Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/t8dMVfnaWm9PVhgbPIrDPxOFpbc.roa
File:                     t8dMVfnaWm9PVhgbPIrDPxOFpbc.roa (raw, json)
Hash identifier:          wVhsSgcXpmy6SNwOFJVJh7tDH5vg7eUmG1k494EI530=
Subject key identifier:   B7:C7:4C:55:F9:DA:5A:6F:4F:56:18:1B:3C:8A:C3:3F:13:85:A5:B7
Certificate issuer:       /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial:       01856B936068BBA4B4F4307F974561AB0CEB
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/t8dMVfnaWm9PVhgbPIrDPxOFpbc.roa
Signing time:             Sun 01 Jan 2023 04:24:58 +0000
ROA not before:           Sun 01 Jan 2023 04:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33438
IP address blocks:        94.31.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:60:68:bb:a4:b4:f4:30:7f:97:45:61:ab:0c:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
        Validity
            Not Before: Jan  1 04:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b7c74c55f9da5a6f4f56181b3c8ac33f1385a5b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:bc:a5:ac:b2:22:2c:44:e6:94:a3:94:74:db:
                    b0:74:19:02:b4:59:a0:7a:12:f1:85:82:15:90:22:
                    d9:96:b3:1e:96:99:11:b9:4e:42:61:25:8e:57:6f:
                    59:6a:47:94:5c:4c:f3:a6:78:fa:54:49:c0:95:8f:
                    33:15:05:39:15:c3:c3:ed:c1:3b:f9:8c:bb:3c:5c:
                    72:fc:bb:49:7e:84:44:76:f6:fb:a1:86:3e:ae:0b:
                    ef:9e:03:28:cf:ef:9d:e6:8c:27:a6:e2:44:18:8b:
                    2e:d1:d4:a3:4f:59:ec:da:79:3f:4e:36:47:e0:34:
                    f5:c9:cd:a1:32:6d:c5:8f:fc:88:14:85:0a:e1:87:
                    b7:87:b1:fc:b8:73:c6:fe:20:e1:43:4d:be:aa:31:
                    10:6d:b2:9f:c2:27:a9:a6:de:6a:6f:76:30:a5:35:
                    53:48:66:f2:15:54:a1:99:e7:43:e5:5a:e1:ec:16:
                    63:be:60:54:b8:bb:65:ff:60:fa:1c:c4:f8:b2:5d:
                    f1:8a:67:18:09:06:6d:e7:58:fb:d2:8a:dd:13:59:
                    af:1d:99:6e:58:c9:34:e0:12:f5:f0:fb:40:f5:f2:
                    3c:0a:8c:ad:59:03:b1:ae:d7:13:4a:3b:87:43:d3:
                    53:fe:6b:32:84:28:90:c6:4f:4b:9d:1d:a8:f2:23:
                    95:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:C7:4C:55:F9:DA:5A:6F:4F:56:18:1B:3C:8A:C3:3F:13:85:A5:B7
            X509v3 Authority Key Identifier:
                keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/t8dMVfnaWm9PVhgbPIrDPxOFpbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.31.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:72:06:ac:d8:a2:f3:a9:bc:3e:4c:b8:ef:e9:28:98:1c:a1:
         db:92:a5:66:2f:50:98:d4:e6:49:49:81:7f:ab:7c:bf:0b:58:
         7b:38:a2:e2:ae:9f:ba:9c:c6:5a:bf:a7:e2:a6:19:03:b8:57:
         06:37:a5:8d:94:de:c7:2f:f3:9f:8a:33:1a:9b:5a:94:e4:83:
         fd:b0:16:35:e1:e4:5c:2d:65:76:ee:90:e4:b8:07:43:c0:ba:
         fc:67:91:52:9c:7d:fa:03:05:98:d4:2b:04:68:e6:6d:e5:6b:
         b6:6c:cd:f0:90:c6:9b:d1:a4:82:de:9e:b6:b0:cb:96:a5:00:
         b7:4f:eb:ac:0f:14:a4:8d:c1:a9:ad:be:72:67:70:4d:fa:ad:
         cc:48:e8:11:83:7b:d7:e1:0a:0f:9e:19:4e:b3:66:4c:25:c9:
         48:6d:68:1b:79:75:a9:b3:8a:04:05:8f:83:29:bf:be:b3:bc:
         c1:49:5c:dc:c2:70:9d:f4:58:1c:e3:e4:c7:52:a7:9a:a7:24:
         ca:9c:87:52:8b:4e:d6:4e:97:50:1d:db:c7:3d:65:27:d0:62:
         cc:fa:81:1d:54:0b:b9:bd:28:69:a9:e8:de:73:56:60:1c:d5:
         2e:14:cf:f5:b8:88:53:dd:12:03:6c:7f:14:16:6e:3d:b4:21:
         36:d3:90:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrk2Bou6S09DB/l0VhqwzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGNjOTQyOWI2MzM4MmU5YjE3MTRkMjFiM2M5NmQyZTVl
YmUyNTcwHhcNMjMwMTAxMDQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M3NGM1NWY5ZGE1YTZmNGY1NjE4MWIzYzhhYzMzZjEzODVhNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLylrLIiLETmlKOUdNuwdBkCtFmg
ehLxhYIVkCLZlrMelpkRuU5CYSWOV29ZakeUXEzzpnj6VEnAlY8zFQU5FcPD7cE7
+Yy7PFxy/LtJfoREdvb7oYY+rgvvngMoz++d5ownpuJEGIsu0dSjT1ns2nk/TjZH
4DT1yc2hMm3Fj/yIFIUK4Ye3h7H8uHPG/iDhQ02+qjEQbbKfwieppt5qb3YwpTVT
SGbyFVShmedD5Vrh7BZjvmBUuLtl/2D6HMT4sl3ximcYCQZt51j70ordE1mvHZlu
WMk04BL18PtA9fI8CoytWQOxrtcTSjuHQ9NT/msyhCiQxk9LnR2o8iOV7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLfHTFX52lpvT1YYGzyKwz8ThaW3MB8GA1UdIwQY
MBaAFOMMyUKbYzgumxcU0hs8ltLl6+JXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUt
ZGI0ZjM1MmU5YWQzLzEvdDhkTVZmbmFXbTlQVmhnYlBJckRQeE9GcGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUtZGI0ZjM1MmU5YWQz
LzEvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXh8dMA0G
CSqGSIb3DQEBCwUAA4IBAQAkcgas2KLzqbw+TLjv6SiYHKHbkqVmL1CY1OZJSYF/
q3y/C1h7OKLirp+6nMZav6fiphkDuFcGN6WNlN7HL/OfijMam1qU5IP9sBY14eRc
LWV27pDkuAdDwLr8Z5FSnH36AwWY1CsEaOZt5Wu2bM3wkMab0aSC3p62sMuWpQC3
T+usDxSkjcGprb5yZ3BN+q3MSOgRg3vX4QoPnhlOs2ZMJclIbWgbeXWps4oEBY+D
Kb++s7zBSVzcwnCd9Fgc4+THUqeapyTKnIdSi07WTpdQHdvHPWUn0GLM+oEdVAu5
vShpqejec1ZgHNUuFM/1uIhT3RIDbH8UFm49tCE205Ag
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org