Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/b3805f-be6f-4133-b5ec-a4ebbfe710c3/1/1-Xs0MJ5c1_QhZXL6LF2Q3g9yWA.roa
File:                     1-Xs0MJ5c1_QhZXL6LF2Q3g9yWA.roa (raw, json)
Hash identifier:          PSyzyP/nYMTijRlZxghAcsNx4wkqhgLzCTGNEZSdH8w=
Subject key identifier:   D7:E5:EC:D0:C2:79:73:5F:D0:85:95:CB:E8:B1:76:43:78:3D:C9:60
Certificate issuer:       /CN=27d028470604336fdb9308e51ba53e951ae2e098
Certificate serial:       01863622FD52CAE7F48DB9129D875D79D86E
Authority key identifier: 27:D0:28:47:06:04:33:6F:DB:93:08:E5:1B:A5:3E:95:1A:E2:E0:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J9AoRwYEM2_bkwjlG6U-lRri4Jg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/b3805f-be6f-4133-b5ec-a4ebbfe710c3/1/1-Xs0MJ5c1_QhZXL6LF2Q3g9yWA.roa
Signing time:             Thu 09 Feb 2023 12:25:08 +0000
ROA not before:           Thu 09 Feb 2023 12:25:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201455
IP address blocks:        185.170.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:36:22:fd:52:ca:e7:f4:8d:b9:12:9d:87:5d:79:d8:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27d028470604336fdb9308e51ba53e951ae2e098
        Validity
            Not Before: Feb  9 12:25:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7e5ecd0c279735fd08595cbe8b17643783dc960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:5d:2e:ef:69:72:13:cc:74:b7:b2:0b:f1:53:
                    c5:28:d5:81:01:b9:f3:52:58:98:17:cd:a8:65:57:
                    7d:f1:6f:4a:2e:2c:53:4a:b1:16:40:d0:6c:ac:92:
                    57:c0:e4:47:f4:f4:1d:90:55:2c:11:1a:ae:f6:d6:
                    76:69:44:22:bf:a0:6c:f1:2c:ad:19:d9:00:df:dc:
                    b8:39:5a:61:01:19:86:f9:40:5b:02:6e:97:c8:1f:
                    0a:f6:11:49:86:ea:bb:8f:d4:c4:78:a4:c6:a2:1c:
                    fa:f7:66:15:5c:18:69:02:7d:39:89:f8:9f:db:f5:
                    54:52:7d:a3:ff:3e:61:46:51:a0:90:12:cf:fa:17:
                    08:02:6c:ce:13:30:94:bb:d0:9c:f3:28:b0:32:e3:
                    33:8a:7b:2b:d5:52:f1:2b:d8:a6:e0:ae:70:26:bb:
                    b0:27:9d:07:05:d3:ee:fc:55:07:11:5e:1b:1a:84:
                    04:e6:f4:fa:47:9e:9b:78:72:bd:92:1e:09:78:75:
                    f8:3e:91:e3:e9:ba:89:70:a1:4d:90:5d:0a:ec:c5:
                    d8:a0:b7:ff:3b:0e:df:74:e9:ff:fa:e9:9a:ba:11:
                    ac:b8:a7:cc:3e:35:9e:50:fb:a6:c8:8c:db:98:99:
                    8e:30:31:4e:2d:a6:42:be:8e:01:0f:e4:fd:e2:b9:
                    01:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:E5:EC:D0:C2:79:73:5F:D0:85:95:CB:E8:B1:76:43:78:3D:C9:60
            X509v3 Authority Key Identifier:
