Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/UdA1DQX6DXofaBLdLlWnzfHvAKc.roa
File:                     UdA1DQX6DXofaBLdLlWnzfHvAKc.roa (raw, json)
Hash identifier:          m1qfUv4Lv+O7qNfOP6wa5N+8fsXUKtVhnbI32nT7y5s=
Subject key identifier:   51:D0:35:0D:05:FA:0D:7A:1F:68:12:DD:2E:55:A7:CD:F1:EF:00:A7
Certificate issuer:       /CN=f8f73c5c0f3a106a8ba7dff3e35c816d1078dc71
Certificate serial:       01857271415A29D3D7381006312C7B212B55
Authority key identifier: F8:F7:3C:5C:0F:3A:10:6A:8B:A7:DF:F3:E3:5C:81:6D:10:78:DC:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/UdA1DQX6DXofaBLdLlWnzfHvAKc.roa
Signing time:             Mon 02 Jan 2023 12:25:03 +0000
ROA not before:           Mon 02 Jan 2023 12:25:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        31.14.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:71:41:5a:29:d3:d7:38:10:06:31:2c:7b:21:2b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8f73c5c0f3a106a8ba7dff3e35c816d1078dc71
        Validity
            Not Before: Jan  2 12:25:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51d0350d05fa0d7a1f6812dd2e55a7cdf1ef00a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:de:6b:c3:55:ed:a5:a5:ab:58:0c:ba:a7:f1:
                    04:d2:80:1f:1c:15:d8:48:61:ff:d6:97:9f:d5:f1:
                    b5:06:99:36:52:99:73:3d:4c:9d:ac:ec:a0:11:ec:
                    28:c0:30:c9:65:03:13:07:0a:4a:a1:e4:ca:29:2f:
                    09:d1:31:74:bc:3c:c3:43:17:e6:f7:6a:87:d7:7a:
                    9a:ad:81:f2:a1:ee:06:f4:a9:3f:eb:a1:4d:d5:33:
                    d1:9b:dc:e3:c8:79:77:20:14:d7:7c:f7:ee:bb:b0:
                    e5:ec:21:06:86:19:85:62:2e:ec:89:c8:05:cb:37:
                    58:2a:2a:43:b1:42:fb:de:e7:f0:86:6a:21:07:58:
                    00:31:a6:6b:bd:57:4c:09:57:1b:e6:0a:23:54:3a:
                    c8:df:dc:2d:22:34:98:1c:4b:9e:08:b8:32:6d:7b:
                    65:c1:18:57:81:4b:44:49:59:06:d5:fd:39:3d:04:
                    95:f1:b3:25:bd:60:35:b7:c5:a7:3a:f6:fe:72:70:
                    19:66:61:70:df:6d:23:2c:1c:43:f8:d3:e7:92:37:
                    c6:32:0a:c3:27:00:e7:33:9f:49:90:5e:11:a4:51:
                    be:67:94:d9:b2:8a:f5:7c:99:d4:f5:4c:3c:4a:0b:
                    37:a6:12:c4:ad:4b:c0:b1:f7:1c:f1:a1:6e:68:e4:
                    7c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:D0:35:0D:05:FA:0D:7A:1F:68:12:DD:2E:55:A7:CD:F1:EF:00:A7
            X509v3 Authority Key Identifier:
                keyid:F8:F7:3C:5C:0F:3A:10:6A:8B:A7:DF:F3:E3:5C:81:6D:10:78:DC:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/UdA1DQX6DXofaBLdLlWnzfHvAKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:22:68:3d:43:87:65:06:c7:dc:88:f7:1d:9f:a8:d8:d4:cc:
