Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lNnCHEo3yG29BoJE7h8xxfSCOeM.roa
File:                     lNnCHEo3yG29BoJE7h8xxfSCOeM.roa (raw, json)
Hash identifier:          tPpSayXgU0P2VfkSOKrxXGtto+zVYKT3Ne3VUDThdAY=
Subject key identifier:   94:D9:C2:1C:4A:37:C8:6D:BD:06:82:44:EE:1F:31:C5:F4:82:39:E3
Certificate issuer:       /CN=958b37436a89faca2c4f7e60f9ac4d47a199ad66
Certificate serial:       018924AD19343BE79D5B1DE2CD7BAE986E0B
Authority key identifier: 95:8B:37:43:6A:89:FA:CA:2C:4F:7E:60:F9:AC:4D:47:A1:99:AD:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lYs3Q2qJ-sosT35g-axNR6GZrWY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lNnCHEo3yG29BoJE7h8xxfSCOeM.roa
Signing time:             Wed 05 Jul 2023 06:11:11 +0000
ROA not before:           Wed 05 Jul 2023 06:11:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198392
IP address blocks:        31.217.226.0/24 maxlen: 24
                          31.217.225.0/24 maxlen: 24
                          31.217.224.0/24 maxlen: 24
                          31.217.224.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 09 Jul 2023 06:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:24:ad:19:34:3b:e7:9d:5b:1d:e2:cd:7b:ae:98:6e:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=958b37436a89faca2c4f7e60f9ac4d47a199ad66
        Validity
            Not Before: Jul  5 06:11:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=94d9c21c4a37c86dbd068244ee1f31c5f48239e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ee:42:67:53:f7:15:cc:58:e9:97:9a:e6:32:
                    96:5b:99:f7:6b:ae:3f:ea:7a:83:59:63:a6:f8:f8:
                    5a:a0:4a:70:40:a1:7d:80:e9:e9:5d:b0:05:ce:e4:
                    f4:bc:06:70:e8:49:82:e7:04:95:9c:d6:9c:68:d5:
                    a5:ee:3a:5e:d1:fe:17:a9:9d:4d:de:b2:00:ef:c4:
                    d0:3d:6e:1c:99:91:af:2e:aa:8a:70:24:3e:88:fa:
                    fc:32:20:a0:f4:02:99:e1:59:5b:73:ee:19:15:83:
                    d3:ef:8f:e2:be:b3:44:2b:39:2c:be:20:8d:d6:a7:
                    67:c4:2c:38:1a:c5:1e:22:88:0d:e0:50:e1:b9:3b:
                    89:02:97:c7:74:62:a1:42:e4:b9:7b:72:52:df:5f:
                    19:a7:f7:de:72:02:a8:b5:92:1a:08:6a:17:7f:dc:
                    1f:cd:0f:09:14:ff:09:f1:79:fa:37:14:ed:4c:f4:
                    1b:f8:2d:22:d5:3f:76:b5:04:67:26:d0:15:f1:f7:
                    70:30:38:bd:7d:f9:5e:b0:24:13:ec:6c:34:bf:6a:
                    b4:d4:ce:e5:11:5e:17:c2:3f:b6:8b:02:c4:ce:63:
                    65:af:d8:90:bf:3a:02:3d:07:4d:f1:f9:9b:05:0a:
                    37:ea:a2:0e:df:63:b6:03:0c:45:d6:83:c1:e2:10:
                    d5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:D9:C2:1C:4A:37:C8:6D:BD:06:82:44:EE:1F:31:C5:F4:82:39:E3
            X509v3 Authority Key Identifier:
