Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/O31W-5L-NhX2dVfRqlBcLIN7ong.roa
File:                     O31W-5L-NhX2dVfRqlBcLIN7ong.roa (raw, json)
Hash identifier:          nUAb36ru/AmvXCi4PUv8ZD5MgjwfpaLNsdHl+J78VnA=
Subject key identifier:   3B:7D:56:FB:92:FE:36:15:F6:75:57:D1:AA:50:5C:2C:83:7B:A2:78
Certificate issuer:       /CN=09fbb3ed2f029c4bacc6ea2c4c7f4c1cd6e80e79
Certificate serial:       01856F302A4731282A26DD96EBACE472F39D
Authority key identifier: 09:FB:B3:ED:2F:02:9C:4B:AC:C6:EA:2C:4C:7F:4C:1C:D6:E8:0E:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/O31W-5L-NhX2dVfRqlBcLIN7ong.roa
Signing time:             Sun 01 Jan 2023 21:15:05 +0000
ROA not before:           Sun 01 Jan 2023 21:15:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212062
IP address blocks:        195.244.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:2a:47:31:28:2a:26:dd:96:eb:ac:e4:72:f3:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09fbb3ed2f029c4bacc6ea2c4c7f4c1cd6e80e79
        Validity
            Not Before: Jan  1 21:15:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b7d56fb92fe3615f67557d1aa505c2c837ba278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:09:dc:be:95:f2:b8:8c:79:3d:e9:6b:e1:0c:
                    a9:05:53:08:9b:71:4b:b4:02:24:8d:4f:3e:08:b7:
                    35:e9:1b:6b:6b:0a:ca:58:11:f4:de:e4:c0:0a:3d:
                    c0:9e:ab:65:10:99:e1:1e:80:74:7b:1b:b0:75:7f:
                    2c:ad:de:b5:90:e1:d7:9b:ef:bd:0c:6f:87:d8:99:
                    5d:dc:85:64:b0:ce:81:13:2e:74:ba:82:1c:07:c1:
                    21:7c:b9:0a:17:ef:d8:80:8b:5d:3c:4e:db:94:18:
                    d4:54:b2:2a:63:77:6a:70:f0:34:b9:ed:02:92:83:
                    b5:7e:d7:b4:28:ee:f5:73:d3:72:93:1f:ea:4f:8c:
                    83:7d:ef:80:34:c4:42:d4:b5:7a:a1:26:14:33:6b:
                    e4:5e:d3:8d:03:72:9d:b5:8b:e9:21:02:fe:8e:f9:
                    41:bc:43:01:8d:35:c7:72:ad:e7:b0:ac:cb:7e:9a:
                    77:24:07:59:1d:42:93:d8:d4:13:a0:ac:97:4a:f7:
                    99:1d:38:11:4b:f7:45:ff:99:81:33:11:a9:60:c7:
                    fa:ef:76:de:cb:00:f4:d2:fa:71:83:3c:4f:4a:f0:
                    68:06:d8:b7:be:20:d8:f7:ad:3d:7c:a4:80:40:df:
                    b6:25:d3:46:3d:d7:dc:00:0f:43:22:97:ef:49:93:
                    ea:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:7D:56:FB:92:FE:36:15:F6:75:57:D1:AA:50:5C:2C:83:7B:A2:78
            X509v3 Authority Key Identifier:
