Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/izqj9O_epOoqWOW6HbTi7OMQ0iY.roa
File:                     izqj9O_epOoqWOW6HbTi7OMQ0iY.roa (raw, json)
Hash identifier:          RnV9HkoEnCMHlUR9Y3Vdm58AiRLaDKX0igqybFSiuzw=
Subject key identifier:   8B:3A:A3:F4:EF:DE:A4:EA:2A:58:E5:BA:1D:B4:E2:EC:E3:10:D2:26
Certificate issuer:       /CN=0195727f07b758f9868476c13cf977654bf380ee
Certificate serial:       018721A6BA74FBA6DDA5E5D8977C2A157266
Authority key identifier: 01:95:72:7F:07:B7:58:F9:86:84:76:C1:3C:F9:77:65:4B:F3:80:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/izqj9O_epOoqWOW6HbTi7OMQ0iY.roa
Signing time:             Mon 27 Mar 2023 05:59:47 +0000
ROA not before:           Mon 27 Mar 2023 05:59:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56535
IP address blocks:        31.44.240.0/24 maxlen: 24
                          31.44.241.0/24 maxlen: 24
                          31.44.243.0/24 maxlen: 24
                          31.44.242.0/24 maxlen: 24
                          31.44.252.0/23 maxlen: 23
                          31.44.255.0/24 maxlen: 24
                          31.44.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:21:a6:ba:74:fb:a6:dd:a5:e5:d8:97:7c:2a:15:72:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0195727f07b758f9868476c13cf977654bf380ee
        Validity
            Not Before: Mar 27 05:59:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b3aa3f4efdea4ea2a58e5ba1db4e2ece310d226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c4:68:c8:dc:68:1d:98:56:94:e8:70:45:67:
                    a4:14:63:f4:cd:ad:bb:af:f8:66:52:c4:1f:07:e6:
                    3e:5d:48:45:ba:21:0b:4e:3c:23:b0:06:2a:fe:25:
                    aa:41:de:a6:5a:52:66:8c:70:f3:7c:53:7b:b9:a5:
                    59:06:bc:d6:ec:ff:4c:96:03:17:f7:5f:f6:07:97:
                    cc:6e:0c:5a:5c:64:a5:5e:03:79:98:9d:88:62:25:
                    b7:a3:f3:6d:74:e6:2f:a9:ad:65:49:2f:90:42:d0:
                    ea:d4:43:83:27:0c:84:24:3f:70:23:07:c0:25:cf:
                    ca:ca:f0:39:84:d0:02:81:7a:cb:e1:1d:e8:ec:34:
                    8c:a7:58:a3:54:e8:69:a6:72:35:0d:5f:7a:66:70:
                    c8:ce:44:78:09:30:dd:41:4d:9c:2e:ef:61:98:ed:
                    0f:71:21:9f:69:0c:d8:ff:c0:b3:1f:23:fa:73:97:
                    a9:71:08:f9:07:5d:59:ec:91:84:5b:c4:55:c7:4d:
                    76:60:bf:75:73:d6:fa:d3:47:8a:0b:3c:7f:f0:88:
                    ac:52:85:83:52:f8:13:b5:7b:7c:8a:03:be:eb:66:
                    25:7d:13:a9:ae:96:0c:ce:f5:71:06:fb:81:c4:87:
                    ba:bf:c4:20:f4:dc:2c:91:4f:49:8a:34:af:3f:05:
                    a7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:3A:A3:F4:EF:DE:A4:EA:2A:58:E5:BA:1D:B4:E2:EC:E3:10:D2:26
            X509v3 Authority Key Identifier:
