Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rxtOL5YureCQ_3a_Fhe2MthygW8.roa
File:                     rxtOL5YureCQ_3a_Fhe2MthygW8.roa (raw, json)
Hash identifier:          oXMQkGC/ksl7gL3BTKesBXjpU5i8lkHgg2vSdHD3tQo=
Subject key identifier:   AF:1B:4E:2F:96:2E:AD:E0:90:FF:76:BF:16:17:B6:32:D8:72:81:6F
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018DF535038527FA26B6B2D6C2AE08A46C02
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rxtOL5YureCQ_3a_Fhe2MthygW8.roa
Signing time:             Thu 29 Feb 2024 14:11:48 +0000
ROA not before:           Thu 29 Feb 2024 14:11:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48031
IP address blocks:        31.216.63.0/24 maxlen: 24
                          77.87.120.0/24 maxlen: 24
                          84.246.86.0/24 maxlen: 24
                          91.246.48.0/24 maxlen: 24
                          91.246.53.0/24 maxlen: 24
                          91.247.165.0/24 maxlen: 24
                          91.247.166.0/24 maxlen: 24
                          91.247.173.0/24 maxlen: 24
                          93.157.109.0/24 maxlen: 24
                          109.107.136.0/24 maxlen: 24
                          109.107.141.0/24 maxlen: 24
                          109.205.188.0/24 maxlen: 24
                          176.97.203.0/24 maxlen: 24
                          176.116.3.0/24 maxlen: 24
                          193.160.219.0/24 maxlen: 24
                          194.105.60.0/24 maxlen: 24
                          194.107.92.0/24 maxlen: 24
                          217.198.176.0/24 maxlen: 24
                          217.198.179.0/24 maxlen: 24
                          217.198.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 09:38:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f5:35:03:85:27:fa:26:b6:b2:d6:c2:ae:08:a4:6c:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb 29 14:11:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=af1b4e2f962eade090ff76bf1617b632d872816f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:31:6f:1b:e6:8e:80:76:af:48:9c:97:09:cf:
                    49:b8:d3:4a:6e:20:cf:82:77:fe:fb:07:69:d9:2c:
                    a2:8f:56:51:d9:36:b2:4d:95:d8:15:be:48:84:98:
                    7c:e5:dd:62:c8:8f:50:40:15:4e:51:26:f8:86:69:
                    dd:fe:6e:33:84:f0:2e:bc:bc:9c:ef:06:2a:96:3c:
                    1a:07:8d:7e:eb:2f:16:d5:15:4e:31:da:bb:eb:fd:
                    b8:8d:cc:b9:79:b9:1a:ed:4d:f5:6c:0c:23:93:4f:
                    ab:4b:80:6a:72:b2:14:32:be:1a:8e:b4:c8:1f:fc:
                    93:d6:5a:9b:30:fa:47:d5:60:f6:b3:de:3a:5e:e4:
                    a5:4a:47:0e:0f:04:ab:ed:3c:c7:0c:23:18:39:a4:
                    a6:66:37:20:d5:73:ff:e3:00:98:68:87:34:37:ae:
                    37:fd:2d:7e:d0:32:32:e1:11:79:c3:e9:f3:6f:62:
                    fb:54:22:ff:f5:fb:01:0b:e7:d9:09:ca:4b:c0:61:
                    63:cd:da:ef:39:1e:c6:e7:1b:c5:f4:8a:65:ae:91:
                    71:06:20:3b:b1:02:cc:c4:30:6e:8c:76:a5:1a:26:
                    91:1e:61:94:21:4a:7b:ac:27:c8:24:5f:c4:6c:1f:
                    80:52:23:b9:a6:fe:4b:63:d1:25:5f:be:ad:17:53:
                    4d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:1B:4E:2F:96:2E:AD:E0:90:FF:76:BF:16:17:B6:32:D8:72:81:6F
