Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/17lnZvWWrQrc3Uhg9jTSv1WBvWM.roa
File:                     17lnZvWWrQrc3Uhg9jTSv1WBvWM.roa (raw, json)
Hash identifier:          DGOWTXfi/b5lr2BUQB/TLKMDIzTleLaioHcdpjGNJA4=
Subject key identifier:   D7:B9:67:66:F5:96:AD:0A:DC:DD:48:60:F6:34:D2:BF:55:81:BD:63
Certificate issuer:       /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial:       0185718C34A79DC272C1D20DCE6AFF354F30
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/17lnZvWWrQrc3Uhg9jTSv1WBvWM.roa
Signing time:             Mon 02 Jan 2023 08:14:51 +0000
ROA not before:           Mon 02 Jan 2023 08:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21110
IP address blocks:        31.222.56.0/24 maxlen: 24
                          31.222.55.0/24 maxlen: 24
                          31.222.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:34:a7:9d:c2:72:c1:d2:0d:ce:6a:ff:35:4f:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
        Validity
            Not Before: Jan  2 08:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7b96766f596ad0adcdd4860f634d2bf5581bd63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a2:b4:d4:53:bb:fa:0e:95:f0:83:56:a3:0f:
                    16:fc:6e:55:6a:1e:f8:d4:b3:5f:83:45:0b:f3:e4:
                    49:c1:17:ec:f9:a3:fa:6d:6f:d6:96:67:7c:dd:f0:
                    cc:01:95:08:38:08:5f:69:28:58:f2:4c:2a:a3:95:
                    07:cd:4f:c6:e2:16:ba:a2:10:ef:42:6e:4e:12:1b:
                    73:81:2a:7e:c9:17:13:bd:e3:03:b1:ee:3e:1a:c8:
                    7b:bd:6e:03:54:53:df:de:68:39:a6:69:8e:4d:38:
                    b5:f7:b1:52:8e:6f:d3:fe:68:ef:04:04:a4:43:82:
                    dc:44:2a:e5:1b:30:69:a9:b2:f5:77:63:f4:3f:56:
                    ca:5c:46:ee:76:75:b9:0d:2f:59:15:73:6b:6d:e4:
                    2b:5b:d6:97:1d:39:8b:89:1d:93:a5:b3:34:b8:7b:
                    0a:5a:e5:a2:d6:b1:1d:23:75:c0:69:4b:f8:97:5b:
                    e5:5d:52:d5:d6:85:8a:05:55:21:a9:19:61:93:54:
                    b5:14:d2:38:7b:67:95:15:e5:e8:22:98:da:3c:44:
                    6d:35:fa:3c:b5:66:ce:59:81:04:48:b8:06:e4:ee:
                    50:5b:8b:25:06:27:db:dc:5d:95:0a:08:db:b7:f8:
                    c4:21:01:89:c5:bc:07:43:32:2a:63:69:51:f7:f8:
                    e8:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:B9:67:66:F5:96:AD:0A:DC:DD:48:60:F6:34:D2:BF:55:81:BD:63
            X509v3 Authority Key Identifier:
                keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/17lnZvWWrQrc3Uhg9jTSv1WBvWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.222.55.0-31.222.57.255

    Signature Algorithm: sha256WithRSAEncryption
         54:13:f1:03:a7:16:89:db:36:6e:54:b5:88:a8:d8:20:b9:0e:
         3b:0f:cd:72:f7:17:a9:15:b2:8f:00:a5:b2:96:59:c5:6c:4d:
         e2:35:dd:f8:4d:be:e6:a6:22:34:e9:b2:db:1b:c9:f4:a6:37:
         27:ef:b2:5e:86:17:ca:e8:9e:a9:f1:0b:e8:ad:3c:82:e6:2f:
         55:ea:b8:12:2d:70:4e:df:89:31:84:22:c1:8b:75:bb:e6:54:
         11:7b:a3:13:e6:cb:e4:d9:a8:40:5b:51:b4:7a:92:33:52:40:
         69:f7:3e:e4:79:08:28:05:80:49:42:c4:2b:b9:d5:69:8c:eb:
         be:f8:3f:cb:49:d3:15:c9:1b:06:df:38:2a:7e:fd:84:69:c7:
         36:7c:73:0c:74:30:ed:1d:a8:ec:25:9e:66:1d:fc:0d:fb:07:
         47:5f:bf:80:aa:62:a8:4e:2c:1b:90:be:73:8f:fc:96:94:bc:
         9e:55:4c:30:4a:ba:00:c0:4e:85:03:9e:c1:3c:a5:84:87:ca:
         7d:c5:ab:41:75:3a:af:6a:ba:70:25:fe:cc:0d:43:1a:93:ba:
         5a:75:98:d4:60:76:78:1d:05:7f:dd:30:df:c9:da:f5:81:1f:
         d8:2a:d9:a6:99:df:73:47:c7:3f:6d:6b:b1:21:30:ea:a8:97:
         06:f3:03:53
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxjDSnncJywdINzmr/NU8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjMwMTAyMDgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2I5Njc2NmY1OTZhZDBhZGNkZDQ4NjBmNjM0ZDJiZjU1ODFiZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6K01FO7+g6V8INWow8W/G5Vah74
1LNfg0UL8+RJwRfs+aP6bW/Wlmd83fDMAZUIOAhfaShY8kwqo5UHzU/G4ha6ohDv
Qm5OEhtzgSp+yRcTveMDse4+Gsh7vW4DVFPf3mg5pmmOTTi197FSjm/T/mjvBASk
Q4LcRCrlGzBpqbL1d2P0P1bKXEbudnW5DS9ZFXNrbeQrW9aXHTmLiR2TpbM0uHsK
WuWi1rEdI3XAaUv4l1vlXVLV1oWKBVUhqRlhk1S1FNI4e2eVFeXoIpjaPERtNfo8
tWbOWYEESLgG5O5QW4slBifb3F2VCgjbt/jEIQGJxbwHQzIqY2lR9/joBwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNe5Z2b1lq0K3N1IYPY00r9Vgb1jMB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEvMTdsblp2V1dyUXJjM1VoZzlqVFN2MVdCdldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAf3jcD
BAEf3jgwDQYJKoZIhvcNAQELBQADggEBAFQT8QOnFonbNm5UtYio2CC5DjsPzXL3
F6kVso8ApbKWWcVsTeI13fhNvuamIjTpstsbyfSmNyfvsl6GF8ronqnxC+itPILm
L1XquBItcE7fiTGEIsGLdbvmVBF7oxPmy+TZqEBbUbR6kjNSQGn3PuR5CCgFgElC
xCu51WmM6774P8tJ0xXJGwbfOCp+/YRpxzZ8cwx0MO0dqOwlnmYd/A37B0dfv4Cq
YqhOLBuQvnOP/JaUvJ5VTDBKugDAToUDnsE8pYSHyn3Fq0F1Oq9qunAl/swNQxqT
ulp1mNRgdngdBX/dMN/J2vWBH9gq2aaZ33NHxz9ta7EhMOqolwbzA1M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org