Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xwoPG3pC_m560VjnTkcAEKaaErU.roa
File:                     xwoPG3pC_m560VjnTkcAEKaaErU.roa (raw, json)
Hash identifier:          4men4QkCBGfqjJtJHerabtzcbeWJDR+3C0rs20FRv/c=
Subject key identifier:   C7:0A:0F:1B:7A:42:FE:6E:7A:D1:58:E7:4E:47:00:10:A6:9A:12:B5
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FE9B4C6CB2E3B0A45CFBA116229A6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xwoPG3pC_m560VjnTkcAEKaaErU.roa
Signing time:             Mon 02 Jan 2023 17:38:09 +0000
ROA not before:           Mon 02 Jan 2023 17:38:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46664
IP address blocks:        194.31.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Jan 2023 17:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:e9:b4:c6:cb:2e:3b:0a:45:cf:ba:11:62:29:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c70a0f1b7a42fe6e7ad158e74e470010a69a12b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:85:4d:a5:1e:27:a7:eb:ee:06:3f:0b:39:3b:
                    d6:76:6d:ec:33:26:87:d5:66:a1:81:93:7d:79:2d:
                    c7:59:53:74:a4:1c:72:3f:1c:97:65:69:17:8d:61:
                    41:0b:60:0e:64:6b:6c:e4:7e:27:61:92:aa:7b:77:
                    82:a4:f1:86:ce:3c:1f:1f:1a:45:c3:3f:67:f0:48:
                    6b:d8:38:4e:c6:d6:d4:7e:8c:46:e2:b2:64:04:c4:
                    20:6d:5e:33:8d:1a:e5:fc:d2:00:25:9d:23:83:65:
                    e6:43:6a:98:c2:3a:19:00:74:c5:74:8b:f0:2b:c5:
                    37:2b:e7:9c:d5:1b:1c:b8:24:01:22:2e:15:62:a7:
                    2b:c4:e9:fa:ab:e5:9f:7d:e2:2f:b6:e6:cc:e9:8b:
                    1f:80:83:78:09:3a:26:cd:b6:bf:39:54:a0:a1:92:
                    ff:d7:93:97:64:96:c9:6a:e8:e2:5a:4e:f5:18:e6:
                    e0:60:c0:b4:95:47:0a:58:63:d3:c6:4f:1f:73:1e:
                    67:e6:f5:6b:79:0c:97:f8:ea:5d:92:e2:14:bb:1d:
                    82:33:12:7e:e8:5a:ae:14:87:1e:a7:d3:9c:84:4f:
                    00:7c:54:12:b6:f6:d4:b0:a4:31:23:77:1e:71:e9:
                    e8:5b:44:a1:7c:28:42:7a:9b:c0:4c:10:45:67:69:
                    3f:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:0A:0F:1B:7A:42:FE:6E:7A:D1:58:E7:4E:47:00:10:A6:9A:12:B5
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xwoPG3pC_m560VjnTkcAEKaaErU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.31.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:e7:1a:fe:14:80:da:ae:28:d8:a5:87:3b:1d:d0:17:db:e8:
         d2:11:fa:8f:80:24:e5:bc:e4:d3:01:74:c0:eb:81:fa:bd:7d:
         cb:fc:d5:39:68:3c:91:9e:c6:62:99:bd:36:02:e7:f4:3d:8f:
         58:49:8c:32:4d:f5:0e:39:e4:ac:dd:c3:3b:44:3b:e0:a4:82:
         8c:c5:31:db:da:60:ba:25:b3:59:cc:19:b2:4f:be:c8:54:68:
         b6:ce:35:7d:aa:65:55:cf:c0:14:f2:22:57:66:70:e5:cd:08:
         da:0e:9d:6e:09:70:96:1c:d9:16:58:f8:ae:d7:d5:bd:09:bb:
         9a:2d:3e:ce:f4:09:36:43:de:38:36:16:2a:70:62:08:56:39:
         88:14:7c:97:48:59:e3:4a:e2:54:fb:a4:1e:7f:51:c1:fd:82:
         e5:89:15:10:63:fd:c0:c3:39:e0:dd:e6:1f:e0:84:14:2c:d0:
         d3:c6:57:6d:a6:b8:b7:e3:5f:40:bf:78:12:bf:a0:7c:89:60:
         e8:02:ab:86:68:90:8b:d2:71:74:2d:64:9c:eb:44:10:e2:5e:
         ad:99:66:66:4a:5a:c4:cb:69:70:63:05:38:75:bf:05:1f:fb:
         1c:4a:8d:d6:d2:40:45:30:a5:c8:9a:60:9b:cf:dc:86:05:87:
         ee:cc:d2:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj+m0xssuOwpFz7oRYimmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBhMGYxYjdhNDJmZTZlN2FkMTU4ZTc0ZTQ3MDAxMGE2OWExMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYVNpR4np+vuBj8LOTvWdm3sMyaH
1WahgZN9eS3HWVN0pBxyPxyXZWkXjWFBC2AOZGts5H4nYZKqe3eCpPGGzjwfHxpF
wz9n8Ehr2DhOxtbUfoxG4rJkBMQgbV4zjRrl/NIAJZ0jg2XmQ2qYwjoZAHTFdIvw
K8U3K+ec1RscuCQBIi4VYqcrxOn6q+WffeIvtubM6YsfgIN4CTomzba/OVSgoZL/
15OXZJbJaujiWk71GObgYMC0lUcKWGPTxk8fcx5n5vVreQyX+OpdkuIUux2CMxJ+
6FquFIcep9OchE8AfFQStvbUsKQxI3cecenoW0ShfChCepvATBBFZ2k/OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcKDxt6Qv5uetFY505HABCmmhK1MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEveHdvUEczcENfbTU2MFZqblRrY0FFS2FhRXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+NMA0G
CSqGSIb3DQEBCwUAA4IBAQCA5xr+FIDarijYpYc7HdAX2+jSEfqPgCTlvOTTAXTA
64H6vX3L/NU5aDyRnsZimb02Auf0PY9YSYwyTfUOOeSs3cM7RDvgpIKMxTHb2mC6
JbNZzBmyT77IVGi2zjV9qmVVz8AU8iJXZnDlzQjaDp1uCXCWHNkWWPiu19W9Cbua
LT7O9Ak2Q944NhYqcGIIVjmIFHyXSFnjSuJU+6Qef1HB/YLliRUQY/3Awzng3eYf
4IQULNDTxldtpri3419Av3gSv6B8iWDoAquGaJCL0nF0LWSc60QQ4l6tmWZmSlrE
y2lwYwU4db8FH/scSo3W0kBFMKXImmCbz9yGBYfuzNIs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org