Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/31QY4ZMKSsCuhARzkdufcbkK1Lo.roa
File:                     31QY4ZMKSsCuhARzkdufcbkK1Lo.roa (raw, json)
Hash identifier:          KVYczb01XVf1t2kGmVeawQhjJp4Q4JHvC2MREA+vQw8=
Subject key identifier:   DF:54:18:E1:93:0A:4A:C0:AE:84:04:73:91:DB:9F:71:B9:0A:D4:BA
Certificate issuer:       /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial:       01856EC1F5E9E837AB9CCCFE0A0447EE3080
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/31QY4ZMKSsCuhARzkdufcbkK1Lo.roa
Signing time:             Sun 01 Jan 2023 19:14:43 +0000
ROA not before:           Sun 01 Jan 2023 19:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        213.184.80.0/22 maxlen: 24
                          185.154.216.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c1:f5:e9:e8:37:ab:9c:cc:fe:0a:04:47:ee:30:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
        Validity
            Not Before: Jan  1 19:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df5418e1930a4ac0ae84047391db9f71b90ad4ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:75:2c:85:8a:1d:44:9a:c4:e8:5d:52:98:4e:
                    40:04:e6:83:fd:33:82:f9:0a:c7:bc:c7:0e:8f:8e:
                    f9:bf:ab:82:b0:0c:70:f3:26:19:69:75:4e:9b:d2:
                    b3:07:a4:f8:ff:96:0b:45:3c:d8:26:ea:e2:95:00:
                    73:8b:97:3d:44:35:28:f2:88:d6:32:73:15:9e:2b:
                    f3:61:b8:a1:4b:84:7e:cb:dd:62:50:97:ab:af:a9:
                    70:7d:df:25:74:b7:f9:8c:16:5b:14:27:ac:be:8a:
                    d4:d0:6d:5f:93:b5:ec:5f:ad:d5:6f:d9:57:b9:c5:
                    94:de:1f:24:35:1c:5a:a4:0d:ff:98:23:81:2a:6f:
                    da:9b:85:74:25:05:72:67:f0:9a:e5:87:60:ab:78:
                    0f:e6:c8:78:ef:84:c7:aa:c1:cf:be:b5:1c:a7:e8:
                    06:3b:d6:84:d5:0a:bc:56:ee:97:1b:06:5f:8d:9d:
                    bc:0d:71:58:53:e8:e8:ec:99:86:6e:af:1c:fa:08:
                    9d:3a:48:c1:2b:ba:5d:a0:9d:81:52:6e:95:57:fc:
                    42:71:11:ea:42:80:20:e4:4b:b1:70:ed:5e:e1:7c:
                    4f:a1:42:32:41:5e:89:5b:5f:40:c1:ad:3a:c1:ca:
                    90:b7:52:d5:da:47:ce:8d:66:d8:7b:cd:14:f9:75:
                    63:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:54:18:E1:93:0A:4A:C0:AE:84:04:73:91:DB:9F:71:B9:0A:D4:BA
            X509v3 Authority Key Identifier:
                keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/31QY4ZMKSsCuhARzkdufcbkK1Lo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.154.216.0/22
                  213.184.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:2c:53:b7:81:d3:04:3e:30:45:18:15:7f:fa:a2:cd:75:d8:
         1a:ea:91:7b:a7:6e:be:0b:ba:34:03:de:00:42:24:17:fa:4b:
         34:a4:2b:66:22:a3:42:12:2b:fc:b5:c2:b2:2d:2c:29:e2:5c:
         d8:47:16:cf:fb:2e:07:8d:8f:9a:8f:e3:fc:f6:28:13:ed:b6:
         13:e4:ed:8d:98:0b:d0:4b:3b:63:76:61:bd:df:ef:88:f4:4d:
         5d:8c:6d:b2:1f:48:c7:f5:b1:5b:7d:02:2d:c9:c6:c2:f4:7d:
         3c:9e:ac:87:1f:54:2d:01:19:45:2c:5a:18:40:bc:91:b0:ec:
         fb:45:9d:21:6b:de:3c:fb:ff:67:4c:f5:62:19:8d:4c:28:36:
         5c:7b:a0:b6:04:88:61:cb:6b:53:3c:60:13:7d:a5:03:c1:65:
         61:94:99:bf:d5:c1:f0:b7:45:31:be:55:cc:d6:d4:73:60:d8:
         b6:47:ca:8f:7b:28:d8:39:b0:86:cb:66:5c:6a:11:d7:9e:52:
         16:d0:d3:26:ca:86:c7:de:16:50:ed:9e:fc:e6:04:28:13:d7:
         07:5b:71:7b:68:d0:6c:cc:55:39:73:33:a7:23:e9:75:52:f9:
         d0:f9:f7:af:33:08:03:f8:1e:58:66:fb:95:bb:43:a6:c9:fc:
         1d:5b:c7:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwfXp6DernMz+CgRH7jCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzc5ZDI4NTViODk3NDE4MjA4ZDQ3YmE2ZTUxNDYwMDE1
YjVkN2IwHhcNMjMwMTAxMTkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjU0MThlMTkzMGE0YWMwYWU4NDA0NzM5MWRiOWY3MWI5MGFkNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXUshYodRJrE6F1SmE5ABOaD/TOC
+QrHvMcOj475v6uCsAxw8yYZaXVOm9KzB6T4/5YLRTzYJurilQBzi5c9RDUo8ojW
MnMVnivzYbihS4R+y91iUJerr6lwfd8ldLf5jBZbFCesvorU0G1fk7XsX63Vb9lX
ucWU3h8kNRxapA3/mCOBKm/am4V0JQVyZ/Ca5Ydgq3gP5sh474THqsHPvrUcp+gG
O9aE1Qq8Vu6XGwZfjZ28DXFYU+jo7JmGbq8c+gidOkjBK7pdoJ2BUm6VV/xCcRHq
QoAg5EuxcO1e4XxPoUIyQV6JW19Awa06wcqQt1LV2kfOjWbYe80U+XVjkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN9UGOGTCkrAroQEc5Hbn3G5CtS6MB8GA1UdIwQY
MBaAFNrHnShVuJdBggjUe6blFGABW117MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDct
NDQ1ZDQ1ODhjMzEyLzEvMzFRWTRaTUtTc0N1aEFSemtkdWZjYmtLMUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDctNDQ1ZDQ1ODhjMzEy
LzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZrYAwQC
1bhQMA0GCSqGSIb3DQEBCwUAA4IBAQCILFO3gdMEPjBFGBV/+qLNddga6pF7p26+
C7o0A94AQiQX+ks0pCtmIqNCEiv8tcKyLSwp4lzYRxbP+y4HjY+aj+P89igT7bYT
5O2NmAvQSztjdmG93++I9E1djG2yH0jH9bFbfQItycbC9H08nqyHH1QtARlFLFoY
QLyRsOz7RZ0ha948+/9nTPViGY1MKDZce6C2BIhhy2tTPGATfaUDwWVhlJm/1cHw
t0UxvlXM1tRzYNi2R8qPeyjYObCGy2ZcahHXnlIW0NMmyobH3hZQ7Z785gQoE9cH
W3F7aNBszFU5czOnI+l1UvnQ+fevMwgD+B5YZvuVu0OmyfwdW8f+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:26 2024 by rpki-client on console-ams.rpki-client.org