Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/VXeCWQ8sBKZ-A7uZRA59zGjGN0c.roa
File:                     VXeCWQ8sBKZ-A7uZRA59zGjGN0c.roa (raw, json)
Hash identifier:          1mcCnK5BJ7+L2pe9dSR9QheUpFaswWN2rrbyISpfS0s=
Subject key identifier:   55:77:82:59:0F:2C:04:A6:7E:03:BB:99:44:0E:7D:CC:68:C6:37:47
Certificate issuer:       /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial:       018570027C8D97CE7A64C8A425C7AD4EE5DF
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/VXeCWQ8sBKZ-A7uZRA59zGjGN0c.roa
Signing time:             Mon 02 Jan 2023 01:04:49 +0000
ROA not before:           Mon 02 Jan 2023 01:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        31.25.237.0/24 maxlen: 24
                          31.25.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:7c:8d:97:ce:7a:64:c8:a4:25:c7:ad:4e:e5:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
        Validity
            Not Before: Jan  2 01:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=557782590f2c04a67e03bb99440e7dcc68c63747
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:06:bb:d7:f6:7c:3b:8b:73:05:7c:84:c6:9a:
                    64:ca:eb:73:da:25:03:56:59:07:00:19:92:d8:ac:
                    28:a3:de:5f:83:aa:2f:d8:7a:08:3d:3c:01:89:f4:
                    39:7f:27:9a:cb:73:6d:d1:b9:c1:41:39:14:95:b3:
                    c7:b2:89:6a:49:df:11:a6:3c:d2:ef:fa:9f:69:49:
                    7c:56:0d:78:c3:25:74:71:e8:8b:1c:9f:ec:12:60:
                    4d:8d:de:9e:86:77:6c:0e:72:8b:b9:d7:3d:5e:b4:
                    17:bc:08:2f:7a:bb:30:d1:8b:e2:ec:ce:0b:47:80:
                    79:dd:df:09:cb:fa:e3:42:71:49:51:db:21:5c:67:
                    fe:88:60:9c:26:30:77:67:89:70:ac:68:71:a1:00:
                    e4:7b:8b:13:e2:67:16:fe:54:2b:39:fe:4a:4f:82:
                    db:69:8d:be:5c:f8:c3:a3:a6:0b:65:1a:02:b3:2f:
                    a0:0b:a4:93:71:0c:f0:13:29:93:3d:95:3a:d7:a7:
                    a3:78:64:e7:9c:4b:ab:2a:df:a1:1c:39:ed:7a:75:
                    f7:8a:f7:57:ca:3b:0d:ed:7b:dc:40:e0:d6:c1:17:
                    9e:b7:70:e9:17:62:9d:d2:e9:5a:17:b6:8c:aa:1d:
                    9e:ac:ba:f4:6c:e3:f8:f7:a5:1d:67:32:28:c6:0c:
                    29:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:77:82:59:0F:2C:04:A6:7E:03:BB:99:44:0E:7D:CC:68:C6:37:47
            X509v3 Authority Key Identifier:
                keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/VXeCWQ8sBKZ-A7uZRA59zGjGN0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.25.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:1d:5c:20:f5:89:10:48:e0:ff:2f:71:51:c2:17:c9:e8:08:
         22:47:99:dd:cb:87:e4:94:92:4b:0d:ad:ec:eb:82:08:ca:cf:
         85:4e:23:22:1f:77:c6:9a:54:f9:4e:0f:62:2c:14:8e:ee:68:
         d1:cc:2b:89:56:be:cd:70:85:df:9b:8b:a3:6d:00:6a:f5:6d:
         ea:60:3b:21:77:a2:34:19:27:9b:a6:33:e7:12:2d:b6:e3:53:
         4f:5b:66:a5:c0:69:a5:80:86:23:ae:96:ce:9e:c9:96:68:61:
         65:1a:aa:59:e9:c7:f7:96:a7:fc:42:f1:22:3e:aa:d3:e4:03:
         a6:1e:8e:fa:a3:08:4b:c8:54:b7:1d:24:6f:f7:b6:28:00:c4:
         7c:b7:64:97:3a:4a:a7:77:57:e4:04:59:f8:9d:e0:82:a9:47:
         a1:2f:d0:43:10:b9:98:cc:79:ab:19:19:5c:c9:1c:9b:77:8f:
         04:38:70:9c:db:d6:68:37:a5:50:24:4d:34:6e:9c:fb:11:c3:
         1a:b4:40:ef:e4:17:1a:87:2c:7b:91:58:ff:c7:79:a8:cb:99:
         c7:b2:cd:c2:8d:14:83:2b:b0:75:00:19:7b:f0:3c:35:50:de:
         fa:4e:26:24:7c:72:13:a6:c6:69:94:cc:75:4c:0c:fc:0a:51:
         83:be:aa:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnyNl856ZMikJcetTuXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjMwMTAyMDEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTc3ODI1OTBmMmMwNGE2N2UwM2JiOTk0NDBlN2RjYzY4YzYzNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQa71/Z8O4tzBXyExppkyutz2iUD
VlkHABmS2Kwoo95fg6ov2HoIPTwBifQ5fyeay3Nt0bnBQTkUlbPHsolqSd8RpjzS
7/qfaUl8Vg14wyV0ceiLHJ/sEmBNjd6ehndsDnKLudc9XrQXvAgversw0Yvi7M4L
R4B53d8Jy/rjQnFJUdshXGf+iGCcJjB3Z4lwrGhxoQDke4sT4mcW/lQrOf5KT4Lb
aY2+XPjDo6YLZRoCsy+gC6STcQzwEymTPZU616ejeGTnnEurKt+hHDntenX3ivdX
yjsN7XvcQODWwReet3DpF2Kd0ulaF7aMqh2erLr0bOP496UdZzIoxgwp5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFV3glkPLASmfgO7mUQOfcxoxjdHMB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvVlhlQ1dROHNCS1otQTd1WlJBNTl6R2pHTjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHxnsMA0G
CSqGSIb3DQEBCwUAA4IBAQBMHVwg9YkQSOD/L3FRwhfJ6AgiR5ndy4fklJJLDa3s
64IIys+FTiMiH3fGmlT5Tg9iLBSO7mjRzCuJVr7NcIXfm4ujbQBq9W3qYDshd6I0
GSebpjPnEi2241NPW2alwGmlgIYjrpbOnsmWaGFlGqpZ6cf3lqf8QvEiPqrT5AOm
Ho76owhLyFS3HSRv97YoAMR8t2SXOkqnd1fkBFn4neCCqUehL9BDELmYzHmrGRlc
yRybd48EOHCc29ZoN6VQJE00bpz7EcMatEDv5Bcahyx7kVj/x3moy5nHss3CjRSD
K7B1ABl78Dw1UN76TiYkfHITpsZplMx1TAz8ClGDvqrH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:09 2024 by rpki-client on console-fra.rpki-client.org