Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/3aGFkXTC-_-H1CwJEzdNPymd5HA.roa
File:                     3aGFkXTC-_-H1CwJEzdNPymd5HA.roa (raw, json)
Hash identifier:          KutCl0LCsDtYgFHjYZJcJApYkzK7zpbFZUpDDGwGb2M=
Subject key identifier:   DD:A1:85:91:74:C2:FB:FF:87:D4:2C:09:13:37:4D:3F:29:9D:E4:70
Certificate issuer:       /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial:       018B9483053CD4C9F1DAD5888B7305499E1B
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/3aGFkXTC-_-H1CwJEzdNPymd5HA.roa
Signing time:             Fri 03 Nov 2023 09:28:16 +0000
ROA not before:           Fri 03 Nov 2023 09:28:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        31.41.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:94:83:05:3c:d4:c9:f1:da:d5:88:8b:73:05:49:9e:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
        Validity
            Not Before: Nov  3 09:28:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dda1859174c2fbff87d42c0913374d3f299de470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:aa:21:95:f2:9c:cf:4d:ba:7b:2c:54:32:75:
                    a8:e7:62:ba:24:b8:fa:b2:e2:c2:e1:ec:95:d6:0d:
                    e4:a4:53:6f:12:a2:54:64:c3:45:18:3a:6c:64:05:
                    ee:65:31:70:8d:f3:a1:aa:78:22:42:27:8f:98:97:
                    c7:3a:41:de:e7:5e:97:0b:2a:16:f7:26:d1:86:0c:
                    5d:54:b3:b6:19:04:13:96:13:e0:17:02:3a:50:60:
                    c2:e8:3c:26:0e:74:3b:d9:5a:6d:2b:12:95:1a:d1:
                    50:60:6d:e9:91:8d:85:9f:6f:a7:18:92:79:53:a4:
                    70:5d:47:99:53:52:af:d2:67:0a:9b:50:c4:cf:54:
                    6a:23:50:ee:ad:af:59:c2:b7:84:a7:e4:f0:03:81:
                    c6:47:41:a2:77:0e:d2:d1:cb:40:63:11:ff:75:5e:
                    19:0c:09:14:a3:c4:1d:f7:df:bd:ee:97:f0:6c:b0:
                    c3:14:30:eb:02:4d:c6:6d:e3:f3:68:03:3e:66:4f:
                    d7:2f:60:45:e9:c8:ac:92:00:80:14:ab:02:2b:ed:
                    ac:18:2b:34:9e:c2:19:6b:f4:8d:85:8a:d6:0e:5f:
                    a4:db:73:3f:9d:63:e8:ec:c2:29:c0:8f:73:fc:0f:
                    20:6a:22:4d:67:c3:cd:cc:aa:4f:c9:3b:52:02:bf:
                    4e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:A1:85:91:74:C2:FB:FF:87:D4:2C:09:13:37:4D:3F:29:9D:E4:70
            X509v3 Authority Key Identifier:
                keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/3aGFkXTC-_-H1CwJEzdNPymd5HA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:80:58:60:b7:84:27:94:5b:81:f8:4d:b9:59:74:cf:3c:eb:
         cb:a7:e3:fd:ce:f1:bb:22:cb:2b:60:82:ba:89:bc:31:cc:8c:
         5f:60:2b:9a:06:39:ec:49:8a:50:00:85:6d:73:d8:8c:43:ac:
         55:cd:d6:0c:8f:de:43:b0:b0:32:76:43:2a:97:de:cb:68:ee:
         d4:d8:54:cd:1f:72:69:c7:86:c5:b2:83:43:7a:23:9e:ca:b0:
         74:2a:38:24:c7:aa:69:e3:f0:78:02:59:1b:8b:46:dd:dd:c7:
         ea:e6:67:96:ba:1a:db:6a:19:4c:eb:08:40:80:0e:5f:87:c4:
         57:a0:d6:ed:b4:c6:c8:dc:c5:bc:55:df:c8:79:dc:0e:6e:6b:
         e8:da:9f:51:27:37:de:2a:dd:17:5f:0e:8b:da:e9:1f:50:4c:
         9d:d4:ee:30:9f:fd:87:80:a4:76:ce:2c:63:6e:a2:66:54:dd:
         2d:84:43:01:bc:25:5e:80:af:40:05:96:f6:00:6a:1f:f2:fa:
         2f:87:75:13:2e:37:96:44:f8:06:4a:b9:59:ab:6d:d7:4f:e4:
         0f:57:58:b7:0f:33:33:7e:cf:2e:d6:3d:d2:21:ae:3e:81:e4:
         9c:ed:a1:c1:44:85:7b:eb:c6:1d:f8:d5:6d:ba:d0:dc:48:c0:
         e4:b3:ec:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuUgwU81Mnx2tWIi3MFSZ4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjMxMTAzMDkyODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGExODU5MTc0YzJmYmZmODdkNDJjMDkxMzM3NGQzZjI5OWRlNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6ohlfKcz026eyxUMnWo52K6JLj6
suLC4eyV1g3kpFNvEqJUZMNFGDpsZAXuZTFwjfOhqngiQiePmJfHOkHe516XCyoW
9ybRhgxdVLO2GQQTlhPgFwI6UGDC6DwmDnQ72VptKxKVGtFQYG3pkY2Fn2+nGJJ5
U6RwXUeZU1Kv0mcKm1DEz1RqI1Dura9ZwreEp+TwA4HGR0Gidw7S0ctAYxH/dV4Z
DAkUo8Qd99+97pfwbLDDFDDrAk3GbePzaAM+Zk/XL2BF6ciskgCAFKsCK+2sGCs0
nsIZa/SNhYrWDl+k23M/nWPo7MIpwI9z/A8gaiJNZ8PNzKpPyTtSAr9ORwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2hhZF0wvv/h9QsCRM3TT8pneRwMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvM2FHRmtYVEMtXy1IMUN3SkV6ZE5QeW1kNUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyn4MA0G
CSqGSIb3DQEBCwUAA4IBAQAjgFhgt4QnlFuB+E25WXTPPOvLp+P9zvG7IssrYIK6
ibwxzIxfYCuaBjnsSYpQAIVtc9iMQ6xVzdYMj95DsLAydkMql97LaO7U2FTNH3Jp
x4bFsoNDeiOeyrB0Kjgkx6pp4/B4Alkbi0bd3cfq5meWuhrbahlM6whAgA5fh8RX
oNbttMbI3MW8Vd/IedwObmvo2p9RJzfeKt0XXw6L2ukfUEyd1O4wn/2HgKR2zixj
bqJmVN0thEMBvCVegK9ABZb2AGof8vovh3UTLjeWRPgGSrlZq23XT+QPV1i3DzMz
fs8u1j3SIa4+geSc7aHBRIV768Yd+NVtutDcSMDks+w3
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:15 2024 by rpki-client on console-ams.rpki-client.org