Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/cJLsqllGzr6ha3xj-ucjAc78I6s.roa
File:                     cJLsqllGzr6ha3xj-ucjAc78I6s.roa (raw, json)
Hash identifier:          8CNdtuuplurjb9TdXJcIi0txCmQKC7Ku7NrakVmP9NA=
Subject key identifier:   70:92:EC:AA:59:46:CE:BE:A1:6B:7C:63:FA:E7:23:01:CE:FC:23:AB
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       018CC4254231F6E7C690D58FD08F41421CBF
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/cJLsqllGzr6ha3xj-ucjAc78I6s.roa
Signing time:             Mon 01 Jan 2024 08:30:25 +0000
ROA not before:           Mon 01 Jan 2024 08:30:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        31.223.200.0/21 maxlen: 24
                          31.223.192.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Sun 31 Mar 2024 17:37:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:42:31:f6:e7:c6:90:d5:8f:d0:8f:41:42:1c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Jan  1 08:30:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7092ecaa5946cebea16b7c63fae72301cefc23ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:e0:43:88:3f:91:04:c1:6e:a7:0d:9d:b3:f7:
                    c1:a0:bb:21:3a:72:33:41:34:83:59:56:50:08:99:
                    23:88:c5:40:78:90:66:16:8f:63:0d:b7:70:34:f5:
                    4c:03:bb:04:fb:89:ad:7d:90:81:b4:d1:a7:84:01:
                    ac:cc:da:0d:5a:1e:ea:84:4b:e8:e9:c1:be:cc:76:
                    d7:b0:5a:3f:0a:51:06:97:b0:ef:2c:53:4f:24:3e:
                    9c:a2:67:b3:39:45:3a:91:72:7f:d4:6f:e3:57:2e:
                    13:ab:2d:f3:a2:49:be:b6:39:4d:45:d2:ff:d3:5e:
                    4e:29:3c:97:e7:82:57:f2:ce:d2:38:9d:38:5d:f1:
                    80:a6:61:65:37:7b:1a:7b:c0:26:2e:5d:9a:d2:1c:
                    16:11:81:2d:56:67:4d:c7:2c:11:60:a1:89:f9:96:
                    14:90:56:be:df:b3:9f:e3:77:29:ac:4e:02:a4:a3:
                    67:57:2d:89:c3:5c:b2:f7:ee:38:cf:2d:48:6e:aa:
                    82:4a:d2:9b:f2:87:64:0f:61:b5:24:bb:8d:1c:65:
                    f3:42:57:ad:94:dd:49:6f:7b:1a:d1:c8:8b:b5:e0:
                    0f:12:db:ec:2b:9f:0f:2b:0b:38:23:9e:16:d8:b9:
                    50:64:ec:0a:fd:9c:93:1b:a6:4a:fd:40:06:b6:8a:
                    4c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:92:EC:AA:59:46:CE:BE:A1:6B:7C:63:FA:E7:23:01:CE:FC:23:AB
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/cJLsqllGzr6ha3xj-ucjAc78I6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.223.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         84:63:6f:fa:54:9b:d2:b0:79:2c:98:65:93:2e:e4:78:1f:a3:
         a1:a7:d1:8e:97:3f:99:97:11:2e:5f:11:d2:fd:d2:7b:bf:94:
         3e:c6:24:08:77:a6:77:07:d9:76:c0:eb:58:24:46:4a:d0:33:
         c6:48:b0:a5:5c:c7:f9:d4:a3:65:c8:ad:6b:d1:fc:e9:a6:63:
         7c:c8:93:66:ec:73:42:06:41:d3:f8:e6:c0:2d:50:85:eb:8f:
         1f:90:0c:38:3c:14:72:2e:88:e7:8d:10:67:5c:a3:cd:5b:b9:
         57:cc:6c:6c:99:a3:44:d8:1b:15:09:72:d0:c5:00:90:1e:45:
         6e:fe:95:cc:7c:d4:23:ca:c9:f7:6c:50:31:38:90:73:e1:d4:
         87:d0:2b:2d:d4:20:5b:ef:85:a0:77:7b:73:08:77:f6:a0:35:
         d4:29:34:b2:84:e7:7d:55:9d:e3:02:fd:5d:ce:6f:e2:2e:94:
         dd:4e:28:da:ca:0e:10:21:d5:1e:26:33:43:e8:b6:37:df:ba:
         39:b2:c4:6a:d9:dc:1e:bd:e6:c2:51:d9:44:96:72:2a:dd:87:
         d2:ce:dc:b7:ad:e0:fa:c3:54:1a:0e:3c:a6:f1:2d:da:f7:22:
         5d:8f:49:f1:98:54:e5:19:33:5b:6d:b3:0d:74:1f:d8:e2:0a:
         31:e2:ea:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJUIx9ufGkNWP0I9BQhy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkyZWNhYTU5NDZjZWJlYTE2YjdjNjNmYWU3MjMwMWNlZmMyM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOBDiD+RBMFupw2ds/fBoLshOnIz
QTSDWVZQCJkjiMVAeJBmFo9jDbdwNPVMA7sE+4mtfZCBtNGnhAGszNoNWh7qhEvo
6cG+zHbXsFo/ClEGl7DvLFNPJD6comezOUU6kXJ/1G/jVy4Tqy3zokm+tjlNRdL/
015OKTyX54JX8s7SOJ04XfGApmFlN3sae8AmLl2a0hwWEYEtVmdNxywRYKGJ+ZYU
kFa+37Of43cprE4CpKNnVy2Jw1yy9+44zy1IbqqCStKb8odkD2G1JLuNHGXzQlet
lN1Jb3sa0ciLteAPEtvsK58PKws4I54W2LlQZOwK/ZyTG6ZK/UAGtopM1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCS7KpZRs6+oWt8Y/rnIwHO/COrMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvY0pMc3FsbEd6cjZoYTN4ai11Y2pBYzc4STZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH9/AMA0G
CSqGSIb3DQEBCwUAA4IBAQCEY2/6VJvSsHksmGWTLuR4H6Ohp9GOlz+ZlxEuXxHS
/dJ7v5Q+xiQId6Z3B9l2wOtYJEZK0DPGSLClXMf51KNlyK1r0fzppmN8yJNm7HNC
BkHT+ObALVCF648fkAw4PBRyLojnjRBnXKPNW7lXzGxsmaNE2BsVCXLQxQCQHkVu
/pXMfNQjysn3bFAxOJBz4dSH0Cst1CBb74Wgd3tzCHf2oDXUKTSyhOd9VZ3jAv1d
zm/iLpTdTijayg4QIdUeJjND6LY337o5ssRq2dwevebCUdlElnIq3YfSzty3reD6
w1QaDjym8S3a9yJdj0nxmFTlGTNbbbMNdB/Y4gox4upO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:32 2024 by rpki-client on console-ams.rpki-client.org