                keyid:09:FB:B3:ED:2F:02:9C:4B:AC:C6:EA:2C:4C:7F:4C:1C:D6:E8:0E:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/O31W-5L-NhX2dVfRqlBcLIN7ong.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.244.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:ba:2a:46:ef:29:9a:80:20:f9:8f:2d:89:21:da:63:84:00:
         f5:3c:f3:98:80:e7:f6:fd:1a:78:97:2b:1a:9a:a8:74:3f:cb:
         d5:5c:93:40:c7:6f:54:38:88:43:14:4b:6b:26:ea:bd:c2:c6:
         9a:e3:54:ca:f9:f5:16:74:bb:4d:fc:62:15:a0:26:1e:d1:8a:
         f8:d4:cd:c2:b5:7f:77:a9:48:e2:93:c1:f6:e9:00:2d:90:25:
         23:2f:21:1d:c4:b9:29:10:21:3f:8e:4f:cb:c6:bb:ba:17:44:
         3a:59:52:6e:db:b4:95:9e:7d:af:1f:39:d2:cd:f8:be:c0:e3:
         18:18:52:f5:de:bd:73:d1:9d:35:e9:9a:e7:eb:7c:e3:c2:1f:
         fd:91:20:a6:6f:0b:f0:83:d9:d3:31:64:4d:7f:23:72:cc:52:
         ca:fc:b1:ae:bc:01:8e:0f:c9:69:05:2f:87:82:01:3a:37:46:
         85:b7:46:11:c3:0e:1a:63:7e:ba:b7:92:55:9e:32:33:62:86:
         ec:18:fb:e0:46:4e:ac:12:d2:3d:73:d4:e4:be:41:b6:8e:09:
         8b:10:3a:c7:5c:4f:10:9f:b9:3c:73:b4:93:32:76:13:33:1d:
         7a:20:06:f4:16:14:d7:f2:ff:67:ff:02:6d:19:f7:c1:11:8e:
         0a:70:63:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMCpHMSgqJt2W66zkcvOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmJiM2VkMmYwMjljNGJhY2M2ZWEyYzRjN2Y0YzFjZDZl
ODBlNzkwHhcNMjMwMTAxMjExNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdkNTZmYjkyZmUzNjE1ZjY3NTU3ZDFhYTUwNWMyYzgzN2JhMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAncvpXyuIx5Pelr4QypBVMIm3FL
tAIkjU8+CLc16RtrawrKWBH03uTACj3AnqtlEJnhHoB0exuwdX8srd61kOHXm++9
DG+H2Jld3IVksM6BEy50uoIcB8EhfLkKF+/YgItdPE7blBjUVLIqY3dqcPA0ue0C
koO1fte0KO71c9Nykx/qT4yDfe+ANMRC1LV6oSYUM2vkXtONA3KdtYvpIQL+jvlB
vEMBjTXHcq3nsKzLfpp3JAdZHUKT2NQToKyXSveZHTgRS/dF/5mBMxGpYMf673be
ywD00vpxgzxPSvBoBti3viDY9609fKSAQN+2JdNGPdfcAA9DIpfvSZPqKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDt9VvuS/jYV9nVX0apQXCyDe6J4MB8GA1UdIwQY
MBaAFAn7s+0vApxLrMbqLEx/TBzW6A55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZDViY2YtMmRiOS00YWZhLWIwMDAt
ODIyOTUzZjhjZjc3LzEvTzMxVy01TC1OaFgyZFZmUnFsQmNMSU43b25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZDViY2YtMmRiOS00YWZhLWIwMDAtODIyOTUzZjhjZjc3
LzEvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/QNMA0G
CSqGSIb3DQEBCwUAA4IBAQAJuipG7ymagCD5jy2JIdpjhAD1PPOYgOf2/Rp4lysa
mqh0P8vVXJNAx29UOIhDFEtrJuq9wsaa41TK+fUWdLtN/GIVoCYe0Yr41M3CtX93
qUjik8H26QAtkCUjLyEdxLkpECE/jk/Lxru6F0Q6WVJu27SVnn2vHznSzfi+wOMY
GFL13r1z0Z016Zrn63zjwh/9kSCmbwvwg9nTMWRNfyNyzFLK/LGuvAGOD8lpBS+H
ggE6N0aFt0YRww4aY366t5JVnjIzYobsGPvgRk6sEtI9c9TkvkG2jgmLEDrHXE8Q
n7k8c7STMnYTMx16IAb0FhTX8v9n/wJtGffBEY4KcGN4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:30 2024 by rpki-client on console-fra.rpki-client.org