Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/QBOf7s2wwi7QY1du8pxL36eYBbA.roa
File:                     QBOf7s2wwi7QY1du8pxL36eYBbA.roa (raw, json)
Hash identifier:          fx7nKJaHI6FzPKc2LtwdMkVdlJ1uRB5FdqI45aOfatI=
Subject key identifier:   40:13:9F:EE:CD:B0:C2:2E:D0:63:57:6E:F2:9C:4B:DF:A7:98:05:B0
Certificate issuer:       /CN=b27912ffef67078bb06bd4a9021fba96adb180be
Certificate serial:       01856C5CB13B6D9DAB259284E5058C3C13C5
Authority key identifier: B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/QBOf7s2wwi7QY1du8pxL36eYBbA.roa
Signing time:             Sun 01 Jan 2023 08:04:51 +0000
ROA not before:           Sun 01 Jan 2023 08:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197506
IP address blocks:        31.44.16.0/20 maxlen: 20
                          31.44.26.0/24 maxlen: 24
                          45.144.100.0/24 maxlen: 24
                          45.144.101.0/24 maxlen: 24
                          2a00:d400::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:5c:b1:3b:6d:9d:ab:25:92:84:e5:05:8c:3c:13:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b27912ffef67078bb06bd4a9021fba96adb180be
        Validity
            Not Before: Jan  1 08:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40139feecdb0c22ed063576ef29c4bdfa79805b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5b:57:7e:66:41:c5:51:13:f4:ad:78:88:16:
                    15:ef:29:d3:1f:7e:bc:03:c4:c7:78:93:11:54:4f:
                    16:6c:90:16:bf:d8:86:7b:83:5a:3a:37:45:2c:e4:
                    b7:e8:f4:8d:70:51:ba:37:f3:c4:11:7f:15:05:02:
                    cc:b8:75:f0:4e:8f:03:8d:3a:0d:9d:dd:d6:ff:83:
                    ee:86:67:86:f0:96:03:ab:61:53:97:fc:5d:66:d0:
                    f6:d3:dc:bf:74:16:39:c9:44:c2:03:4e:e7:15:61:
                    c3:ff:24:c1:c4:ce:83:df:26:97:ed:3f:a5:1c:49:
                    13:c2:19:85:03:3a:4d:99:ee:a4:26:7d:94:00:39:
                    8f:1c:c6:ab:a5:45:17:32:ad:0a:e0:08:c1:f8:3c:
                    a2:1a:83:61:2c:3d:1c:a2:f9:46:9d:1a:7e:2d:48:
                    4c:22:e9:01:01:0c:95:af:7f:bc:32:b3:21:fa:88:
                    26:a2:bb:26:6b:9b:66:c0:e1:c0:ed:04:cd:da:0a:
                    c9:50:d0:7f:33:04:64:d1:ef:59:56:d3:5e:fd:87:
                    19:19:dc:7b:32:5f:ca:96:52:15:cd:0a:c1:42:c4:
                    2b:93:d5:69:81:c0:e6:ec:ba:d1:9f:f6:dd:41:8b:
                    c6:dd:61:5b:ba:5e:78:eb:2d:aa:26:a2:f3:dc:7d:
                    e7:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:13:9F:EE:CD:B0:C2:2E:D0:63:57:6E:F2:9C:4B:DF:A7:98:05:B0
            X509v3 Authority Key Identifier:
