Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/_KmUfZQ6NAXnrzGICCoyj4sF58A.roa
File:                     _KmUfZQ6NAXnrzGICCoyj4sF58A.roa (raw, json)
Hash identifier:          AfPK9Zt4maGdZoNrYhUoP9YXscwvFfvA17Pb773fYPI=
Subject key identifier:   FC:A9:94:7D:94:3A:34:05:E7:AF:31:88:08:2A:32:8F:8B:05:E7:C0
Certificate issuer:       /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial:       018CC795877A75EB43D5EFA3EEE4CA46F522
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/_KmUfZQ6NAXnrzGICCoyj4sF58A.roa
Signing time:             Tue 02 Jan 2024 00:31:54 +0000
ROA not before:           Tue 02 Jan 2024 00:31:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     59676
IP address blocks:        31.13.6.0/24 maxlen: 24
                          2a00:10e8:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 04 May 2024 00:53:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:87:7a:75:eb:43:d5:ef:a3:ee:e4:ca:46:f5:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
        Validity
            Not Before: Jan  2 00:31:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fca9947d943a3405e7af3188082a328f8b05e7c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d7:af:61:13:22:82:90:41:61:59:0f:44:42:
                    25:70:8b:5a:3c:cd:70:24:46:78:0c:8e:1f:e7:11:
                    5f:4b:93:82:5a:28:03:5c:72:35:93:11:1e:60:c9:
                    8e:02:6e:bb:d4:a1:63:07:bb:e5:ed:f6:83:cc:c9:
                    6a:1b:f5:8e:15:af:3f:11:6e:8c:ec:d6:1e:f1:e8:
                    97:59:b2:eb:79:57:34:2d:03:b3:a6:b0:cf:0f:61:
                    77:b4:c9:e6:f9:b1:4a:8e:ba:c9:21:c5:a8:8f:f6:
                    93:e1:0a:7f:2f:d7:8a:64:78:17:c6:d2:15:78:d1:
                    f1:81:c6:7c:e3:af:26:10:77:e5:4f:9a:f8:62:34:
                    d5:bc:94:ca:0d:be:3f:50:35:f1:87:d5:73:6e:a5:
                    cd:64:fd:04:7d:48:09:f0:56:fc:f9:5f:d0:14:75:
                    ea:10:d8:8b:4f:fc:46:8e:11:9d:82:9e:7f:01:42:
                    cc:40:74:61:40:52:5f:d6:68:5f:97:3b:1b:31:e2:
                    9d:78:58:c6:4a:39:e2:35:27:14:5c:4e:a9:ff:cc:
                    9c:ce:bf:94:41:c6:1b:f9:44:5d:20:22:b3:b9:40:
                    0c:d9:a7:27:52:9c:b9:8a:ac:73:ce:28:9d:75:d4:
                    91:53:e6:aa:3d:1e:77:cc:bd:65:d5:c6:50:df:cb:
                    c9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:A9:94:7D:94:3A:34:05:E7:AF:31:88:08:2A:32:8F:8B:05:E7:C0
            X509v3 Authority Key Identifier:
                keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/_KmUfZQ6NAXnrzGICCoyj4sF58A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.6.0/24
                IPv6:
                  2a00:10e8:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         3b:d2:a9:77:1a:78:6c:18:e3:69:3c:84:bd:55:c0:8f:9f:56:
         08:4c:4d:de:ee:bb:b4:01:0b:dc:fe:92:4e:0d:c8:29:33:98:
         84:d1:03:e3:f4:67:6e:99:4d:35:6d:12:31:01:b6:80:58:60:
         60:78:cc:82:5f:c3:ac:84:de:88:ba:95:17:53:62:e0:49:75:
         34:ae:a4:6c:7e:ac:f0:f4:3d:1a:60:e3:7b:5a:03:be:f9:50:
         0e:2a:a0:62:56:a4:d9:87:c5:d9:51:94:bc:5d:8d:97:1a:07:
         7d:17:7c:50:e5:ef:20:bd:e8:80:66:df:84:eb:d2:58:36:71:
         1b:8e:0f:90:ad:cb:84:36:27:36:07:a2:c2:fc:b2:98:4d:7c:
         5d:0e:20:5b:c7:ec:88:bf:2e:e9:47:f6:b5:12:89:c6:37:a4:
         4a:00:86:31:37:7b:60:e0:85:b8:4b:77:e7:3d:ec:d1:79:72:
         13:7d:3c:8a:24:d3:1c:96:66:8b:46:4d:41:25:7c:7c:a8:d0:
         75:bf:67:ca:7d:0c:db:8c:31:a2:20:a3:c2:6d:d8:5c:fb:92:
         7a:9c:35:b2:8c:b5:17:6f:0c:24:37:59:1c:cd:26:0a:ad:da:
         59:6e:8f:58:03:5d:66:e3:3c:83:33:a7:36:f8:37:a1:64:6d:
         12:f1:5e:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlYd6detD1e+j7uTKRvUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjQwMTAyMDAzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2E5OTQ3ZDk0M2EzNDA1ZTdhZjMxODgwODJhMzI4ZjhiMDVlN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9evYRMigpBBYVkPREIlcItaPM1w
JEZ4DI4f5xFfS5OCWigDXHI1kxEeYMmOAm671KFjB7vl7faDzMlqG/WOFa8/EW6M
7NYe8eiXWbLreVc0LQOzprDPD2F3tMnm+bFKjrrJIcWoj/aT4Qp/L9eKZHgXxtIV
eNHxgcZ8468mEHflT5r4YjTVvJTKDb4/UDXxh9VzbqXNZP0EfUgJ8Fb8+V/QFHXq
ENiLT/xGjhGdgp5/AULMQHRhQFJf1mhflzsbMeKdeFjGSjniNScUXE6p/8yczr+U
QcYb+URdICKzuUAM2acnUpy5iqxzziidddSRU+aqPR53zL1l1cZQ38vJbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPyplH2UOjQF568xiAgqMo+LBefAMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvX0ttVWZaUTZOQVhucnpHSUNDb3lqNHNGNThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAHw0GMA8E
AgACMAkDBwAqABDoAAIwDQYJKoZIhvcNAQELBQADggEBADvSqXcaeGwY42k8hL1V
wI+fVghMTd7uu7QBC9z+kk4NyCkzmITRA+P0Z26ZTTVtEjEBtoBYYGB4zIJfw6yE
3oi6lRdTYuBJdTSupGx+rPD0PRpg43taA775UA4qoGJWpNmHxdlRlLxdjZcaB30X
fFDl7yC96IBm34Tr0lg2cRuOD5Cty4Q2JzYHosL8sphNfF0OIFvH7Ii/LulH9rUS
icY3pEoAhjE3e2DghbhLd+c97NF5chN9PIok0xyWZotGTUElfHyo0HW/Z8p9DNuM
MaIgo8Jt2Fz7knqcNbKMtRdvDCQ3WRzNJgqt2lluj1gDXWbjPIMzpzb4N6FkbRLx
Xjs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:23 2024 by rpki-client on console-ams.rpki-client.org