Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/9e9d9d-9091-435a-9967-d8468b72f1a0/1/KmW-uyI51K-Cv3eooFnW8a_-eXg.roa
File:                     KmW-uyI51K-Cv3eooFnW8a_-eXg.roa (raw, json)
Hash identifier:          3dQjrbPstS0fGtDELW48xPBzKAMGXWX/hlcRkOG7VY4=
Subject key identifier:   2A:65:BE:BB:22:39:D4:AF:82:BF:77:A8:A0:59:D6:F1:AF:FE:79:78
Certificate issuer:       /CN=8b9289d88259c33cc7ad81482b779450ae4eac03
Certificate serial:       0187BDC794C5F9F325BEEF1A4C4329C487F4
Authority key identifier: 8B:92:89:D8:82:59:C3:3C:C7:AD:81:48:2B:77:94:50:AE:4E:AC:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i5KJ2IJZwzzHrYFIK3eUUK5OrAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/9e9d9d-9091-435a-9967-d8468b72f1a0/1/KmW-uyI51K-Cv3eooFnW8a_-eXg.roa
Signing time:             Wed 26 Apr 2023 13:36:26 +0000
ROA not before:           Wed 26 Apr 2023 13:36:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39507
IP address blocks:        31.130.216.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bd:c7:94:c5:f9:f3:25:be:ef:1a:4c:43:29:c4:87:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b9289d88259c33cc7ad81482b779450ae4eac03
        Validity
            Not Before: Apr 26 13:36:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a65bebb2239d4af82bf77a8a059d6f1affe7978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:12:09:ed:b5:2a:c1:89:ab:1b:b8:fe:98:99:
                    2d:1e:f9:7b:9a:9b:33:56:d1:d2:4f:af:a7:65:08:
                    b2:87:e8:97:32:d9:c2:93:e9:0b:dc:ee:09:64:ef:
                    6d:17:2b:1e:8b:01:09:a6:51:30:78:ef:fd:3c:15:
                    ce:b6:9c:af:8e:24:6d:a6:7e:88:08:17:cf:33:5b:
                    1e:19:1a:4f:b3:ce:92:5e:e0:7d:45:fa:35:e7:8c:
                    3d:f1:1d:da:d4:d6:07:f8:49:52:0e:2a:7d:dc:da:
                    98:56:51:0f:ac:61:a0:37:98:dd:5a:10:e0:9b:80:
                    0a:0a:b3:f7:52:c9:44:b6:40:6d:ec:a5:e3:8b:bd:
                    79:92:13:77:ef:2b:1e:79:50:62:47:e4:7f:eb:83:
                    77:51:06:03:8b:dd:3c:f9:02:5e:72:dc:85:32:43:
                    e4:3a:60:d8:d8:9c:3b:58:9a:fe:6c:50:dc:0c:d4:
                    e3:72:0a:ad:1d:c5:c8:8b:c0:8b:ff:1b:c2:b4:e7:
                    fd:88:af:6f:8f:37:f4:a4:4a:7b:1a:e8:b7:f4:7d:
                    38:2c:60:86:e2:a6:d2:35:aa:1d:b5:03:ea:04:d3:
                    2d:7c:37:e2:7f:0f:73:9e:c2:0f:64:33:6c:17:ab:
                    6f:73:f4:34:08:49:e7:80:93:0e:c1:45:1a:0d:dc:
                    48:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:65:BE:BB:22:39:D4:AF:82:BF:77:A8:A0:59:D6:F1:AF:FE:79:78
            X509v3 Authority Key Identifier:
