Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/PfJbKyS9ZlfLM96ZtZ_gLyYCERk.roa
File:                     PfJbKyS9ZlfLM96ZtZ_gLyYCERk.roa (raw, json)
Hash identifier:          KzVsFgpzXZ06F7ys30T865pNQ3l9UMEfwgVlYNYbr4U=
Subject key identifier:   3D:F2:5B:2B:24:BD:66:57:CB:33:DE:99:B5:9F:E0:2F:26:02:11:19
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       01856B8114FABEA631B8102FAD9C8B57A03F
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/PfJbKyS9ZlfLM96ZtZ_gLyYCERk.roa
Signing time:             Sun 01 Jan 2023 04:04:59 +0000
ROA not before:           Sun 01 Jan 2023 04:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41370
IP address blocks:        31.172.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:14:fa:be:a6:31:b8:10:2f:ad:9c:8b:57:a0:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Jan  1 04:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3df25b2b24bd6657cb33de99b59fe02f26021119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:9e:80:16:d8:0a:e3:a7:29:ed:7e:9c:8b:b7:
                    73:00:3f:46:4e:4a:0f:50:8a:60:e9:76:1f:47:e6:
                    ff:97:64:96:66:c0:ec:8e:b6:fa:a6:08:f6:71:d7:
                    d6:1b:40:4e:90:a5:a6:c2:c2:36:00:f6:6a:aa:7a:
                    5e:fa:33:55:06:87:e5:0f:91:0e:e9:4b:c2:07:04:
                    66:c9:c9:b9:41:f6:a8:22:2b:26:84:d0:33:cf:06:
                    9b:b3:d5:38:33:43:c1:2f:7e:a1:34:f4:75:b2:27:
                    bc:c8:44:2e:5a:17:46:d2:e3:8f:75:a6:8e:8e:8e:
                    82:33:c4:69:5d:a2:7b:9c:00:35:69:6b:c3:d8:78:
                    a0:ee:47:5b:f3:43:0a:03:66:15:c1:85:93:b2:15:
                    ac:5d:90:a9:55:d7:7e:6a:21:19:19:21:c1:fc:a5:
                    42:12:77:56:a2:7e:65:87:dc:b5:89:ff:6d:f9:7b:
                    03:5c:e0:8c:40:5e:07:00:d3:76:75:5c:e2:81:68:
                    84:7c:cf:b0:e6:68:5b:1e:c8:d7:5e:f2:2c:b6:42:
                    10:79:cd:99:0f:c7:b6:92:39:a3:43:da:d6:89:9b:
                    b0:ad:5d:a0:ec:37:5c:3a:47:28:49:f7:47:94:bc:
                    98:13:b4:02:0b:66:23:0e:d0:b6:b7:87:7c:c9:f7:
                    79:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F2:5B:2B:24:BD:66:57:CB:33:DE:99:B5:9F:E0:2F:26:02:11:19
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/PfJbKyS9ZlfLM96ZtZ_gLyYCERk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:0a:65:32:2f:75:b8:bd:71:7f:13:68:07:07:24:46:5c:1a:
         06:52:fd:78:bd:e4:8d:0a:75:e8:05:a5:90:fe:77:a6:29:28:
         f7:42:8f:e7:c5:2b:74:68:d7:90:f4:b5:b9:20:c0:72:5a:b4:
         e5:6f:cf:af:a5:ca:b7:aa:bf:2f:93:ec:4d:70:1c:f6:0f:28:
         38:95:21:6d:61:ec:2a:d2:d7:15:ee:f5:ef:27:b0:9c:14:2e:
         d4:b9:a1:c3:f0:a4:e4:26:3c:5b:c8:27:db:66:39:5e:36:1d:
         46:cc:42:23:74:23:c2:32:af:9c:2a:e3:f7:8b:0e:88:b5:e4:
         a1:fb:2e:6d:76:66:04:69:18:f0:3c:31:dd:f5:7e:0c:7c:7c:
         31:de:7c:ae:16:a5:0d:c4:7c:64:33:16:87:a7:e7:67:2a:6d:
         c9:cc:28:0d:e5:44:fd:2c:d1:b4:c6:d9:5a:89:f4:51:a0:aa:
         74:72:13:72:ec:c9:16:40:19:b2:92:39:72:a8:04:57:a4:42:
         51:0b:4a:82:a3:70:fe:d8:32:91:26:8d:22:11:5e:de:8e:72:
         1c:51:2b:6d:ae:a9:44:43:80:38:fc:05:8c:f3:fb:99:25:6c:
         33:69:d0:72:12:7f:33:11:88:b7:57:7d:77:c4:64:38:a5:9e:
         7e:54:db:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRT6vqYxuBAvrZyLV6A/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYyNWIyYjI0YmQ2NjU3Y2IzM2RlOTliNTlmZTAyZjI2MDIxMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ6AFtgK46cp7X6ci7dzAD9GTkoP
UIpg6XYfR+b/l2SWZsDsjrb6pgj2cdfWG0BOkKWmwsI2APZqqnpe+jNVBoflD5EO
6UvCBwRmycm5QfaoIismhNAzzwabs9U4M0PBL36hNPR1sie8yEQuWhdG0uOPdaaO
jo6CM8RpXaJ7nAA1aWvD2Hig7kdb80MKA2YVwYWTshWsXZCpVdd+aiEZGSHB/KVC
EndWon5lh9y1if9t+XsDXOCMQF4HANN2dVzigWiEfM+w5mhbHsjXXvIstkIQec2Z
D8e2kjmjQ9rWiZuwrV2g7DdcOkcoSfdHlLyYE7QCC2YjDtC2t4d8yfd5PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3yWyskvWZXyzPembWf4C8mAhEZMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvUGZKYkt5UzlabGZMTTk2WnRaX2dMeVlDRVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6yhMA0G
CSqGSIb3DQEBCwUAA4IBAQC/CmUyL3W4vXF/E2gHByRGXBoGUv14veSNCnXoBaWQ
/nemKSj3Qo/nxSt0aNeQ9LW5IMByWrTlb8+vpcq3qr8vk+xNcBz2Dyg4lSFtYewq
0tcV7vXvJ7CcFC7UuaHD8KTkJjxbyCfbZjleNh1GzEIjdCPCMq+cKuP3iw6IteSh
+y5tdmYEaRjwPDHd9X4MfHwx3nyuFqUNxHxkMxaHp+dnKm3JzCgN5UT9LNG0xtla
ifRRoKp0chNy7MkWQBmykjlyqARXpEJRC0qCo3D+2DKRJo0iEV7ejnIcUSttrqlE
Q4A4/AWM8/uZJWwzadByEn8zEYi3V313xGQ4pZ5+VNvs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:17 2024 by rpki-client on console-ams.rpki-client.org