         90:d7:6b:f8:83:26:46:70:95:a6:34:ea:88:87:f9:f8:a4:b6:
         bd:ba:d2:25:52:bd:75:a9:15:a5:68:84:72:76:ea:ce:ea:db:
         76:1e:72:9d:36:7c:64:c6:1f:88:0f:79:16:8e:8d:97:1f:b6:
         fe:97:38:df:e6:a4:b0:96:47:f6:d9:55:7f:26:29:78:15:40:
         f7:93:1b:72:35:d0:b9:ba:aa:17:6f:86:1f:8d:92:a6:4d:82:
         1b:a2:61:1f:f3:ae:fe:84:4a:a7:6e:da:27:3f:7f:c7:94:bf:
         31:71:91:65:1e:f8:88:bf:45:2d:9a:a5:ad:3d:c8:ec:66:2c:
         08:a8:f9:63:3d:3d:08:58:ef:d8:c0:7c:74:b0:9f:e0:46:16:
         d2:35:09:11:c0:64:4b:fe:8d:06:0f:4a:f6:e6:e4:5e:e2:e9:
         55:22:76:04:33:b3:95:ad:40:27:38:ee:b1:36:5d:b5:c4:d1:
         81:6d:e5:4c:9f:2f:83:cb:dd:e7:47:97:a0:4e:d5:c8:a9:50:
         15:14:07:89:ef:e9:9f:5b:3d:71:b1:0a:75:5a:ef:f7:ae:5c:
         e8:51:a3:76:c1:ce:33:80:e2:1a:53:c1:e7:0d:ab:00:d3:cd:
         fd:e4:ac:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVycUFaKdPXOBAGMSx7IStVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjczYzVjMGYzYTEwNmE4YmE3ZGZmM2UzNWM4MTZkMTA3
OGRjNzEwHhcNMjMwMTAyMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQwMzUwZDA1ZmEwZDdhMWY2ODEyZGQyZTU1YTdjZGYxZWYwMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy95rw1XtpaWrWAy6p/EE0oAfHBXY
SGH/1pef1fG1Bpk2UplzPUydrOygEewowDDJZQMTBwpKoeTKKS8J0TF0vDzDQxfm
92qH13qarYHyoe4G9Kk/66FN1TPRm9zjyHl3IBTXfPfuu7Dl7CEGhhmFYi7sicgF
yzdYKipDsUL73ufwhmohB1gAMaZrvVdMCVcb5gojVDrI39wtIjSYHEueCLgybXtl
wRhXgUtESVkG1f05PQSV8bMlvWA1t8WnOvb+cnAZZmFw320jLBxD+NPnkjfGMgrD
JwDnM59JkF4RpFG+Z5TZsor1fJnU9Uw8Sgs3phLErUvAsfcc8aFuaOR85QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFHQNQ0F+g16H2gS3S5Vp83x7wCnMB8GA1UdIwQY
MBaAFPj3PFwPOhBqi6ff8+NcgW0QeNxxMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QYzhYQTg2RUdxTHA5X3o0MXlCYlJCNDNIRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYvMDNjY2UzLWU2MjAtNDQ4My1iMDhi
LTZkOGZkMzMwZTlhYS8xL1VkQTFEUVg2RFhvZmFCTGRMbFduemZIdkFLYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjYvMDNjY2UzLWU2MjAtNDQ4My1iMDhiLTZkOGZkMzMwZTlh
YS8xLzEtUGM4WEE4NkVHcUxwOV96NDF5QmJSQjQzSEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfDksw
DQYJKoZIhvcNAQELBQADggEBABUiaD1Dh2UGx9yI9x2fqNjUzJDXa/iDJkZwlaY0
6oiH+fiktr260iVSvXWpFaVohHJ26s7q23Yecp02fGTGH4gPeRaOjZcftv6XON/m
pLCWR/bZVX8mKXgVQPeTG3I10Lm6qhdvhh+NkqZNghuiYR/zrv6ESqdu2ic/f8eU
vzFxkWUe+Ii/RS2apa09yOxmLAio+WM9PQhY79jAfHSwn+BGFtI1CRHAZEv+jQYP
Svbm5F7i6VUidgQzs5WtQCc47rE2XbXE0YFt5UyfL4PL3edHl6BO1cipUBUUB4nv
6Z9bPXGxCnVa7/euXOhRo3bBzjOA4hpTwecNqwDTzf3krEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org