                keyid:8B:92:89:D8:82:59:C3:3C:C7:AD:81:48:2B:77:94:50:AE:4E:AC:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5KJ2IJZwzzHrYFIK3eUUK5OrAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/9e9d9d-9091-435a-9967-d8468b72f1a0/1/KmW-uyI51K-Cv3eooFnW8a_-eXg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/9e9d9d-9091-435a-9967-d8468b72f1a0/1/i5KJ2IJZwzzHrYFIK3eUUK5OrAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.130.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         37:36:0f:b5:15:96:60:68:48:c8:3c:8e:2c:9e:04:9a:e8:ec:
         98:13:14:16:e1:f0:ca:b3:a3:1d:2d:f9:6d:71:8e:16:33:21:
         f3:be:fc:94:b8:dc:8d:a6:c5:cc:4a:8b:39:05:d9:35:2c:09:
         37:80:62:cb:17:10:b6:65:cc:a9:1d:3d:3a:ac:cc:6b:f1:fb:
         b6:bb:74:5c:00:4a:95:c0:69:41:a5:8b:93:cb:a1:ab:1d:29:
         a2:3e:30:b2:b6:d4:9f:cc:3b:e0:e8:9b:12:6b:cd:c1:76:a8:
         2e:e6:5a:ff:22:6e:a1:8e:c8:4b:a4:d8:a6:9e:2a:71:41:b9:
         dc:69:07:ca:8c:7a:ae:b4:62:54:a5:93:12:46:eb:51:da:d3:
         68:13:34:e9:1d:b1:fc:fe:56:12:7f:17:81:b9:0d:c7:ef:6b:
         06:9c:d6:83:51:66:a0:f7:db:c2:34:ed:ac:a6:39:f7:1e:20:
         35:e2:fe:9f:0d:cc:93:f3:f9:24:67:8b:d7:1e:a4:a4:f5:c6:
         c8:f2:94:a5:14:5b:da:ed:22:d8:5e:a8:4c:8f:f9:25:9d:4d:
         cf:24:f2:58:8c:52:86:1e:4d:cb:47:2c:d9:36:a2:a8:ce:84:
         60:ff:51:45:2e:a6:c3:80:9f:e5:39:0c:7b:27:cc:cd:d8:79:
         a3:84:b0:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9x5TF+fMlvu8aTEMpxIf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTI4OWQ4ODI1OWMzM2NjN2FkODE0ODJiNzc5NDUwYWU0
ZWFjMDMwHhcNMjMwNDI2MTMzNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY1YmViYjIyMzlkNGFmODJiZjc3YThhMDU5ZDZmMWFmZmU3OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRIJ7bUqwYmrG7j+mJktHvl7mpsz
VtHST6+nZQiyh+iXMtnCk+kL3O4JZO9tFyseiwEJplEweO/9PBXOtpyvjiRtpn6I
CBfPM1seGRpPs86SXuB9Rfo154w98R3a1NYH+ElSDip93NqYVlEPrGGgN5jdWhDg
m4AKCrP3UslEtkBt7KXji715khN37yseeVBiR+R/64N3UQYDi908+QJectyFMkPk
OmDY2Jw7WJr+bFDcDNTjcgqtHcXIi8CL/xvCtOf9iK9vjzf0pEp7Gui39H04LGCG
4qbSNaodtQPqBNMtfDfifw9znsIPZDNsF6tvc/Q0CEnngJMOwUUaDdxI+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCplvrsiOdSvgr93qKBZ1vGv/nl4MB8GA1UdIwQY
MBaAFIuSidiCWcM8x62BSCt3lFCuTqwDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVLSjJJSlp3enpIcllGSUszZVVVSzVPckFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy85ZTlkOWQtOTA5MS00MzVhLTk5Njct
ZDg0NjhiNzJmMWEwLzEvS21XLXV5STUxSy1DdjNlb29Gblc4YV8tZVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy85ZTlkOWQtOTA5MS00MzVhLTk5NjctZDg0NjhiNzJmMWEw
LzEvaTVLSjJJSlp3enpIcllGSUszZVVVSzVPckFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4LYMA0G
CSqGSIb3DQEBCwUAA4IBAQA3Ng+1FZZgaEjIPI4sngSa6OyYExQW4fDKs6MdLflt
cY4WMyHzvvyUuNyNpsXMSos5Bdk1LAk3gGLLFxC2ZcypHT06rMxr8fu2u3RcAEqV
wGlBpYuTy6GrHSmiPjCyttSfzDvg6JsSa83Bdqgu5lr/Im6hjshLpNimnipxQbnc
aQfKjHqutGJUpZMSRutR2tNoEzTpHbH8/lYSfxeBuQ3H72sGnNaDUWag99vCNO2s
pjn3HiA14v6fDcyT8/kkZ4vXHqSk9cbI8pSlFFva7SLYXqhMj/klnU3PJPJYjFKG
Hk3LRyzZNqKozoRg/1FFLqbDgJ/lOQx7J8zN2HmjhLBh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:16 2024 by rpki-client on console-fra.rpki-client.org