                keyid:95:8B:37:43:6A:89:FA:CA:2C:4F:7E:60:F9:AC:4D:47:A1:99:AD:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYs3Q2qJ-sosT35g-axNR6GZrWY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lNnCHEo3yG29BoJE7h8xxfSCOeM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lYs3Q2qJ-sosT35g-axNR6GZrWY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.217.224.0-31.217.226.255

    Signature Algorithm: sha256WithRSAEncryption
         85:e5:f9:ed:69:72:7c:b2:96:f7:89:9f:9a:3a:08:54:01:85:
         ce:80:9b:ab:ec:0b:17:af:31:73:59:52:aa:91:fa:bc:11:ef:
         f9:80:78:1f:93:13:0d:db:86:fd:3a:ab:84:e7:d6:a0:72:12:
         54:d9:c2:18:03:41:65:72:7c:cc:90:3e:02:c3:9b:56:d3:59:
         24:a1:30:96:9c:4d:14:12:0b:fe:67:bb:61:8f:29:e5:4f:76:
         c6:1b:80:b5:3c:2e:b4:d7:c3:41:bd:25:64:cd:f6:c8:d9:5b:
         a1:51:16:13:e3:b7:c3:86:e1:aa:91:37:f4:7a:f3:be:0a:bc:
         57:d0:4c:cf:50:3b:25:f7:af:71:8b:e8:ef:63:8f:d8:e4:c8:
         b1:a5:12:8b:b5:1f:10:df:20:00:73:9f:2b:b3:ff:66:1d:00:
         1d:b5:8d:b8:3e:a9:8b:fa:36:d6:ff:8e:0e:2d:75:bb:f8:3c:
         3a:66:83:ee:e5:95:a3:bb:e9:d2:5d:ed:d9:9f:69:ec:d1:d4:
         79:d6:46:32:47:4a:84:cf:f4:aa:12:b1:ec:68:8b:1d:71:83:
         2a:17:55:66:88:e0:3e:66:f1:a9:a4:a8:6f:c0:04:a2:19:95:
         0c:43:dd:ca:af:e6:4e:ad:0c:93:f5:e9:3e:2b:c8:42:4f:9b:
         be:32:dd:c1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYkkrRk0O+edWx3izXuumG4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OGIzNzQzNmE4OWZhY2EyYzRmN2U2MGY5YWM0ZDQ3YTE5
OWFkNjYwHhcNMjMwNzA1MDYxMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ5YzIxYzRhMzdjODZkYmQwNjgyNDRlZTFmMzFjNWY0ODIzOWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO5CZ1P3FcxY6Zea5jKWW5n3a64/
6nqDWWOm+PhaoEpwQKF9gOnpXbAFzuT0vAZw6EmC5wSVnNacaNWl7jpe0f4XqZ1N
3rIA78TQPW4cmZGvLqqKcCQ+iPr8MiCg9AKZ4Vlbc+4ZFYPT74/ivrNEKzksviCN
1qdnxCw4GsUeIogN4FDhuTuJApfHdGKhQuS5e3JS318Zp/fecgKotZIaCGoXf9wf
zQ8JFP8J8Xn6NxTtTPQb+C0i1T92tQRnJtAV8fdwMDi9fflesCQT7Gw0v2q01M7l
EV4Xwj+2iwLEzmNlr9iQvzoCPQdN8fmbBQo36qIO32O2AwxF1oPB4hDVVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJTZwhxKN8htvQaCRO4fMcX0gjnjMB8GA1UdIwQY
MBaAFJWLN0NqifrKLE9+YPmsTUehma1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlzM1EycUotc29zVDM1Zy1heE5SNkdacldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9lMzFmMzktYzlmNC00MmMyLWEwM2Ut
MTIxMjUzMTJiMmEzLzEvbE5uQ0hFbzN5RzI5Qm9KRTdoOHh4ZlNDT2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9lMzFmMzktYzlmNC00MmMyLWEwM2UtMTIxMjUzMTJiMmEz
LzEvbFlzM1EycUotc29zVDM1Zy1heE5SNkdacldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAUf2eAD
BAAf2eIwDQYJKoZIhvcNAQELBQADggEBAIXl+e1pcnyylveJn5o6CFQBhc6Am6vs
CxevMXNZUqqR+rwR7/mAeB+TEw3bhv06q4Tn1qByElTZwhgDQWVyfMyQPgLDm1bT
WSShMJacTRQSC/5nu2GPKeVPdsYbgLU8LrTXw0G9JWTN9sjZW6FRFhPjt8OG4aqR
N/R6874KvFfQTM9QOyX3r3GL6O9jj9jkyLGlEou1HxDfIABznyuz/2YdAB21jbg+
qYv6Ntb/jg4tdbv4PDpmg+7llaO76dJd7dmfaezR1HnWRjJHSoTP9KoSsexoix1x
gyoXVWaI4D5m8amkqG/ABKIZlQxD3cqv5k6tDJP16T4ryEJPm74y3cE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:33 2024 by rpki-client on console-fra.rpki-client.org