63:1b:61:
         43:e5:67:86:32:ef:9a:de:e3:72:66:7b:8d:eb:e3:d1:08:bd:
         9d:5e:25:2f:0a:df:97:eb:65:d6:b9:7d:ab:ee:45:45:44:aa:
         dd:92:8b:a6:f9:7a:b8:43:03:96:60:e7:a5:01:48:95:95:92:
         8a:ba:0d:a1:a0:a6:a9:f5:ae:c3:46:91:12:b1:b1:63:0f:dd:
         fc:1f:33:f8:c5:a8:ad:70:2d:eb:7d:d7:55:38:21:5e:aa:1b:
         68:89:0b:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6qF44byCrYvTGibnXzR2h8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjQwNDA0MTcxMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ0ZTZhM2U5MWMzNmM4YzQ4ZjUyOWM4NTQzNmEyMDIxNDJhMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KNhvLCuScmLd460FPqpCqBuw0UN
DXwYbm2jV/lC7MqdcWco7OQglEsKFPwV4otNUtexsIkxcJHBvb/YDLWBuVYJmJ1K
DDNt8s+mSL1mnlTDKNDNmDlsEnJiyuoEuDrKSmrdelSdwNjZcGsqQWsACv2YsTNj
Lg9EOVED9yw6S2ueXw6IO6/iYSn/DQ2iKQoaXHrsRJ3wHDd/Mh40B5JcogF3P6X9
tPEHbZc/aJnqfWf/dMXsaA3quq35GR5xkKn99YIUHgZZE3N1WVudbbsyVQnkYfvv
iLIFtWpMTnWurQqkko5ljgHGz6Quv5sbf1HfhU6Q4rF/g+oSe9p3uzLafQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXU5qPpHDbIxI9SnIVDaiAhQqFSMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvdGRUbW8ta2NOc2pFajFLY2hVTnFJQ0ZDb1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/nMA0G
CSqGSIb3DQEBCwUAA4IBAQC2sS2Kj5fzFCvF0LxzFmYMYI2PuIgLSIkXD0vITHJh
dyWY+enIYGm8K9qPYQ/F1CFLCvgoAC37b3quUI1t0MNOs9PZVlMLRN+/sIp5Vz98
4r3YIw2YT+4Xk/xr5UVEi2A+wBMMgvCr9bN3IykM/OgAcMVk0imdH4wqV9C6hh3z
G/W/E9y28iiTYjqcUMTObclc1HJrC2Z2Y4Tc5QnuFiBjG2FD5WeGMu+a3uNyZnuN
6+PRCL2dXiUvCt+X62XWuX2r7kVFRKrdkoum+Xq4QwOWYOelAUiVlZKKug2hoKap
9a7DRpESsbFjD938HzP4xaitcC3rfddVOCFeqhtoiQuU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org