Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/2jR4qzyZsCWqzcwMLtgUauTbtnA.roa
File:                     2jR4qzyZsCWqzcwMLtgUauTbtnA.roa (raw, json)
Hash identifier:          fGaT68mr56U4Dib6bBKWS/xD6T6MdVAFkrvKZQzkNt8=
Subject key identifier:   DA:34:78:AB:3C:99:B0:25:AA:CD:CC:0C:2E:D8:14:6A:E4:DB:B6:70
Certificate issuer:       /CN=d5f065c8bdb78ff294f7c5454971dbfabfb6c184
Certificate serial:       018800C8A566498123E18F65343CCEE71A94
Authority key identifier: D5:F0:65:C8:BD:B7:8F:F2:94:F7:C5:45:49:71:DB:FA:BF:B6:C1:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/2jR4qzyZsCWqzcwMLtgUauTbtnA.roa
Signing time:             Tue 09 May 2023 13:52:09 +0000
ROA not before:           Tue 09 May 2023 13:52:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        193.178.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:00:c8:a5:66:49:81:23:e1:8f:65:34:3c:ce:e7:1a:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f065c8bdb78ff294f7c5454971dbfabfb6c184
        Validity
            Not Before: May  9 13:52:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da3478ab3c99b025aacdcc0c2ed8146ae4dbb670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:20:17:dd:da:20:9b:2a:d9:da:99:81:71:58:
                    d8:eb:d1:4c:e0:8a:c4:3e:c5:26:a2:89:fa:32:6d:
                    80:ea:d9:94:58:28:03:83:e5:31:0d:64:da:65:94:
                    ae:92:15:c4:38:55:25:19:97:3c:15:64:eb:c5:e4:
                    8a:9b:5e:25:c6:ac:53:6c:32:48:1f:6a:af:b4:03:
                    85:7e:e5:45:50:be:f1:03:bf:30:a0:6c:de:e4:65:
                    e4:d2:8e:d4:62:66:d4:54:81:15:ba:66:18:b3:87:
                    fa:04:e6:1c:2f:6d:4b:3e:51:a0:dc:d3:45:8e:d0:
                    91:dc:5e:7e:e2:78:68:70:4f:31:65:ed:3a:de:1f:
                    69:53:16:3a:f7:9b:a2:9c:99:dd:f5:6b:78:0b:cd:
                    1f:fa:3d:99:8c:61:a1:e6:ce:bd:7e:b8:60:f0:2b:
                    02:ed:9b:59:38:8e:0c:ac:9c:84:21:ca:52:43:7d:
                    3a:54:ce:00:33:c9:d3:e4:09:b4:37:8b:f6:d7:45:
                    b2:33:79:24:a4:0d:d7:b1:67:b4:c7:8f:03:8b:59:
                    24:06:f5:10:fc:55:09:e2:e0:e2:95:d7:b6:f0:ff:
                    5c:97:ce:29:f7:5c:7b:3b:e3:04:90:47:77:27:2d:
                    fa:e6:24:9d:ed:d8:e7:2e:5b:3b:68:4c:13:45:d2:
                    ff:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:34:78:AB:3C:99:B0:25:AA:CD:CC:0C:2E:D8:14:6A:E4:DB:B6:70
            X509v3 Authority Key Identifier:
                keyid:D5:F0:65:C8:BD:B7:8F:F2:94:F7:C5:45:49:71:DB:FA:BF:B6:C1:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/2jR4qzyZsCWqzcwMLtgUauTbtnA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1fBlyL23j_KU98VFSXHb-r-2wYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:79:14:53:6c:4e:d2:7f:93:0a:94:ed:94:3f:cf:24:36:66:
