Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/342ifud32EX-sl0H9HtBeKbg4dg.roa
File:                     342ifud32EX-sl0H9HtBeKbg4dg.roa (raw, json)
Hash identifier:          eEfy1c4ceUJBdgInFwgiljE5iFcdl25wdPlZph/6aSI=
Subject key identifier:   DF:8D:A2:7E:E7:77:D8:45:FE:B2:5D:07:F4:7B:41:78:A6:E0:E1:D8
Certificate issuer:       /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial:       018571E13193033EDC5C1994FEDB90503707
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/342ifud32EX-sl0H9HtBeKbg4dg.roa
Signing time:             Mon 02 Jan 2023 09:47:41 +0000
ROA not before:           Mon 02 Jan 2023 09:47:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        31.210.42.0/24 maxlen: 24
                          78.135.67.0/24 maxlen: 24
                          31.210.55.0/24 maxlen: 24
                          188.132.201.0/24 maxlen: 24
                          78.135.83.0/24 maxlen: 24
                          78.135.82.0/24 maxlen: 24
                          78.135.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 07 Sep 2023 12:12:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e1:31:93:03:3e:dc:5c:19:94:fe:db:90:50:37:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
        Validity
            Not Before: Jan  2 09:47:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df8da27ee777d845feb25d07f47b4178a6e0e1d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:20:c3:90:c4:8b:dd:70:8c:1d:92:84:82:1d:
                    44:5b:4b:19:e3:34:fc:6e:38:4a:59:12:62:ad:5b:
                    79:90:73:0a:80:8c:8e:96:cf:11:27:96:4f:d0:4a:
                    fd:1f:a2:be:b9:81:39:34:4e:d3:52:09:5e:f7:f3:
                    28:54:7e:e2:90:78:d6:7c:cc:ee:a9:6b:da:0f:4e:
                    3c:52:f8:33:53:47:6f:2b:d1:57:89:36:b3:83:cd:
                    67:d1:12:ad:91:6d:f7:4d:44:9d:33:68:f9:28:12:
                    b9:85:82:17:b8:61:02:5f:b6:da:3d:1f:02:a6:f2:
                    b9:20:f7:4c:be:82:48:c4:26:85:b5:c7:8d:6a:10:
                    1d:00:82:1d:3c:f4:b8:e3:c9:69:1b:a4:03:73:49:
                    5c:9f:a5:c2:31:62:ca:bf:3e:c0:44:b0:ff:15:14:
                    8c:e2:9a:89:ed:87:0a:a8:eb:a3:f3:18:95:d9:4c:
                    02:fb:d5:b9:47:bb:e8:b4:6d:05:c2:27:b3:c5:9c:
                    29:f8:cf:98:bd:ae:ba:f2:6e:61:ef:27:bb:2a:95:
                    b0:0b:2c:51:d2:d9:dd:7a:c3:49:30:87:25:8a:bd:
                    db:80:a9:ff:38:35:63:88:01:82:87:a8:51:a9:22:
                    1c:51:4d:aa:21:19:b2:37:f4:07:62:41:6e:e3:f4:
                    d3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:8D:A2:7E:E7:77:D8:45:FE:B2:5D:07:F4:7B:41:78:A6:E0:E1:D8
            X509v3 Authority Key Identifier:
                keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/342ifud32EX-sl0H9HtBeKbg4dg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.42.0/24
                  31.210.55.0/24
                  78.135.67.0/24
                  78.135.81.0-78.135.83.255
                  188.132.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:c3:e2:42:86:cb:83:1d:bf:b9:0b:57:5b:56:74:34:95:21:
         b8:b7:07:0d:2e:2f:79:95:3f:46:a3:5a:12:7c:82:bd:f5:90:
         87:1d:16:63:6f:92:b0:f6:45:c8:3d:40:6c:42:f6:26:4b:85:
         ff:86:98:0c:87:f9:81:67:65:8c:22:08:ca:6b:38:69:ce:d7:
         79:b8:6c:f4:be:f2:c5:3d:c7:a4:0f:38:56:97:b3:79:18:33:
         1a:d1:68:94:7f:3d:68:a2:be:bf:cb:d1:af:e9:d5:2a:65:62:
         3c:95:1f:de:27:9e:6d:ee:95:10:80:1a:43:6b:43:42:04:d2:
         4d:17:e8:05:51:6a:09:d9:dd:e2:e4:03:21:4a:2a:51:97:84:
         2b:24:2f:52:18:63:22:1a:9c:81:e1:03:e5:df:fe:96:d6:8a:
         49:ff:b1:82:40:73:d8:49:c2:09:da:0a:9b:f4:a5:e0:cc:09:
         3e:e1:6a:ff:a0:43:c3:c5:e8:18:1c:66:81:27:93:c8:1c:4e:
         ae:da:16:bb:08:0b:b0:13:17:9d:ef:0f:e9:b4:85:79:60:8c:
         53:fe:84:f8:9e:b3:80:a4:f4:bb:14:67:93:53:5d:13:4d:a5:
         93:fb:5b:61:56:cf:df:ad:91:dd:4e:08:de:25:33:12:b4:c7:
         e8:54:9f:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVx4TGTAz7cXBmU/tuQUDcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDk0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhkYTI3ZWU3NzdkODQ1ZmViMjVkMDdmNDdiNDE3OGE2ZTBlMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSDDkMSL3XCMHZKEgh1EW0sZ4zT8
bjhKWRJirVt5kHMKgIyOls8RJ5ZP0Er9H6K+uYE5NE7TUgle9/MoVH7ikHjWfMzu
qWvaD048UvgzU0dvK9FXiTazg81n0RKtkW33TUSdM2j5KBK5hYIXuGECX7baPR8C
pvK5IPdMvoJIxCaFtceNahAdAIIdPPS448lpG6QDc0lcn6XCMWLKvz7ARLD/FRSM
4pqJ7YcKqOuj8xiV2UwC+9W5R7votG0FwiezxZwp+M+Yva668m5h7ye7KpWwCyxR
0tndesNJMIclir3bgKn/ODVjiAGCh6hRqSIcUU2qIRmyN/QHYkFu4/TTXwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN+Non7nd9hF/rJdB/R7QXim4OHYMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvMzQyaWZ1ZDMyRVgtc2wwSDlIdEJlS2JnNGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAH9IqAwQA
H9I3AwQATodDMAwDBABOh1EDBAJOh1ADBAC8hMkwDQYJKoZIhvcNAQELBQADggEB
AEDD4kKGy4Mdv7kLV1tWdDSVIbi3Bw0uL3mVP0ajWhJ8gr31kIcdFmNvkrD2Rcg9
QGxC9iZLhf+GmAyH+YFnZYwiCMprOGnO13m4bPS+8sU9x6QPOFaXs3kYMxrRaJR/
PWiivr/L0a/p1SplYjyVH94nnm3ulRCAGkNrQ0IE0k0X6AVRagnZ3eLkAyFKKlGX
hCskL1IYYyIanIHhA+Xf/pbWikn/sYJAc9hJwgnaCpv0peDMCT7hav+gQ8PF6Bgc
ZoEnk8gcTq7aFrsIC7ATF53vD+m0hXlgjFP+hPies4Ck9LsUZ5NTXRNNpZP7W2FW
z9+tkd1OCN4lMxK0x+hUn4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org