                keyid:B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/QBOf7s2wwi7QY1du8pxL36eYBbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.44.16.0/20
                  45.144.100.0/23
                IPv6:
                  2a00:d400::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:0f:f2:9c:62:25:22:9f:21:94:4e:30:4a:0c:7a:7f:9b:e4:
         94:45:8d:26:2b:70:06:35:52:c2:22:58:ec:61:5c:df:40:9e:
         08:54:8e:12:0b:8b:d7:16:72:15:8c:93:80:d9:af:f5:05:7f:
         b4:0e:97:2d:54:bb:20:50:26:d9:1c:b6:0b:5b:71:69:c4:d2:
         da:4b:e4:25:7f:78:58:90:8e:ac:e3:29:96:5b:10:3f:fc:34:
         21:12:56:b2:8e:c5:2c:2c:0f:83:9c:45:01:7b:e7:3b:e8:70:
         75:2b:3c:f4:44:d3:d4:c3:64:29:13:ab:7c:03:c5:12:6f:d5:
         52:24:40:dc:fd:fa:72:8d:e2:f0:cf:f0:a7:94:8b:90:cb:d6:
         2e:d7:3b:48:6c:e5:ff:46:7f:a0:dd:23:27:d5:a9:61:d3:14:
         89:8c:e5:7d:5a:71:72:b9:0a:ca:5b:55:b5:6b:ad:26:dc:87:
         be:8f:7b:f4:1f:25:4c:c4:bb:4c:25:5c:d0:b2:5a:ce:b5:a4:
         7a:34:c5:90:64:4d:ae:0e:3c:32:03:bb:fb:43:75:4c:61:a1:
         49:bd:39:fc:c0:d1:67:c9:e3:de:a7:c1:20:bd:1d:be:fb:8f:
         c0:e6:62:5a:61:72:1a:23:dd:90:d8:bf:8e:91:fd:ea:65:3e:
         a9:d0:2f:84
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsXLE7bZ2rJZKE5QWMPBPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzkxMmZmZWY2NzA3OGJiMDZiZDRhOTAyMWZiYTk2YWRi
MTgwYmUwHhcNMjMwMTAxMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDEzOWZlZWNkYjBjMjJlZDA2MzU3NmVmMjljNGJkZmE3OTgwNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1tXfmZBxVET9K14iBYV7ynTH368
A8THeJMRVE8WbJAWv9iGe4NaOjdFLOS36PSNcFG6N/PEEX8VBQLMuHXwTo8DjToN
nd3W/4PuhmeG8JYDq2FTl/xdZtD209y/dBY5yUTCA07nFWHD/yTBxM6D3yaX7T+l
HEkTwhmFAzpNme6kJn2UADmPHMarpUUXMq0K4AjB+DyiGoNhLD0covlGnRp+LUhM
IukBAQyVr3+8MrMh+ogmorsma5tmwOHA7QTN2grJUNB/MwRk0e9ZVtNe/YcZGdx7
Ml/KllIVzQrBQsQrk9VpgcDm7LrRn/bdQYvG3WFbul546y2qJqLz3H3nhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEATn+7NsMIu0GNXbvKcS9+nmAWwMB8GA1UdIwQY
MBaAFLJ5Ev/vZweLsGvUqQIfupatsYC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQt
NWMwZDkyZjlhNDlmLzEvUUJPZjdzMnd3aTdRWTFkdThweEwzNmVZQmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQtNWMwZDkyZjlhNDlm
LzEvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEHywQAwQB
LZBkMA0EAgACMAcDBQAqANQAMA0GCSqGSIb3DQEBCwUAA4IBAQCHD/KcYiUinyGU
TjBKDHp/m+SURY0mK3AGNVLCIljsYVzfQJ4IVI4SC4vXFnIVjJOA2a/1BX+0Dpct
VLsgUCbZHLYLW3FpxNLaS+Qlf3hYkI6s4ymWWxA//DQhElayjsUsLA+DnEUBe+c7
6HB1Kzz0RNPUw2QpE6t8A8USb9VSJEDc/fpyjeLwz/CnlIuQy9Yu1ztIbOX/Rn+g
3SMn1alh0xSJjOV9WnFyuQrKW1W1a60m3Ie+j3v0HyVMxLtMJVzQslrOtaR6NMWQ
ZE2uDjwyA7v7Q3VMYaFJvTn8wNFnyePep8EgvR2++4/A5mJaYXIaI92Q2L+Okf3q
ZT6p0C+E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org