Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5fv7INHIyx25GqqZ4End3A7HB9k.roa
File:                     5fv7INHIyx25GqqZ4End3A7HB9k.roa (raw, json)
Hash identifier:          9Qrm3Scb8aGNYLgGsdcACVfGe0Bq6O+TRSxcyPbKhX8=
Subject key identifier:   E5:FB:FB:20:D1:C8:CB:1D:B9:1A:AA:99:E0:49:DD:DC:0E:C7:07:D9
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       01867F8C29CA9708BBB1A2806033D4020C15
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5fv7INHIyx25GqqZ4End3A7HB9k.roa
Signing time:             Thu 23 Feb 2023 18:32:17 +0000
ROA not before:           Thu 23 Feb 2023 18:32:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205655
IP address blocks:        31.135.0.0/24 maxlen: 24
                          31.135.6.0/24 maxlen: 24
                          91.245.90.0/24 maxlen: 24
                          176.103.120.0/24 maxlen: 24
                          64.43.65.0/24 maxlen: 24
                          64.43.74.0/23 maxlen: 23
                          91.246.200.0/24 maxlen: 24
                          91.224.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7f:8c:29:ca:97:08:bb:b1:a2:80:60:33:d4:02:0c:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Feb 23 18:32:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5fbfb20d1c8cb1db91aaa99e049dddc0ec707d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6e:da:d8:26:0c:ab:cf:b2:7a:b6:89:3b:12:
                    ad:5b:3c:67:c5:ee:6d:7d:cb:43:a9:25:d4:5c:9a:
                    c6:b2:c2:2c:a0:63:d9:e8:dd:44:7f:4c:5d:40:f1:
                    c3:37:da:b5:4c:21:1f:5d:05:a8:fd:ce:79:20:a4:
                    52:df:ee:a6:85:d0:96:32:c5:fd:2a:bd:11:ee:cc:
                    89:09:e7:71:48:71:a6:a0:73:8a:e9:7e:ba:c9:47:
                    74:c0:c4:92:3a:ed:ed:e4:56:0e:6a:11:79:4c:80:
                    54:23:2c:d7:81:e5:08:b2:ae:66:93:a2:16:15:d5:
                    e5:4d:99:2d:98:90:86:d0:6b:3a:25:29:c8:59:da:
                    05:24:9c:5a:92:ef:df:42:81:aa:9f:24:b1:81:f0:
                    fe:08:b9:5c:30:cf:a3:b4:37:ce:70:a4:96:98:30:
                    1a:e9:ba:d1:59:8b:33:63:bb:98:78:11:6e:2b:d7:
                    7c:9b:c3:3e:89:05:1a:9d:d0:e3:f3:51:e4:97:24:
                    90:a9:cb:ba:2e:ef:e9:e0:64:ed:12:7b:98:60:78:
                    f5:6f:4d:a3:10:e5:7f:4c:fa:bd:78:51:ca:e5:46:
                    a9:81:4a:37:f5:61:1a:4e:fa:06:ec:e3:dc:9f:6d:
                    83:d6:2d:2e:d2:67:01:49:0a:b1:5e:b4:27:52:5e:
                    8a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:FB:FB:20:D1:C8:CB:1D:B9:1A:AA:99:E0:49:DD:DC:0E:C7:07:D9
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5fv7INHIyx25GqqZ4End3A7HB9k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.135.0.0/24
                  31.135.6.0/24
                  64.43.65.0/24
                  64.43.74.0/23
                  91.224.40.0/24
                  91.245.90.0/24
                  91.246.200.0/24
                  176.103.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:ab:65:44:23:b7:be:5f:e3:d2:c0:4a:18:c5:61:67:38:eb:
         11:b4:05:b0:72:3b:c6:bb:20:70:3e:ae:67:d7:63:71:f2:cd:
         a8:d3:1c:5d:c4:0d:ee:ae:8e:7f:7c:07:73:66:3f:f4:e2:59:
         f3:59:2a:8c:7f:00:c1:76:5a:ab:f8:bc:ee:a7:a3:86:a4:43:
         56:94:0c:ba:0d:75:1f:56:05:96:37:4d:92:80:53:5c:77:d8:
         fc:de:cb:55:f3:c7:87:0f:43:fe:0c:96:04:44:04:59:5c:d2:
         6b:a3:05:db:9d:61:dd:f4:48:aa:73:f6:6a:5c:6e:46:d0:10:
         e3:44:a9:58:5c:0e:93:3e:b8:6c:37:57:08:f4:70:cc:91:2c:
         42:ea:6a:b8:e5:5e:ff:e9:cb:86:21:46:15:84:56:76:3d:19:
         5a:a1:dc:f3:87:df:56:49:54:14:a0:ab:21:25:c3:fb:54:67:
         30:bc:0e:3c:51:fd:7d:29:65:d9:c5:94:69:60:46:3e:78:b8:
         7b:5f:a5:59:29:f1:a4:d6:9c:d1:a4:9f:a1:db:90:62:bd:1e:
         8b:54:fc:9a:f2:6f:e2:8b:a3:03:91:58:45:39:da:bf:d3:0a:
         2f:d4:19:8f:e9:16:4e:e7:68:b8:12:cc:a1:5e:5c:b7:5e:88:
         ed:3a:50:ad
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYZ/jCnKlwi7saKAYDPUAgwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMjIzMTgzMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZiZmIyMGQxYzhjYjFkYjkxYWFhOTllMDQ5ZGRkYzBlYzcwN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom7a2CYMq8+yeraJOxKtWzxnxe5t
fctDqSXUXJrGssIsoGPZ6N1Ef0xdQPHDN9q1TCEfXQWo/c55IKRS3+6mhdCWMsX9
Kr0R7syJCedxSHGmoHOK6X66yUd0wMSSOu3t5FYOahF5TIBUIyzXgeUIsq5mk6IW
FdXlTZktmJCG0Gs6JSnIWdoFJJxaku/fQoGqnySxgfD+CLlcMM+jtDfOcKSWmDAa
6brRWYszY7uYeBFuK9d8m8M+iQUandDj81HklySQqcu6Lu/p4GTtEnuYYHj1b02j
EOV/TPq9eFHK5UapgUo39WEaTvoG7OPcn22D1i0u0mcBSQqxXrQnUl6KJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOX7+yDRyMsduRqqmeBJ3dwOxwfZMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNWZ2N0lOSEl5eDI1R3FxWjRFbmQzQTdIQjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH4cAAwQA
H4cGAwQAQCtBAwQBQCtKAwQAW+AoAwQAW/VaAwQAW/bIAwQAsGd4MA0GCSqGSIb3
DQEBCwUAA4IBAQCZq2VEI7e+X+PSwEoYxWFnOOsRtAWwcjvGuyBwPq5n12Nx8s2o
0xxdxA3uro5/fAdzZj/04lnzWSqMfwDBdlqr+Lzup6OGpENWlAy6DXUfVgWWN02S
gFNcd9j83stV88eHD0P+DJYERARZXNJrowXbnWHd9Eiqc/ZqXG5G0BDjRKlYXA6T
PrhsN1cI9HDMkSxC6mq45V7/6cuGIUYVhFZ2PRlaodzzh99WSVQUoKshJcP7VGcw
vA48Uf19KWXZxZRpYEY+eLh7X6VZKfGk1pzRpJ+h25BivR6LVPya8m/ii6MDkVhF
Odq/0wov1BmP6RZO52i4EsyhXly3XojtOlCt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org