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rxtOL5YureCQ_3a_Fhe2MthygW8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.216.63.0/24
                  77.87.120.0/24
                  84.246.86.0/24
                  91.246.48.0/24
                  91.246.53.0/24
                  91.247.165.0-91.247.166.255
                  91.247.173.0/24
                  93.157.109.0/24
                  109.107.136.0/24
                  109.107.141.0/24
                  109.205.188.0/24
                  176.97.203.0/24
                  176.116.3.0/24
                  193.160.219.0/24
                  194.105.60.0/24
                  194.107.92.0/24
                  217.198.176.0/24
                  217.198.179.0-217.198.180.255

    Signature Algorithm: sha256WithRSAEncryption
         3d:14:46:34:53:5c:e8:82:e5:24:2a:80:f5:8a:8f:1d:52:e0:
         53:51:19:54:e3:2d:f7:a6:b8:fa:5e:ea:b4:ac:75:2c:d3:bc:
         7b:75:f2:84:cd:76:c7:74:6c:b6:17:ca:5a:49:e5:d3:a9:c7:
         dd:61:71:8f:af:d0:90:f0:5f:39:c6:f0:b9:f7:f7:da:5b:7f:
         f1:e3:2a:1a:55:47:c2:e6:93:ef:f5:c8:19:53:18:ce:4d:f9:
         82:d4:8a:63:7a:41:ba:3a:72:85:1a:fb:02:93:23:1b:3c:1f:
         d4:cf:2d:7b:4c:27:71:09:e0:19:05:70:20:6b:e6:e5:06:99:
         1e:ff:d8:e1:07:a4:c0:59:02:ab:6e:38:29:ff:6e:cd:ea:4c:
         40:15:d8:2a:98:c7:5f:ee:3d:f6:a7:26:76:0a:b3:09:6a:cb:
         06:b2:ab:70:bc:ce:2a:d1:b5:2c:de:40:df:8a:13:ef:84:62:
         65:5c:7b:27:d2:69:f3:78:79:de:6b:29:b5:fb:b5:76:c1:91:
         60:9c:2f:11:77:96:33:8a:f6:19:4b:7d:a1:68:07:29:c1:b8:
         78:99:27:1d:2d:2d:23:0c:d7:f3:aa:4d:3d:00:24:2c:70:84:
         a7:4a:45:30:43:24:16:b5:14:12:eb:e3:31:71:69:88:05:83:
         82:2a:54:19
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY31NQOFJ/omtrLWwq4IpGwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI5MTQxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFiNGUyZjk2MmVhZGUwOTBmZjc2YmYxNjE3YjYzMmQ4NzI4MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTFvG+aOgHavSJyXCc9JuNNKbiDP
gnf++wdp2Syij1ZR2TayTZXYFb5IhJh85d1iyI9QQBVOUSb4hmnd/m4zhPAuvLyc
7wYqljwaB41+6y8W1RVOMdq76/24jcy5ebka7U31bAwjk0+rS4BqcrIUMr4ajrTI
H/yT1lqbMPpH1WD2s946XuSlSkcODwSr7TzHDCMYOaSmZjcg1XP/4wCYaIc0N643
/S1+0DIy4RF5w+nzb2L7VCL/9fsBC+fZCcpLwGFjzdrvOR7G5xvF9IplrpFxBiA7
sQLMxDBujHalGiaRHmGUIUp7rCfIJF/EbB+AUiO5pv5LY9ElX76tF1NNsQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFK8bTi+WLq3gkP92vxYXtjLYcoFvMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvcnh0T0w1WXVyZUNRXzNhX0ZoZTJNdGh5Z1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAB/Y
PwMEAE1XeAMEAFT2VgMEAFv2MAMEAFv2NTAMAwQAW/elAwQAW/emAwQAW/etAwQA
XZ1tAwQAbWuIAwQAbWuNAwQAbc28AwQAsGHLAwQAsHQDAwQAwaDbAwQAwmk8AwQA
wmtcAwQA2cawMAwDBADZxrMDBADZxrQwDQYJKoZIhvcNAQELBQADggEBAD0URjRT
XOiC5SQqgPWKjx1S4FNRGVTjLfemuPpe6rSsdSzTvHt18oTNdsd0bLYXylpJ5dOp
x91hcY+v0JDwXznG8Ln399pbf/HjKhpVR8Lmk+/1yBlTGM5N+YLUimN6Qbo6coUa
+wKTIxs8H9TPLXtMJ3EJ4BkFcCBr5uUGmR7/2OEHpMBZAqtuOCn/bs3qTEAV2CqY
x1/uPfanJnYKswlqywayq3C8zirRtSzeQN+KE++EYmVceyfSafN4ed5rKbX7tXbB
kWCcLxF3ljOK9hlLfaFoBynBuHiZJx0tLSMM1/OqTT0AJCxwhKdKRTBDJBa1FBLr
4zFxaYgFg4IqVBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org