Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/XUwD2nUey5SuzBkan1HQsjG24oE.roa
File:                     XUwD2nUey5SuzBkan1HQsjG24oE.roa (raw, json)
Hash identifier:          s873+RPvL2XtrWzP9wEm2n7OF1f0B84hdmHQUIcJeN8=
Subject key identifier:   5D:4C:03:DA:75:1E:CB:94:AE:CC:19:1A:9F:51:D0:B2:31:B6:E2:81
Certificate issuer:       /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial:       01856DDD3D95026229D2A09D8623B636F897
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/XUwD2nUey5SuzBkan1HQsjG24oE.roa
Signing time:             Sun 01 Jan 2023 15:04:53 +0000
ROA not before:           Sun 01 Jan 2023 15:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207422
IP address blocks:        31.129.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 20:44:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:3d:95:02:62:29:d2:a0:9d:86:23:b6:36:f8:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
        Validity
            Not Before: Jan  1 15:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d4c03da751ecb94aecc191a9f51d0b231b6e281
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:95:42:a3:71:68:32:44:78:4d:d1:bd:f4:e8:
                    7d:a6:31:6a:a8:d7:cd:1c:b2:5b:5e:1c:22:62:1e:
                    65:87:e6:06:c0:bd:c2:77:97:2e:58:51:75:d2:15:
                    31:e6:fd:58:b9:25:2c:d3:ed:56:7a:68:4d:5a:ff:
                    a2:ed:f7:0c:16:f8:4a:2b:8c:bb:10:71:c8:d8:0f:
                    62:cf:b2:73:8c:47:5a:a0:fa:2c:bc:c5:c0:19:c5:
                    80:74:ed:84:9a:55:90:9c:7a:80:95:b4:4f:2b:14:
                    12:db:bd:55:54:5a:52:43:d7:68:43:18:9e:13:bd:
                    6b:a0:bd:10:d9:51:62:fd:08:b3:8c:d9:0a:dd:11:
                    c7:1f:17:0f:0c:e4:ef:ca:7d:3d:e3:4c:3f:77:69:
                    0c:b4:27:36:36:c5:33:75:2a:68:82:db:ea:6d:77:
                    ef:82:f0:9a:48:05:32:43:58:c1:e9:2b:d9:31:9c:
                    60:33:27:d7:fa:21:70:88:00:72:ad:ca:9c:5e:61:
                    4d:c5:f6:c5:91:f2:4b:52:52:9e:04:e2:fd:f2:e2:
                    7f:ad:23:b7:13:95:9d:8e:55:40:d7:a4:9e:cf:ce:
                    d0:56:3b:27:34:41:54:e6:d7:ec:64:f1:a2:73:87:
                    2b:98:1a:01:38:b2:ba:89:36:92:a7:63:c3:2d:f8:
                    d1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:4C:03:DA:75:1E:CB:94:AE:CC:19:1A:9F:51:D0:B2:31:B6:E2:81
            X509v3 Authority Key Identifier:
                keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/XUwD2nUey5SuzBkan1HQsjG24oE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.129.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:a9:bd:12:de:c4:68:9a:40:f7:65:e0:33:59:7e:92:88:ab:
         a1:75:10:51:a2:9e:3c:ad:4a:4e:9a:8c:c3:6e:37:a2:54:91:
         3a:68:d8:83:dc:98:ef:e3:42:d1:0a:de:e5:7b:96:3f:14:99:
         1f:9b:e1:d0:89:4e:27:71:4d:61:74:af:f9:73:47:a5:0c:f5:
         fa:88:b2:ed:16:23:88:0f:c8:e3:2e:22:35:dc:02:ca:f0:27:
         87:0b:3b:10:9e:7a:ee:35:e5:ec:64:26:23:90:32:3e:11:79:
         98:68:2b:52:a8:2e:64:59:bf:06:bb:7e:71:70:37:52:1c:8e:
         ad:25:83:f0:19:77:2e:e7:50:08:c0:7b:e7:1d:3a:5e:cf:59:
         2b:dd:8d:83:f4:5d:ba:3c:8c:26:33:21:9b:78:7e:84:ec:42:
         38:a7:ac:ce:e9:2c:6a:eb:19:73:c3:de:f7:d5:20:55:e5:ed:
         c6:b7:aa:46:22:9c:96:39:e2:c6:04:09:26:fa:aa:a5:f1:63:
         ad:fe:41:59:ac:c2:a2:72:91:c8:e2:f8:17:92:3d:ba:c5:35:
         40:2a:4d:90:7e:0d:c2:bb:e3:45:cb:22:2b:05:a0:1f:06:af:
         0a:74:ce:60:f7:1c:3c:80:9d:76:b2:22:54:d7:40:17:fa:d4:
         fc:3f:41:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3T2VAmIp0qCdhiO2NviXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjMwMTAxMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRjMDNkYTc1MWVjYjk0YWVjYzE5MWE5ZjUxZDBiMjMxYjZlMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJVCo3FoMkR4TdG99Oh9pjFqqNfN
HLJbXhwiYh5lh+YGwL3Cd5cuWFF10hUx5v1YuSUs0+1WemhNWv+i7fcMFvhKK4y7
EHHI2A9iz7JzjEdaoPosvMXAGcWAdO2EmlWQnHqAlbRPKxQS271VVFpSQ9doQxie
E71roL0Q2VFi/QizjNkK3RHHHxcPDOTvyn0940w/d2kMtCc2NsUzdSpogtvqbXfv
gvCaSAUyQ1jB6SvZMZxgMyfX+iFwiAByrcqcXmFNxfbFkfJLUlKeBOL98uJ/rSO3
E5WdjlVA16Sez87QVjsnNEFU5tfsZPGic4crmBoBOLK6iTaSp2PDLfjRxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1MA9p1HsuUrswZGp9R0LIxtuKBMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvWFV3RDJuVWV5NVN1ekJrYW4xSFFzakcyNG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4H0MA0G
CSqGSIb3DQEBCwUAA4IBAQBEqb0S3sRomkD3ZeAzWX6SiKuhdRBRop48rUpOmozD
bjeiVJE6aNiD3Jjv40LRCt7le5Y/FJkfm+HQiU4ncU1hdK/5c0elDPX6iLLtFiOI
D8jjLiI13ALK8CeHCzsQnnruNeXsZCYjkDI+EXmYaCtSqC5kWb8Gu35xcDdSHI6t
JYPwGXcu51AIwHvnHTpez1kr3Y2D9F26PIwmMyGbeH6E7EI4p6zO6Sxq6xlzw973
1SBV5e3Gt6pGIpyWOeLGBAkm+qql8WOt/kFZrMKicpHI4vgXkj26xTVAKk2Qfg3C
u+NFyyIrBaAfBq8KdM5g9xw8gJ12siJU10AX+tT8P0Hs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:10 2024 by rpki-client on console-fra.rpki-client.org