Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/jO0_3aFXYtCMCZgrhTwvBVUVvNE.roa
File:                     jO0_3aFXYtCMCZgrhTwvBVUVvNE.roa (raw, json)
Hash identifier:          2vNaaJ6IjXmT07fJArFq5dzvuxbm8nPwmMWVDdJKDUA=
Subject key identifier:   8C:ED:3F:DD:A1:57:62:D0:8C:09:98:2B:85:3C:2F:05:55:15:BC:D1
Certificate issuer:       /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial:       018A8E0FBAE505774A9DD58F1942DE6C2ADB
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/jO0_3aFXYtCMCZgrhTwvBVUVvNE.roa
Signing time:             Wed 13 Sep 2023 10:21:50 +0000
ROA not before:           Wed 13 Sep 2023 10:21:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        31.14.37.0/24 maxlen: 24
                          185.155.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 12:53:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8e:0f:ba:e5:05:77:4a:9d:d5:8f:19:42:de:6c:2a:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
        Validity
            Not Before: Sep 13 10:21:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ced3fdda15762d08c09982b853c2f055515bcd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:03:b9:c8:fd:9d:f3:53:83:9e:96:7c:b3:eb:
                    72:99:05:4e:ab:33:74:ac:49:a8:28:eb:a8:f6:2c:
                    76:c0:59:e2:a3:9a:f0:a7:c8:cf:de:9a:8f:bf:4e:
                    2b:d2:2d:a8:28:86:ad:9a:51:77:b0:41:db:83:be:
                    a8:8e:ac:46:75:f7:8d:03:d0:6a:af:1e:3f:5c:5d:
                    db:89:0c:45:de:0a:17:5e:2f:2c:ff:cc:87:d0:0b:
                    30:f3:c2:c0:ba:8f:a8:04:83:b3:5e:2f:1b:78:53:
                    48:a1:7b:62:4f:5b:41:f8:3e:69:64:58:83:85:93:
                    fd:24:47:a4:4c:3d:4e:a6:fc:83:b5:14:04:14:9d:
                    2f:22:48:da:13:5c:1d:bd:01:36:f6:a6:d3:56:65:
                    d8:8f:80:f7:74:83:6e:75:29:c9:c7:a4:01:f4:f9:
                    3a:df:30:a0:2d:ee:2d:5c:b4:02:71:e0:93:85:6c:
                    26:6e:96:fd:63:59:8a:21:dc:35:82:60:c4:d6:0d:
                    07:3f:42:2c:7b:e7:3f:91:50:d8:06:c8:31:1b:ca:
                    b1:29:54:da:e2:07:9c:1f:15:41:4c:40:a5:87:96:
                    34:01:22:19:e1:36:ed:d8:c6:cf:60:e5:24:5c:9b:
                    6d:65:e5:b7:f1:9f:ea:fd:17:f5:82:42:6e:c9:be:
                    1f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:ED:3F:DD:A1:57:62:D0:8C:09:98:2B:85:3C:2F:05:55:15:BC:D1
            X509v3 Authority Key Identifier:
                keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/jO0_3aFXYtCMCZgrhTwvBVUVvNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.37.0/24
                  185.155.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:b1:e1:43:d4:3b:85:4f:10:7e:be:ec:f2:51:42:b1:72:3e:
         18:2f:d8:05:bd:bd:f2:00:e1:b8:be:23:c8:78:74:b0:ae:a8:
         e4:c2:bb:1d:ba:a3:81:a7:d7:56:58:80:6a:3d:d4:b7:28:00:
         5c:e7:2a:ec:78:01:72:e6:b0:0c:30:3f:f7:1a:a9:a8:70:ed:
         c7:26:74:40:cd:d2:d8:b9:60:d1:71:33:b8:8e:81:48:14:1c:
         49:12:c7:03:64:5e:6b:c9:aa:14:19:10:04:ec:a9:20:9c:c5:
         d2:6f:48:fa:4b:08:6e:54:7e:19:51:88:fb:49:b2:31:0d:47:
         75:d6:8e:e9:d9:f8:14:8e:8e:e0:9c:b3:de:a2:6b:e2:45:54:
         2b:63:b4:1d:7c:82:ba:e2:76:41:63:e5:fc:62:2c:c7:92:65:
         bd:34:d7:ee:3d:71:72:67:3c:63:43:8c:3e:05:32:6c:29:81:
         62:3d:27:0d:7f:f1:53:14:97:20:5c:b9:84:40:81:27:0c:05:
         a0:1a:91:70:ad:57:2a:ee:88:90:33:72:ca:bc:13:32:d9:af:
         3a:00:e6:ea:99:73:cb:26:f4:06:d0:8d:94:03:5c:41:4a:8f:
         2d:e9:9f:a2:28:db:c1:b6:8e:bf:5c:e0:15:02:2d:c4:96:32:
         b9:46:26:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqOD7rlBXdKndWPGULebCrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjMwOTEzMTAyMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2VkM2ZkZGExNTc2MmQwOGMwOTk4MmI4NTNjMmYwNTU1MTViY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwO5yP2d81ODnpZ8s+tymQVOqzN0
rEmoKOuo9ix2wFnio5rwp8jP3pqPv04r0i2oKIatmlF3sEHbg76ojqxGdfeNA9Bq
rx4/XF3biQxF3goXXi8s/8yH0Asw88LAuo+oBIOzXi8beFNIoXtiT1tB+D5pZFiD
hZP9JEekTD1OpvyDtRQEFJ0vIkjaE1wdvQE29qbTVmXYj4D3dINudSnJx6QB9Pk6
3zCgLe4tXLQCceCThWwmbpb9Y1mKIdw1gmDE1g0HP0Ise+c/kVDYBsgxG8qxKVTa
4gecHxVBTEClh5Y0ASIZ4Tbt2MbPYOUkXJttZeW38Z/q/Rf1gkJuyb4fvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIztP92hV2LQjAmYK4U8LwVVFbzRMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvak8wXzNhRlhZdENNQ1pncmhUd3ZCVlVWdk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw4lAwQA
uZs3MA0GCSqGSIb3DQEBCwUAA4IBAQB+seFD1DuFTxB+vuzyUUKxcj4YL9gFvb3y
AOG4viPIeHSwrqjkwrsduqOBp9dWWIBqPdS3KABc5yrseAFy5rAMMD/3GqmocO3H
JnRAzdLYuWDRcTO4joFIFBxJEscDZF5ryaoUGRAE7KkgnMXSb0j6SwhuVH4ZUYj7
SbIxDUd11o7p2fgUjo7gnLPeomviRVQrY7QdfIK64nZBY+X8YizHkmW9NNfuPXFy
ZzxjQ4w+BTJsKYFiPScNf/FTFJcgXLmEQIEnDAWgGpFwrVcq7oiQM3LKvBMy2a86
AObqmXPLJvQG0I2UA1xBSo8t6Z+iKNvBto6/XOAVAi3EljK5RiYb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org