         05:69:a8:1b:6c:64:7b:df:db:04:61:82:99:d6:39:9f:86:c0:
         2d:ca:a7:ec:9f:ef:e1:4e:86:9c:99:0b:34:88:83:24:95:da:
         2d:7b:5f:31:a4:31:47:22:7f:4f:7d:d4:ce:b7:5b:78:b9:a6:
         3b:5b:8b:e7:08:14:43:cd:b5:6b:4e:b9:85:28:69:ff:e2:de:
         05:4b:af:53:f3:b9:07:f2:f1:d1:87:24:61:27:25:bb:85:a8:
         1d:4d:22:2c:81:44:f8:90:19:18:a1:99:88:2d:e8:28:d9:9e:
         0a:07:6d:90:34:9d:9e:a8:23:8d:81:9c:c6:f1:f1:d9:20:4e:
         39:b7:6e:dd:6b:b5:51:38:cc:5d:db:6e:d5:2f:2f:d3:0e:f8:
         b0:36:6b:4c:eb:2a:c7:74:23:db:df:9b:1d:aa:4b:7f:13:4d:
         ea:b6:be:dc:70:3c:25:f6:12:39:30:c7:af:16:81:24:42:56:
         b5:35:76:41:c7:0a:44:cd:03:78:bf:34:e9:07:8f:16:6f:28:
         81:96:7d:6f:e8:d5:ee:3e:cd:aa:a1:ca:6f:4f:4a:4e:90:fb:
         9e:12:9e:c6:54:3d:e7:19:2b:e6:0d:a3:4c:11:97:ae:b6:e3:
         4f:83:fc:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgAyKVmSYEj4Y9lNDzO5xqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjA2NWM4YmRiNzhmZjI5NGY3YzU0NTQ5NzFkYmZhYmZi
NmMxODQwHhcNMjMwNTA5MTM1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTM0NzhhYjNjOTliMDI1YWFjZGNjMGMyZWQ4MTQ2YWU0ZGJiNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSAX3dogmyrZ2pmBcVjY69FM4IrE
PsUmoon6Mm2A6tmUWCgDg+UxDWTaZZSukhXEOFUlGZc8FWTrxeSKm14lxqxTbDJI
H2qvtAOFfuVFUL7xA78woGze5GXk0o7UYmbUVIEVumYYs4f6BOYcL21LPlGg3NNF
jtCR3F5+4nhocE8xZe063h9pUxY695uinJnd9Wt4C80f+j2ZjGGh5s69frhg8CsC
7ZtZOI4MrJyEIcpSQ306VM4AM8nT5Am0N4v210WyM3kkpA3XsWe0x48Di1kkBvUQ
/FUJ4uDilde28P9cl84p91x7O+MEkEd3Jy365iSd7djnLls7aEwTRdL/UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNo0eKs8mbAlqs3MDC7YFGrk27ZwMB8GA1UdIwQY
MBaAFNXwZci9t4/ylPfFRUlx2/q/tsGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZCbHlMMjNqX0tVOThWRlNYSGItci0yd1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mMjc3ZWEtNzI2YS00MDUyLThlNWIt
MzVhNWRjMmM3OTJjLzEvMmpSNHF6eVpzQ1dxemN3TUx0Z1VhdVRidG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mMjc3ZWEtNzI2YS00MDUyLThlNWItMzVhNWRjMmM3OTJj
LzEvMWZCbHlMMjNqX0tVOThWRlNYSGItci0yd1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbIfMA0G
CSqGSIb3DQEBCwUAA4IBAQAxeRRTbE7Sf5MKlO2UP88kNmYFaagbbGR739sEYYKZ
1jmfhsAtyqfsn+/hToacmQs0iIMkldote18xpDFHIn9PfdTOt1t4uaY7W4vnCBRD
zbVrTrmFKGn/4t4FS69T87kH8vHRhyRhJyW7hagdTSIsgUT4kBkYoZmILego2Z4K
B22QNJ2eqCONgZzG8fHZIE45t27da7VROMxd227VLy/TDviwNmtM6yrHdCPb35sd
qkt/E03qtr7ccDwl9hI5MMevFoEkQla1NXZBxwpEzQN4vzTpB48WbyiBln1v6NXu
Ps2qocpvT0pOkPueEp7GVD3nGSvmDaNMEZeutuNPg/xY
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:29 2024 by rpki-client on console-fra.rpki-client.org