Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/BfKzUXnmv0u673aiL73OGft8Tn0.roa
File:                     BfKzUXnmv0u673aiL73OGft8Tn0.roa (raw, json)
Hash identifier:          JeOohLSM++Uh/HN5XVkpIDgzh09Bri7F055mZ3mSoNc=
Subject key identifier:   05:F2:B3:51:79:E6:BF:4B:BA:EF:76:A2:2F:BD:CE:19:FB:7C:4E:7D
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       01856B811683F80CC2DF638A24B89F317826
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/BfKzUXnmv0u673aiL73OGft8Tn0.roa
Signing time:             Sun 01 Jan 2023 04:05:00 +0000
ROA not before:           Sun 01 Jan 2023 04:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57694
IP address blocks:        31.172.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:16:83:f8:0c:c2:df:63:8a:24:b8:9f:31:78:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Jan  1 04:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05f2b35179e6bf4bbaef76a22fbdce19fb7c4e7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:40:53:d1:c5:70:be:91:ae:7b:bb:70:87:53:
                    cb:75:6e:de:ca:c9:de:ab:39:1d:71:5a:6c:20:89:
                    4b:71:3b:4a:3c:41:a2:3f:5a:e7:b0:36:53:a7:65:
                    9f:9c:4a:12:6d:19:3a:43:7b:8b:31:e7:a0:b2:e3:
                    f5:e7:b2:a4:a9:15:87:68:dc:18:bf:09:6a:12:54:
                    c1:f7:54:ba:b2:ae:05:10:93:c0:93:1e:a4:e0:2a:
                    bf:18:02:55:2a:0b:0b:4a:f1:d9:81:ce:e2:3e:7d:
                    40:d4:b6:ed:64:b3:8a:bc:0f:2f:37:e2:e8:b8:ce:
                    5d:cf:84:70:fc:15:a1:ab:5d:0f:6c:c7:97:d2:38:
                    1d:30:a8:9c:a0:49:d1:f8:85:e6:dd:a7:db:b9:59:
                    31:76:8c:ec:1d:73:f6:38:04:ab:37:ad:2e:b6:fa:
                    37:75:9d:e9:e9:33:6e:be:d5:cc:f7:fc:42:90:33:
                    9c:32:dc:95:f0:5a:55:13:a3:70:1f:9e:48:9f:01:
                    1d:ec:30:9b:de:0c:d8:18:6d:51:a6:ef:18:43:ef:
                    f1:66:9d:f3:32:11:de:00:31:f8:5f:76:a4:7f:19:
                    94:53:89:36:ff:f2:7a:2d:1f:b2:ba:34:29:08:36:
                    a5:2b:f6:8b:67:34:2c:68:78:ba:3d:9f:79:c4:ca:
                    0d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F2:B3:51:79:E6:BF:4B:BA:EF:76:A2:2F:BD:CE:19:FB:7C:4E:7D
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/BfKzUXnmv0u673aiL73OGft8Tn0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:33:8b:18:16:be:9f:60:c3:04:da:71:a5:ed:6e:fb:ca:a6:
         a9:f2:e4:8d:6a:b4:02:93:b1:19:04:b2:9f:68:98:71:3d:7d:
         3f:ca:48:f7:9d:c9:21:09:6c:34:84:f4:5d:d7:cc:c8:ff:f9:
         5a:19:a4:53:90:7b:96:23:47:e8:b3:17:7a:d9:1c:01:4a:40:
         e9:7c:99:66:f1:28:d0:eb:31:87:1d:bb:d0:a1:08:25:2c:cf:
         d1:c2:55:75:59:ed:cf:70:43:63:0b:c2:7c:89:cc:22:3d:9d:
         2f:f2:b4:1a:57:ec:ae:0b:91:00:14:7f:90:83:2e:ab:38:81:
         bf:a7:bb:6f:03:c1:d2:8d:8b:53:3e:35:20:7a:3d:87:85:65:
         c5:2a:ce:23:79:4d:e7:b4:d9:2e:c6:25:e1:0b:e8:96:2a:cf:
         07:9f:d7:bc:68:66:3a:49:a2:ae:49:48:f7:d5:9f:52:4f:e9:
         f7:95:6b:13:7c:15:03:ef:60:53:96:05:f5:9d:99:8c:75:02:
         ac:51:7f:ba:71:5b:14:fe:70:73:9b:eb:61:14:bc:5e:c0:b9:
         b5:f9:67:77:27:bf:ea:5a:bc:00:84:fb:88:48:1c:0a:4e:1d:
         fc:1c:60:2d:a0:2f:47:26:10:23:2c:76:12:24:b0:ef:98:ef:
         8e:cd:85:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRaD+AzC32OKJLifMXgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjMwMTAxMDQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWYyYjM1MTc5ZTZiZjRiYmFlZjc2YTIyZmJkY2UxOWZiN2M0ZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUBT0cVwvpGue7twh1PLdW7eysne
qzkdcVpsIIlLcTtKPEGiP1rnsDZTp2WfnEoSbRk6Q3uLMeegsuP157KkqRWHaNwY
vwlqElTB91S6sq4FEJPAkx6k4Cq/GAJVKgsLSvHZgc7iPn1A1LbtZLOKvA8vN+Lo
uM5dz4Rw/BWhq10PbMeX0jgdMKicoEnR+IXm3afbuVkxdozsHXP2OASrN60utvo3
dZ3p6TNuvtXM9/xCkDOcMtyV8FpVE6NwH55InwEd7DCb3gzYGG1Rpu8YQ+/xZp3z
MhHeADH4X3akfxmUU4k2//J6LR+yujQpCDalK/aLZzQsaHi6PZ95xMoN7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXys1F55r9Luu92oi+9zhn7fE59MB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvQmZLelVYbm12MHU2NzNhaUw3M09HZnQ4VG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6zvMA0G
CSqGSIb3DQEBCwUAA4IBAQChM4sYFr6fYMME2nGl7W77yqap8uSNarQCk7EZBLKf
aJhxPX0/ykj3nckhCWw0hPRd18zI//laGaRTkHuWI0fosxd62RwBSkDpfJlm8SjQ
6zGHHbvQoQglLM/RwlV1We3PcENjC8J8icwiPZ0v8rQaV+yuC5EAFH+Qgy6rOIG/
p7tvA8HSjYtTPjUgej2HhWXFKs4jeU3ntNkuxiXhC+iWKs8Hn9e8aGY6SaKuSUj3
1Z9ST+n3lWsTfBUD72BTlgX1nZmMdQKsUX+6cVsU/nBzm+thFLxewLm1+Wd3J7/q
WrwAhPuISBwKTh38HGAtoC9HJhAjLHYSJLDvmO+OzYVb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:44 2024 by rpki-client on console-fra.rpki-client.org