                keyid:27:D0:28:47:06:04:33:6F:DB:93:08:E5:1B:A5:3E:95:1A:E2:E0:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9AoRwYEM2_bkwjlG6U-lRri4Jg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/b3805f-be6f-4133-b5ec-a4ebbfe710c3/1/1-Xs0MJ5c1_QhZXL6LF2Q3g9yWA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/b3805f-be6f-4133-b5ec-a4ebbfe710c3/1/J9AoRwYEM2_bkwjlG6U-lRri4Jg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.170.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:74:9b:ec:d5:1c:22:c1:1d:a7:b9:71:73:93:27:1f:d9:9e:
         60:ef:23:bd:91:28:b5:d3:c3:e3:ea:8f:a0:53:88:9d:73:3e:
         54:23:52:06:1e:a3:23:c7:24:dc:49:72:10:62:e7:b4:5a:01:
         6c:e0:72:b7:d4:4d:5b:41:03:9c:77:72:0f:90:77:51:d9:e2:
         cc:b6:9f:a3:7e:44:df:ae:4a:e7:3b:e5:7d:ae:32:0a:35:31:
         b7:4e:f4:87:94:cb:54:16:43:ae:d4:a9:90:0e:1b:0f:5c:9f:
         f4:33:5d:20:56:12:3e:e3:5c:45:05:a2:67:ae:2e:e5:f1:a3:
         26:d5:39:8d:46:db:88:93:56:87:e4:76:99:f1:97:61:f3:d0:
         5f:ff:ef:29:59:22:4a:46:c7:27:b9:c7:c9:3a:9d:c7:b7:06:
         3f:12:36:63:37:6a:0a:7a:74:8c:3b:d5:da:1e:24:12:0c:a8:
         60:54:86:75:0c:80:b6:e5:f8:eb:91:34:6d:d5:4e:95:35:31:
         19:f4:d6:32:8f:12:b3:3c:71:17:4e:16:d2:71:42:0b:ca:61:
         cf:41:5e:97:ac:e9:5e:0d:5c:8c:62:2e:65:9e:b1:8f:7a:e6:
         fa:1c:4e:34:45:3c:91:d7:9b:20:c9:7d:91:21:6b:6b:25:cd:
         5a:b8:a1:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY2Iv1Syuf0jbkSnYddedhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDAyODQ3MDYwNDMzNmZkYjkzMDhlNTFiYTUzZTk1MWFl
MmUwOTgwHhcNMjMwMjA5MTIyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U1ZWNkMGMyNzk3MzVmZDA4NTk1Y2JlOGIxNzY0Mzc4M2RjOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgl0u72lyE8x0t7IL8VPFKNWBAbnz
UliYF82oZVd98W9KLixTSrEWQNBsrJJXwORH9PQdkFUsERqu9tZ2aUQiv6Bs8Syt
GdkA39y4OVphARmG+UBbAm6XyB8K9hFJhuq7j9TEeKTGohz692YVXBhpAn05ifif
2/VUUn2j/z5hRlGgkBLP+hcIAmzOEzCUu9Cc8yiwMuMzinsr1VLxK9im4K5wJruw
J50HBdPu/FUHEV4bGoQE5vT6R56beHK9kh4JeHX4PpHj6bqJcKFNkF0K7MXYoLf/
Ow7fdOn/+umauhGsuKfMPjWeUPumyIzbmJmOMDFOLaZCvo4BD+T94rkBtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfl7NDCeXNf0IWVy+ixdkN4PclgMB8GA1UdIwQY
MBaAFCfQKEcGBDNv25MI5RulPpUa4uCYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjlBb1J3WUVNMl9ia3dqbEc2VS1sUnJpNEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9iMzgwNWYtYmU2Zi00MTMzLWI1ZWMt
YTRlYmJmZTcxMGMzLzEvMS1YczBNSjVjMV9RaFpYTDZMRjJRM2c5eVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9iMzgwNWYtYmU2Zi00MTMzLWI1ZWMtYTRlYmJmZTcxMGMz
LzEvSjlBb1J3WUVNMl9ia3dqbEc2VS1sUnJpNEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaofMA0G
CSqGSIb3DQEBCwUAA4IBAQAydJvs1RwiwR2nuXFzkycf2Z5g7yO9kSi108Pj6o+g
U4idcz5UI1IGHqMjxyTcSXIQYue0WgFs4HK31E1bQQOcd3IPkHdR2eLMtp+jfkTf
rkrnO+V9rjIKNTG3TvSHlMtUFkOu1KmQDhsPXJ/0M10gVhI+41xFBaJnri7l8aMm
1TmNRtuIk1aH5HaZ8Zdh89Bf/+8pWSJKRscnucfJOp3HtwY/EjZjN2oKenSMO9Xa
HiQSDKhgVIZ1DIC25fjrkTRt1U6VNTEZ9NYyjxKzPHEXThbScUILymHPQV6XrOle
DVyMYi5lnrGPeub6HE40RTyR15sgyX2RIWtrJc1auKFx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org