Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/g8o0CAc6DEgQ8R9Y76D9w66DeFY.roa
File:                     g8o0CAc6DEgQ8R9Y76D9w66DeFY.roa (raw, json)
Hash identifier:          1Ko8HuHqfwRBFqI1ibeMJlev//bslU+AxsmtZJTJsSA=
Subject key identifier:   83:CA:34:08:07:3A:0C:48:10:F1:1F:58:EF:A0:FD:C3:AE:83:78:56
Certificate issuer:       /CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Certificate serial:       018C3E079AEB63F2F74BE9ECD26389112164
Authority key identifier: D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/g8o0CAc6DEgQ8R9Y76D9w66DeFY.roa
Signing time:             Wed 06 Dec 2023 07:28:54 +0000
ROA not before:           Wed 06 Dec 2023 07:28:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        81.31.128.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Dec 2023 08:43:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3e:07:9a:eb:63:f2:f7:4b:e9:ec:d2:63:89:11:21:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
        Validity
            Not Before: Dec  6 07:28:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83ca3408073a0c4810f11f58efa0fdc3ae837856
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:45:d9:cf:ab:e0:5d:de:bf:f2:3d:4e:55:6d:
                    cb:b0:df:51:0b:3d:52:10:c8:ad:e9:bd:11:38:af:
                    a2:0a:03:fe:95:d6:18:b3:25:10:17:19:f3:40:a1:
                    16:de:8f:38:5f:ca:b4:2a:b9:22:65:72:1f:a3:9e:
                    05:16:89:1b:f3:c3:d5:2c:d9:42:d2:ab:74:28:31:
                    74:ac:f4:ed:f5:4c:54:d9:e3:ae:d3:ba:45:0c:f8:
                    cb:05:77:c1:77:7a:9e:43:f3:c0:a2:38:55:66:b8:
                    45:d1:39:d5:26:18:0a:64:d0:fb:d4:c3:68:65:92:
                    0c:d7:5c:13:b3:c0:03:16:da:b1:b6:02:95:c0:2c:
                    f3:d4:da:28:d3:f5:55:03:df:69:34:d7:05:7d:40:
                    96:14:c1:6c:f7:0b:51:35:46:d0:50:f4:1a:ba:ee:
                    a9:aa:8a:0f:b5:84:7b:b4:37:2b:1b:a5:a9:c1:42:
                    4c:07:83:1a:20:31:88:74:ab:ca:21:c5:63:52:21:
                    53:32:1c:03:e6:6c:56:39:12:e8:39:ba:82:4c:30:
                    4b:c6:22:d8:1d:14:48:79:3a:4a:8e:78:ad:26:cf:
                    62:a4:52:b3:dc:71:47:18:ab:1c:32:70:6b:7c:62:
                    69:c3:34:75:61:cc:58:64:27:aa:a2:f1:28:b1:83:
                    a5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:CA:34:08:07:3A:0C:48:10:F1:1F:58:EF:A0:FD:C3:AE:83:78:56
            X509v3 Authority Key Identifier:
                keyid:D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/g8o0CAc6DEgQ8R9Y76D9w66DeFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         80:e7:64:60:f6:12:28:b5:b7:45:2e:90:89:11:bb:6e:40:07:
         cb:80:f3:0d:1e:7c:4c:94:79:6f:1e:d9:c9:74:92:fe:ac:bd:
         a9:9d:74:d3:54:eb:3a:c5:5d:27:3e:2d:ca:63:81:2e:3d:0b:
         aa:e7:e3:be:8a:88:bf:20:87:ef:be:42:1d:2e:c4:a5:8d:30:
         f2:5b:15:49:a6:3a:71:16:73:00:85:8d:0a:bd:72:82:61:6e:
         f0:53:57:29:49:65:95:e2:c2:bf:bb:2f:ec:31:93:79:ee:f3:
         09:45:e8:c7:02:10:67:a1:c8:35:d8:fa:2c:2e:16:ff:bf:fb:
         26:dd:bf:3c:08:90:3c:59:20:53:9d:b2:9f:36:8d:a6:a9:80:
         9b:8e:8d:ed:dd:2d:82:21:7a:ae:be:37:c7:2b:f2:75:43:90:
         3f:70:d1:33:fa:46:7c:fa:22:c5:a3:71:97:3a:90:e7:19:6f:
         a5:f8:76:64:61:c0:0c:73:cf:fe:7e:6a:ca:cd:9e:0c:99:58:
         12:ab:46:2f:82:46:45:da:c7:8d:2a:c9:de:47:84:1d:ac:db:
         e0:88:27:59:4c:b2:96:36:8c:dd:a9:10:41:06:c3:80:5f:57:
         ba:b2:40:eb:ab:f4:d0:f5:9f:aa:49:ea:bb:b8:0b:20:e6:ff:
         79:c8:41:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw+B5rrY/L3S+ns0mOJESFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjNhNWJlNWUyMWNhNDYwNzMyYWU0OGYzODVhM2VhMTUw
YTJiZTEwHhcNMjMxMjA2MDcyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2NhMzQwODA3M2EwYzQ4MTBmMTFmNThlZmEwZmRjM2FlODM3ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUXZz6vgXd6/8j1OVW3LsN9RCz1S
EMit6b0ROK+iCgP+ldYYsyUQFxnzQKEW3o84X8q0KrkiZXIfo54FFokb88PVLNlC
0qt0KDF0rPTt9UxU2eOu07pFDPjLBXfBd3qeQ/PAojhVZrhF0TnVJhgKZND71MNo
ZZIM11wTs8ADFtqxtgKVwCzz1Noo0/VVA99pNNcFfUCWFMFs9wtRNUbQUPQauu6p
qooPtYR7tDcrG6WpwUJMB4MaIDGIdKvKIcVjUiFTMhwD5mxWORLoObqCTDBLxiLY
HRRIeTpKjnitJs9ipFKz3HFHGKscMnBrfGJpwzR1YcxYZCeqovEosYOlzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPKNAgHOgxIEPEfWO+g/cOug3hWMB8GA1UdIwQY
MBaAFNQjpb5eIcpGBzKuSPOFo+oVCivhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2It
ZDk0NzY2NjU3NTVhLzEvZzhvMENBYzZERWdROFI5WTc2RDl3NjZEZUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2ItZDk0NzY2NjU3NTVh
LzEvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUR+AMA0G
CSqGSIb3DQEBCwUAA4IBAQCA52Rg9hIotbdFLpCJEbtuQAfLgPMNHnxMlHlvHtnJ
dJL+rL2pnXTTVOs6xV0nPi3KY4EuPQuq5+O+ioi/IIfvvkIdLsSljTDyWxVJpjpx
FnMAhY0KvXKCYW7wU1cpSWWV4sK/uy/sMZN57vMJRejHAhBnocg12PosLhb/v/sm
3b88CJA8WSBTnbKfNo2mqYCbjo3t3S2CIXquvjfHK/J1Q5A/cNEz+kZ8+iLFo3GX
OpDnGW+l+HZkYcAMc8/+fmrKzZ4MmVgSq0YvgkZF2seNKsneR4QdrNvgiCdZTLKW
NozdqRBBBsOAX1e6skDrq/TQ9Z+qSeq7uAsg5v95yEHN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org