Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa
File:                     vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa (raw, json)
Hash identifier:          82St4WMM8HekY66OXHATAncJcQfFyldZZ7G5bpc0O7E=
Subject key identifier:   BD:0A:A6:92:19:25:96:18:D8:34:5F:E0:72:EB:EB:EF:1D:60:4E:04
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C9BAF7F8E017DC4E94EF5E984C1375F9C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa
Signing time:             Sun 24 Dec 2023 11:56:59 +0000
ROA not before:           Sun 24 Dec 2023 11:56:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61218
IP address blocks:        31.42.183.0/24 maxlen: 24
                          2a0e:97c0:4b00::/40 maxlen: 48
                          2a0e:b100:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:9b:af:7f:8e:01:7d:c4:e9:4e:f5:e9:84:c1:37:5f:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 24 11:56:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd0aa69219259618d8345fe072ebebef1d604e04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:7d:b5:dd:3f:cb:b8:e8:5f:fc:ae:74:53:88:
                    16:97:f7:39:03:85:35:41:96:e1:75:68:65:99:a6:
                    0e:0a:0c:e7:5f:f5:16:21:62:d1:3c:ef:66:dd:c8:
                    0f:9c:0d:39:94:2f:bb:c2:0d:60:66:17:16:7b:80:
                    1a:51:19:73:57:0c:eb:c6:93:69:26:1f:30:20:1d:
                    cd:1a:eb:1e:b3:7f:e5:06:b4:29:43:42:59:a1:e9:
                    a8:34:e8:12:52:79:54:ef:50:da:87:6f:bf:55:f9:
                    2c:16:ae:43:f7:07:58:72:b3:a1:8e:fb:20:bc:30:
                    cc:08:0c:f6:50:30:c8:67:d2:28:0c:d8:9e:c2:59:
                    3f:99:28:41:b1:0b:31:af:4c:3b:5d:9c:ce:04:27:
                    e6:c4:aa:3e:5f:e4:02:4a:79:89:50:20:0c:25:ed:
                    4e:cf:73:2d:e9:b1:6d:1f:7a:72:e9:08:a6:f8:40:
                    75:c5:89:86:d1:a4:6b:e7:ab:19:b7:da:86:cf:e5:
                    34:38:7b:ff:dc:b5:99:58:fe:8b:f1:c1:6f:76:7f:
                    56:d1:45:7f:71:60:0b:0d:79:c6:5a:c7:80:90:79:
                    06:74:4f:81:5d:66:69:3e:e7:6c:86:19:d1:d0:ec:
                    3b:b0:23:a8:47:07:82:bf:43:de:16:fe:bb:23:f5:
                    fc:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:0A:A6:92:19:25:96:18:D8:34:5F:E0:72:EB:EB:EF:1D:60:4E:04
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.183.0/24
                IPv6:
                  2a0e:97c0:4b00::/40
                  2a0e:b100:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:91:e1:08:0e:98:fd:1b:d3:8c:82:f7:52:67:0f:b3:06:32:
         10:46:ac:de:93:02:41:43:4f:f3:d4:54:34:a7:fa:45:8e:80:
         7f:a9:a5:bc:9f:70:50:3c:53:08:31:2d:d9:80:82:e6:bf:c0:
         89:11:b2:76:04:d0:27:29:3d:a7:3a:57:8a:3b:23:6d:bc:a5:
         64:24:33:5a:9d:e4:fe:74:a1:92:36:87:8a:d6:4e:63:d5:15:
         1b:41:ef:f2:c9:80:db:92:0c:88:36:6a:02:85:15:4c:7f:57:
         65:53:ba:7a:18:25:19:68:e1:52:3b:67:bb:dc:22:24:0e:b0:
         98:63:21:2d:75:4c:69:f6:50:70:f2:4f:10:c7:e2:e9:a4:62:
         95:5d:ea:f5:36:cc:5c:d5:3d:83:9a:28:b7:b7:89:55:97:c2:
         ab:c3:9a:06:48:30:82:e3:65:5c:c4:e8:dd:97:20:a0:9f:0f:
         da:b3:de:89:3b:72:2e:47:c8:35:f0:19:54:89:1c:f6:e4:17:
         27:a9:f2:7a:5c:2d:b6:ec:00:20:05:c6:b7:9c:7e:6f:80:7c:
         dc:4a:78:6a:b8:2e:64:85:b9:95:60:43:30:fb:85:b1:66:0d:
         4c:16:12:d0:d7:0e:0c:e7:1b:1d:37:b7:4c:cf:95:74:1c:15:
         c0:e7:a3:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYybr3+OAX3E6U716YTBN1+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI0MTE1NjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBhYTY5MjE5MjU5NjE4ZDgzNDVmZTA3MmViZWJlZjFkNjA0ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX213T/LuOhf/K50U4gWl/c5A4U1
QZbhdWhlmaYOCgznX/UWIWLRPO9m3cgPnA05lC+7wg1gZhcWe4AaURlzVwzrxpNp
Jh8wIB3NGuses3/lBrQpQ0JZoemoNOgSUnlU71Dah2+/VfksFq5D9wdYcrOhjvsg
vDDMCAz2UDDIZ9IoDNiewlk/mShBsQsxr0w7XZzOBCfmxKo+X+QCSnmJUCAMJe1O
z3Mt6bFtH3py6Qim+EB1xYmG0aRr56sZt9qGz+U0OHv/3LWZWP6L8cFvdn9W0UV/
cWALDXnGWseAkHkGdE+BXWZpPudshhnR0Ow7sCOoRweCv0PeFv67I/X87wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0KppIZJZYY2DRf4HLr6+8dYE4EMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdlFxbWtoa2xsaGpZTkZfZ2N1dnI3eDFnVGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAHyq3MBcE
AgACMBEDBgAqDpfASwMHACoOsQAAATANBgkqhkiG9w0BAQsFAAOCAQEAYJHhCA6Y
/RvTjIL3UmcPswYyEEas3pMCQUNP89RUNKf6RY6Af6mlvJ9wUDxTCDEt2YCC5r/A
iRGydgTQJyk9pzpXijsjbbylZCQzWp3k/nShkjaHitZOY9UVG0Hv8smA25IMiDZq
AoUVTH9XZVO6ehglGWjhUjtnu9wiJA6wmGMhLXVMafZQcPJPEMfi6aRilV3q9TbM
XNU9g5oot7eJVZfCq8OaBkgwguNlXMTo3ZcgoJ8P2rPeiTtyLkfINfAZVIkc9uQX
J6nyelwttuwAIAXGt5x+b4B83Ep4arguZIW5lWBDMPuFsWYNTBYS0NcODOcbHTe3
TM+VdBwVwOejJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org