Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/JqaozR5lt9w4XqLO0tqQ1CKo72U.roa
File:                     JqaozR5lt9w4XqLO0tqQ1CKo72U.roa (raw, json)
Hash identifier:          2oewXPBPZam76x41hSIOST8T9Tl/LfbsUdrZl1Bio2k=
Subject key identifier:   26:A6:A8:CD:1E:65:B7:DC:38:5E:A2:CE:D2:DA:90:D4:22:A8:EF:65
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4CA44DC24DFA02CA99C605F7E0147
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/JqaozR5lt9w4XqLO0tqQ1CKo72U.roa
Signing time:             Sun 01 Jan 2023 19:35:17 +0000
ROA not before:           Sun 01 Jan 2023 19:35:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51621
IP address blocks:        185.71.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:ca:44:dc:24:df:a0:2c:a9:9c:60:5f:7e:01:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=26a6a8cd1e65b7dc385ea2ced2da90d422a8ef65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:35:a4:6f:51:16:07:38:91:3a:81:d5:3d:58:
                    99:cb:ed:39:2c:32:99:36:be:7b:65:ec:1e:fe:74:
                    ae:9c:14:b3:81:10:39:c5:10:78:94:d3:ec:54:77:
                    72:e0:96:81:52:d7:41:10:d7:ff:a6:2d:f8:8b:9f:
                    2a:78:21:3f:e4:68:8c:72:42:3c:4f:1f:aa:6c:b8:
                    ab:41:e4:66:68:bd:e9:fa:b9:05:bd:9f:c2:10:3f:
                    fc:d8:fa:7c:7a:41:ca:1a:8b:2c:88:0f:1f:40:a3:
                    d0:a9:9a:9f:f0:fb:02:80:ca:2c:5c:5a:8a:3c:40:
                    31:07:ed:d9:32:2e:c6:6d:24:2f:7e:31:58:fb:2f:
                    e7:5e:7e:87:20:a9:4b:35:94:4f:49:e3:35:1f:10:
                    87:02:0b:c4:97:8b:89:11:18:62:17:5b:a8:ef:3c:
                    2e:72:9b:24:9e:11:f6:fe:ae:63:57:f1:ed:31:a8:
                    7c:3f:55:a9:9b:e4:c2:89:e6:c8:9e:98:de:cc:40:
                    2e:2a:89:dc:79:e9:0a:0a:ba:97:e3:58:38:b7:cb:
                    b7:b7:9b:c4:27:0a:a3:b1:75:ea:ec:84:ee:ed:e8:
                    52:02:ee:57:11:47:1d:29:a6:99:f7:09:47:77:fe:
                    66:12:3c:9e:7d:94:bb:39:34:53:a1:d3:c3:3f:c6:
                    bf:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A6:A8:CD:1E:65:B7:DC:38:5E:A2:CE:D2:DA:90:D4:22:A8:EF:65
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/JqaozR5lt9w4XqLO0tqQ1CKo72U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:61:83:dd:ee:bb:b3:52:d4:6f:0f:af:1e:47:d0:22:0a:b0:
         49:55:11:be:48:62:ad:6f:a1:17:95:c6:b6:1e:40:34:a5:a8:
         96:77:3b:46:a1:3a:a8:34:ad:11:2d:74:d2:07:2b:d2:05:b2:
         63:ff:1b:a9:0a:cd:a9:15:06:c8:a9:ca:de:e3:34:77:f3:fa:
         7e:cf:7f:a3:2a:9b:75:59:8f:29:e4:8a:7c:e3:1b:ef:f6:d7:
         20:b8:43:2b:b3:8e:0d:a4:96:0d:b5:c5:02:9e:8b:6d:26:b2:
         a3:52:52:df:fe:90:63:62:d4:c2:86:f1:2c:ac:e0:8b:7c:ed:
         48:e2:00:b3:ee:c1:e1:56:94:9e:e3:0a:db:8f:b9:dc:9e:64:
         bf:73:3f:aa:35:37:45:2b:3f:53:d4:07:5c:6c:75:23:50:fb:
         65:23:2f:1f:d9:e6:ad:12:f8:54:96:a5:c2:17:38:f8:38:70:
         55:4c:73:aa:3d:4d:13:67:c0:06:14:65:03:5a:d1:a4:7e:c0:
         cb:87:a1:ad:2b:40:0f:a1:11:6f:a7:20:fd:5c:25:22:52:99:
         58:11:8b:3d:dc:40:f5:89:9b:b0:b8:71:e0:1c:ec:c4:8c:42:
         2c:78:3d:4a:cd:31:6c:ef:d0:ea:0b:4a:4c:a6:fb:8d:37:b0:
         8b:7a:e7:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MpE3CTfoCypnGBffgFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmE2YThjZDFlNjViN2RjMzg1ZWEyY2VkMmRhOTBkNDIyYThlZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDWkb1EWBziROoHVPViZy+05LDKZ
Nr57Zewe/nSunBSzgRA5xRB4lNPsVHdy4JaBUtdBENf/pi34i58qeCE/5GiMckI8
Tx+qbLirQeRmaL3p+rkFvZ/CED/82Pp8ekHKGossiA8fQKPQqZqf8PsCgMosXFqK
PEAxB+3ZMi7GbSQvfjFY+y/nXn6HIKlLNZRPSeM1HxCHAgvEl4uJERhiF1uo7zwu
cpsknhH2/q5jV/HtMah8P1Wpm+TCiebInpjezEAuKonceekKCrqX41g4t8u3t5vE
JwqjsXXq7ITu7ehSAu5XEUcdKaaZ9wlHd/5mEjyefZS7OTRTodPDP8a/WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCamqM0eZbfcOF6iztLakNQiqO9lMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvSnFhb3pSNWx0OXc0WHFMTzB0cVExQ0tvNzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUcfMA0G
CSqGSIb3DQEBCwUAA4IBAQAIYYPd7ruzUtRvD68eR9AiCrBJVRG+SGKtb6EXlca2
HkA0paiWdztGoTqoNK0RLXTSByvSBbJj/xupCs2pFQbIqcre4zR38/p+z3+jKpt1
WY8p5Ip84xvv9tcguEMrs44NpJYNtcUCnottJrKjUlLf/pBjYtTChvEsrOCLfO1I
4gCz7sHhVpSe4wrbj7ncnmS/cz+qNTdFKz9T1AdcbHUjUPtlIy8f2eatEvhUlqXC
Fzj4OHBVTHOqPU0TZ8AGFGUDWtGkfsDLh6GtK0APoRFvpyD9XCUiUplYEYs93ED1
iZuwuHHgHOzEjEIseD1KzTFs79DqC0pMpvuNN7CLeudD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org