Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/QlouAQ3Y1eECW3lz2qSoSEA56Zc.roa
File:                     QlouAQ3Y1eECW3lz2qSoSEA56Zc.roa (raw, json)
Hash identifier:          T8xPf/PoYEtzDl2uMyRWN2/TNxj/kTSbm2gZ/RbRbPY=
Subject key identifier:   42:5A:2E:01:0D:D8:D5:E1:02:5B:79:73:DA:A4:A8:48:40:39:E9:97
Certificate issuer:       /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial:       018BDEB1E16EF27BCCB133E145A57168B25B
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/QlouAQ3Y1eECW3lz2qSoSEA56Zc.roa
Signing time:             Fri 17 Nov 2023 19:11:21 +0000
ROA not before:           Fri 17 Nov 2023 19:11:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204144
IP address blocks:        195.20.118.0/24 maxlen: 24
                          31.40.136.0/24 maxlen: 24
                          31.40.133.0/24 maxlen: 24
                          31.40.145.0/24 maxlen: 24
                          31.40.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:de:b1:e1:6e:f2:7b:cc:b1:33:e1:45:a5:71:68:b2:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
        Validity
            Not Before: Nov 17 19:11:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=425a2e010dd8d5e1025b7973daa4a8484039e997
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8c:2f:19:22:73:1c:5b:e7:1d:6f:72:51:03:
                    40:27:2a:45:33:fa:71:f3:37:20:1a:94:76:d9:58:
                    ab:51:ce:d3:48:eb:8f:81:9d:5e:4e:09:d0:23:4e:
                    ca:ca:ae:5f:5e:31:71:99:46:68:03:ed:80:b6:d9:
                    b5:30:67:7e:e9:5e:5b:96:0f:6e:6b:7a:0f:c4:7d:
                    15:5c:4e:40:d4:62:81:cb:ab:64:9d:99:bd:de:e7:
                    90:bd:09:df:67:30:31:d0:e9:10:a7:5c:e7:72:14:
                    01:2c:29:dd:04:64:02:12:33:46:73:43:25:83:c8:
                    a3:2a:0e:13:95:53:81:fd:b0:f2:a2:77:ce:93:69:
                    54:28:2f:3c:89:5b:e0:f8:19:76:29:c5:34:af:69:
                    8e:91:98:2c:9c:b9:98:41:54:b9:96:50:75:76:ce:
                    0a:0b:f7:a8:3f:1d:cc:77:47:5e:34:a9:e0:bd:44:
                    3d:bc:3e:6c:7e:5a:e4:cd:cc:3f:00:3b:17:d5:17:
                    7b:9d:9a:cb:cd:14:8c:f9:0d:64:9d:56:54:39:41:
                    a6:bf:a1:86:82:4e:98:e8:48:d6:a3:4f:1d:cf:42:
                    0d:72:88:3f:29:fe:43:f7:d5:a6:4c:44:66:e7:1d:
                    53:bf:b3:34:65:36:8e:f4:3c:69:e3:ea:04:ec:08:
                    50:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:5A:2E:01:0D:D8:D5:E1:02:5B:79:73:DA:A4:A8:48:40:39:E9:97
            X509v3 Authority Key Identifier:
                keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/QlouAQ3Y1eECW3lz2qSoSEA56Zc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.40.133.0/24
                  31.40.136.0/24
                  31.40.145.0-31.40.146.255
                  195.20.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:eb:13:2c:1c:a1:da:9f:7d:2a:0c:fb:ac:2f:03:60:4b:93:
         ab:7c:71:17:ff:fb:d7:7d:09:be:0c:56:c2:75:14:91:b6:c9:
         0c:d4:e5:d0:87:b2:fe:59:16:18:71:3d:cf:ae:e7:4f:26:47:
         fc:56:b6:2e:f8:25:be:7c:85:6d:9e:cc:64:0b:e1:b3:56:ce:
         36:7c:96:06:51:a6:54:be:83:16:fd:ae:d3:61:20:d9:50:03:
         91:b2:db:d9:e4:c2:51:0d:b0:cc:dd:0d:ff:c5:05:7d:a2:7d:
         97:b8:e4:51:d3:db:60:c9:32:f6:2e:7a:93:81:93:d8:b4:b7:
         d9:7f:2b:46:77:87:8e:3b:66:ff:b2:20:a7:35:1f:4b:5d:5d:
         52:bf:fb:a0:e4:28:ad:3d:45:29:f9:a4:39:32:92:33:0a:d8:
         7c:fb:f8:8e:0b:b6:a3:7c:fd:32:4a:1c:60:46:69:cd:b7:e7:
         b2:10:1d:5e:71:fb:bd:a2:0e:ee:3e:ee:59:5b:6d:3c:64:bb:
         8b:f6:89:44:da:1c:83:d8:3f:c1:10:4f:b2:e9:8f:5b:9e:41:
         ce:ac:7f:60:6a:bf:7f:13:67:df:d2:46:4c:9d:3b:2f:de:91:
         3a:00:fe:f4:da:e4:f2:16:96:85:ef:cd:71:eb:25:27:06:87:
         32:1f:91:61
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYveseFu8nvMsTPhRaVxaLJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMxMTE3MTkxMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVhMmUwMTBkZDhkNWUxMDI1Yjc5NzNkYWE0YTg0ODQwMzllOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqowvGSJzHFvnHW9yUQNAJypFM/px
8zcgGpR22VirUc7TSOuPgZ1eTgnQI07Kyq5fXjFxmUZoA+2Attm1MGd+6V5blg9u
a3oPxH0VXE5A1GKBy6tknZm93ueQvQnfZzAx0OkQp1znchQBLCndBGQCEjNGc0Ml
g8ijKg4TlVOB/bDyonfOk2lUKC88iVvg+Bl2KcU0r2mOkZgsnLmYQVS5llB1ds4K
C/eoPx3Md0deNKngvUQ9vD5sflrkzcw/ADsX1Rd7nZrLzRSM+Q1knVZUOUGmv6GG
gk6Y6EjWo08dz0INcog/Kf5D99WmTERm5x1Tv7M0ZTaO9Dxp4+oE7AhQdwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEJaLgEN2NXhAlt5c9qkqEhAOemXMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvUWxvdUFRM1kxZUVDVzNsejJxU29TRUE1NlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHyiFAwQA
HyiIMAwDBAAfKJEDBAAfKJIDBADDFHYwDQYJKoZIhvcNAQELBQADggEBAHjrEywc
odqffSoM+6wvA2BLk6t8cRf/+9d9Cb4MVsJ1FJG2yQzU5dCHsv5ZFhhxPc+u508m
R/xWti74Jb58hW2ezGQL4bNWzjZ8lgZRplS+gxb9rtNhINlQA5Gy29nkwlENsMzd
Df/FBX2ifZe45FHT22DJMvYuepOBk9i0t9l/K0Z3h447Zv+yIKc1H0tdXVK/+6Dk
KK09RSn5pDkykjMK2Hz7+I4LtqN8/TJKHGBGac2357IQHV5x+72iDu4+7llbbTxk
u4v2iUTaHIPYP8EQT7Lpj1ueQc6sf2Bqv38TZ9/SRkydOy/ekToA/vTa5PIWloXv
zXHrJScGhzIfkWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org