Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/TIyr6mzQn_S02pWhmp4DtZxd3f8.roa
File:                     TIyr6mzQn_S02pWhmp4DtZxd3f8.roa (raw, json)
Hash identifier:          kO5cmC+CqR/3kHzp6ov1CEOXOgiGKs5BsEn9MPLH54M=
Subject key identifier:   4C:8C:AB:EA:6C:D0:9F:F4:B4:DA:95:A1:9A:9E:03:B5:9C:5D:DD:FF
Certificate issuer:       /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial:       01856F5DF41401111F614C9FC297256A179E
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/TIyr6mzQn_S02pWhmp4DtZxd3f8.roa
Signing time:             Sun 01 Jan 2023 22:05:06 +0000
ROA not before:           Sun 01 Jan 2023 22:05:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34929
IP address blocks:        31.7.83.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:f4:14:01:11:1f:61:4c:9f:c2:97:25:6a:17:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
        Validity
            Not Before: Jan  1 22:05:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c8cabea6cd09ff4b4da95a19a9e03b59c5dddff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:46:91:39:ce:db:bb:39:79:24:b5:ec:69:b4:
                    85:c9:be:b9:82:9a:3b:c6:2d:a6:89:ce:92:c3:c4:
                    c5:11:3d:cf:a4:f0:e7:fc:50:7f:9d:cc:8c:06:d2:
                    d1:08:a6:b9:cc:ec:b0:1b:ea:00:28:5e:2a:58:f5:
                    e1:59:21:42:aa:78:a3:f1:9a:3a:99:79:16:db:f2:
                    fa:81:0a:d6:bf:25:a6:92:b0:cb:a6:a3:39:00:83:
                    13:cf:f4:57:53:36:dd:47:0c:72:86:52:f1:47:06:
                    c5:df:5c:b6:36:d2:41:d3:22:45:37:f1:ef:a2:c7:
                    09:eb:21:8e:ce:1c:77:56:ca:60:40:d9:0e:88:3c:
                    e9:1b:c9:b9:05:b7:da:81:14:c4:f9:11:26:65:8e:
                    2f:36:d0:88:bf:91:99:d8:61:f9:ec:ae:69:66:fe:
                    d0:69:70:1c:98:16:49:9b:f3:58:6b:00:6b:ad:66:
                    f6:fd:38:96:e2:dd:2f:24:74:94:57:ae:a0:68:f0:
                    7b:b2:5a:3e:d5:1a:b5:33:b2:a0:8d:15:e6:9f:c1:
                    5e:10:54:dd:74:89:28:21:cc:48:8a:f2:df:ee:bc:
                    b4:f3:fd:a6:e9:6b:09:4c:e1:e5:b9:c5:18:3c:fe:
                    ed:b0:54:6b:0f:21:85:43:43:72:e5:94:2a:1d:f2:
                    50:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:8C:AB:EA:6C:D0:9F:F4:B4:DA:95:A1:9A:9E:03:B5:9C:5D:DD:FF
            X509v3 Authority Key Identifier:
                keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/TIyr6mzQn_S02pWhmp4DtZxd3f8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:73:4a:a7:84:5e:c2:d4:31:74:28:c0:4e:fe:f9:9a:fa:8e:
         95:c5:d5:88:b2:52:8a:0c:0e:9a:b7:91:1c:ec:43:19:a4:f8:
         91:3e:a7:d5:12:e9:86:6c:c4:04:9c:9c:78:c9:90:65:7d:50:
         df:4e:f7:19:93:3e:76:ca:fc:4d:a1:8b:57:a3:71:a2:68:0b:
         b6:13:7e:e6:37:03:a8:64:c2:5d:72:53:86:a6:3e:df:fd:71:
         8d:a0:bb:66:7d:0c:32:b2:07:ee:c2:81:9a:3b:c0:05:8d:81:
         de:11:11:a2:f0:0d:f1:16:3e:36:ef:30:9c:41:a8:be:b7:d1:
         a8:e0:bb:16:c5:74:74:a2:78:24:53:25:70:54:5a:9b:f0:e6:
         92:b1:05:b8:63:ca:c1:56:ed:a7:15:de:33:84:e5:dc:4f:83:
         b9:91:ad:52:94:3f:17:49:ba:3a:e8:23:b3:1e:83:6f:59:f7:
         84:6b:fa:78:04:37:d8:56:16:4f:c4:1a:19:5b:be:f2:90:81:
         90:7c:f9:01:06:38:53:84:43:96:33:fb:24:ee:98:ce:65:bc:
         f7:93:d4:a5:af:1a:23:71:b8:23:80:02:0a:4b:67:c9:32:f0:
         b6:53:86:57:0d:a4:e1:73:b9:15:69:b5:8a:eb:83:e7:f8:7b:
         c7:d6:27:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXfQUAREfYUyfwpclaheeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhjYWJlYTZjZDA5ZmY0YjRkYTk1YTE5YTllMDNiNTljNWRkZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EaROc7buzl5JLXsabSFyb65gpo7
xi2mic6Sw8TFET3PpPDn/FB/ncyMBtLRCKa5zOywG+oAKF4qWPXhWSFCqnij8Zo6
mXkW2/L6gQrWvyWmkrDLpqM5AIMTz/RXUzbdRwxyhlLxRwbF31y2NtJB0yJFN/Hv
oscJ6yGOzhx3VspgQNkOiDzpG8m5BbfagRTE+REmZY4vNtCIv5GZ2GH57K5pZv7Q
aXAcmBZJm/NYawBrrWb2/TiW4t0vJHSUV66gaPB7slo+1Rq1M7KgjRXmn8FeEFTd
dIkoIcxIivLf7ry08/2m6WsJTOHlucUYPP7tsFRrDyGFQ0Ny5ZQqHfJQVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyMq+ps0J/0tNqVoZqeA7WcXd3/MB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvVEl5cjZtelFuX1MwMnBXaG1wNER0WnhkM2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwdTMA0G
CSqGSIb3DQEBCwUAA4IBAQBxc0qnhF7C1DF0KMBO/vma+o6VxdWIslKKDA6at5Ec
7EMZpPiRPqfVEumGbMQEnJx4yZBlfVDfTvcZkz52yvxNoYtXo3GiaAu2E37mNwOo
ZMJdclOGpj7f/XGNoLtmfQwysgfuwoGaO8AFjYHeERGi8A3xFj427zCcQai+t9Go
4LsWxXR0ongkUyVwVFqb8OaSsQW4Y8rBVu2nFd4zhOXcT4O5ka1SlD8XSbo66COz
HoNvWfeEa/p4BDfYVhZPxBoZW77ykIGQfPkBBjhThEOWM/sk7pjOZbz3k9Slrxoj
cbgjgAIKS2fJMvC2U4ZXDaThc7kVabWK64Pn+HvH1idE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org