                keyid:01:95:72:7F:07:B7:58:F9:86:84:76:C1:3C:F9:77:65:4B:F3:80:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/izqj9O_epOoqWOW6HbTi7OMQ0iY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.44.240.0/22
                  31.44.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:94:ec:57:48:3f:52:96:45:e5:78:57:86:0c:d8:fe:17:86:
         0c:f1:16:54:c8:cc:b8:e9:14:aa:13:ba:57:ed:b9:28:cc:18:
         00:8c:89:ad:66:a8:74:fb:f7:f6:e1:55:05:3f:20:bc:29:80:
         49:c1:a5:c1:d5:24:17:f9:9b:66:e2:5d:8d:cd:3a:11:57:8c:
         5c:ba:3f:b4:ed:ea:5a:42:cf:bf:85:d0:cf:8d:10:de:ed:7a:
         95:8a:dc:f2:ff:c3:cf:43:63:91:8e:06:d0:e1:b9:4a:27:45:
         c3:25:55:90:e0:2b:e2:ff:b9:d3:79:3c:56:24:fb:ec:22:a8:
         60:ae:95:b1:d7:a0:93:5a:6a:54:64:37:39:79:ce:6f:58:78:
         e3:8d:cf:97:96:46:ad:ee:05:71:42:ed:11:8d:b3:e5:7b:2b:
         b1:95:1d:1d:5d:0d:fb:32:22:49:de:42:21:4f:c2:a3:67:92:
         d8:06:ab:d8:c9:22:9c:3f:6e:60:41:ee:e7:42:8e:b9:63:e8:
         2c:81:86:8c:bd:6e:43:13:b1:8d:86:4f:f1:8a:e7:11:21:37:
         04:3c:47:d6:61:1c:46:8a:22:be:c9:d4:68:ca:96:bd:b5:1c:
         fb:cc:fb:19:c8:91:e8:5e:45:a4:88:7a:00:c6:dc:0e:24:55:
         ea:30:b9:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYchprp0+6bdpeXYl3wqFXJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTU3MjdmMDdiNzU4Zjk4Njg0NzZjMTNjZjk3NzY1NGJm
MzgwZWUwHhcNMjMwMzI3MDU1OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNhYTNmNGVmZGVhNGVhMmE1OGU1YmExZGI0ZTJlY2UzMTBkMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisRoyNxoHZhWlOhwRWekFGP0za27
r/hmUsQfB+Y+XUhFuiELTjwjsAYq/iWqQd6mWlJmjHDzfFN7uaVZBrzW7P9MlgMX
91/2B5fMbgxaXGSlXgN5mJ2IYiW3o/NtdOYvqa1lSS+QQtDq1EODJwyEJD9wIwfA
Jc/KyvA5hNACgXrL4R3o7DSMp1ijVOhppnI1DV96ZnDIzkR4CTDdQU2cLu9hmO0P
cSGfaQzY/8CzHyP6c5epcQj5B11Z7JGEW8RVx012YL91c9b600eKCzx/8IisUoWD
UvgTtXt8igO+62YlfROprpYMzvVxBvuBxIe6v8Qg9NwskU9JijSvPwWnPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIs6o/Tv3qTqKljluh204uzjENImMB8GA1UdIwQY
MBaAFAGVcn8Ht1j5hoR2wTz5d2VL84DuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpWeWZ3ZTNXUG1HaEhiQlBQbDNaVXZ6Z080LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kZGVkOTUtY2I4Yy00MzM1LWFlZDAt
NjQ4MzhkZjM5NzdhLzEvaXpxajlPX2VwT29xV09XNkhiVGk3T01RMGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kZGVkOTUtY2I4Yy00MzM1LWFlZDAtNjQ4MzhkZjM5Nzdh
LzEvQVpWeWZ3ZTNXUG1HaEhiQlBQbDNaVXZ6Z080LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyzwAwQC
Hyz8MA0GCSqGSIb3DQEBCwUAA4IBAQCwlOxXSD9SlkXleFeGDNj+F4YM8RZUyMy4
6RSqE7pX7bkozBgAjImtZqh0+/f24VUFPyC8KYBJwaXB1SQX+Ztm4l2NzToRV4xc
uj+07epaQs+/hdDPjRDe7XqVitzy/8PPQ2ORjgbQ4blKJ0XDJVWQ4Cvi/7nTeTxW
JPvsIqhgrpWx16CTWmpUZDc5ec5vWHjjjc+Xlkat7gVxQu0RjbPleyuxlR0dXQ37
MiJJ3kIhT8KjZ5LYBqvYySKcP25gQe7nQo65Y+gsgYaMvW5DE7GNhk/xiucRITcE
PEfWYRxGiiK+ydRoypa9tRz7zPsZyJHoXkWkiHoAxtwOJFXqMLmR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:21 2024 by rpki-client on console-ams.rpki-client.org