Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/NkqFGZWAUS1W349fWa0XHGtKtTw.roa
File:                     NkqFGZWAUS1W349fWa0XHGtKtTw.roa (raw, json)
Hash identifier:          yBQoOHwYOsAB9moG9cOOSB8NuVStMzyrnx+PXzUIbXU=
Subject key identifier:   36:4A:85:19:95:80:51:2D:56:DF:8F:5F:59:AD:17:1C:6B:4A:B5:3C
Certificate issuer:       /CN=b85eadc2ec70b30fa4225ed7fcd5730f0c7bc616
Certificate serial:       018C2104BF30EC8DED1734D29551C88CD16A
Authority key identifier: B8:5E:AD:C2:EC:70:B3:0F:A4:22:5E:D7:FC:D5:73:0F:0C:7B:C6:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/NkqFGZWAUS1W349fWa0XHGtKtTw.roa
Signing time:             Thu 30 Nov 2023 16:16:48 +0000
ROA not before:           Thu 30 Nov 2023 16:16:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203008
IP address blocks:        31.42.58.0/23 maxlen: 23
                          31.128.246.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:21:04:bf:30:ec:8d:ed:17:34:d2:95:51:c8:8c:d1:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b85eadc2ec70b30fa4225ed7fcd5730f0c7bc616
        Validity
            Not Before: Nov 30 16:16:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=364a85199580512d56df8f5f59ad171c6b4ab53c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f4:3f:ac:3c:d2:17:be:8d:8c:9b:45:e9:57:
                    05:e8:b8:7e:e2:91:94:ab:b2:78:e6:c9:d1:7a:80:
                    b7:3b:54:98:53:a7:c8:8d:37:36:f8:d4:98:fc:ed:
                    ac:a6:55:3f:78:a6:f0:d2:76:de:8d:f3:0f:92:27:
                    5f:45:d3:da:3a:55:89:fe:42:86:67:e9:ad:d8:ce:
                    2e:b9:de:d3:5c:03:38:85:76:e7:db:79:7c:2d:1b:
                    70:c0:02:95:b7:9c:ac:15:b0:2c:20:ff:2d:70:ac:
                    9a:1d:32:e6:50:a9:ee:3f:5d:54:7a:5e:80:38:14:
                    82:ca:72:32:48:ae:76:6a:52:7e:36:ba:16:f6:87:
                    4f:8c:3b:16:94:ec:a2:6e:b0:c8:38:a5:96:26:6c:
                    18:a3:a1:b2:33:d7:0f:cf:fe:b2:c8:fd:53:d4:73:
                    f1:ab:37:f4:63:89:52:a7:de:5d:bb:a4:c2:b6:c5:
                    78:ec:36:52:89:53:64:84:54:34:b5:c0:4c:99:b5:
                    4d:e1:d6:f2:41:9f:12:2a:b8:19:1c:fa:80:86:0c:
                    62:4f:90:a3:bc:da:72:d9:f7:77:84:37:b2:66:a5:
                    21:35:0f:83:7e:9d:2a:20:e4:87:43:40:2d:ef:a2:
                    59:1a:d3:e4:73:54:7b:68:b3:22:d0:af:d0:f4:d0:
                    d4:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:4A:85:19:95:80:51:2D:56:DF:8F:5F:59:AD:17:1C:6B:4A:B5:3C
            X509v3 Authority Key Identifier:
                keyid:B8:5E:AD:C2:EC:70:B3:0F:A4:22:5E:D7:FC:D5:73:0F:0C:7B:C6:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/NkqFGZWAUS1W349fWa0XHGtKtTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/uF6twuxwsw-kIl7X_NVzDwx7xhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.58.0/23
                  31.128.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:15:7a:e8:25:11:89:19:04:7a:64:58:4c:d1:92:49:25:a6:
         60:9a:1e:66:c7:b3:5d:62:d5:32:34:02:11:a3:98:57:8d:79:
         31:33:ba:76:b6:a1:c6:44:be:0d:b5:7c:22:84:c6:88:ae:d5:
         2b:fa:9b:5b:b2:ca:e2:d3:68:56:58:a8:f4:78:3d:d2:fe:29:
         9e:77:36:8c:07:32:de:88:84:d6:d4:be:81:01:f4:c3:da:cb:
         06:b0:8f:22:de:b8:04:f4:2f:15:2e:e3:a6:76:38:2b:8d:40:
         aa:cf:65:7c:1f:27:24:58:d8:0b:81:3b:e4:d3:a9:1c:5a:d7:
         4b:7b:68:c8:2c:24:c8:27:db:fa:32:14:41:b5:56:ea:3a:58:
         a0:26:d8:18:7c:af:f3:7c:52:9f:3b:95:90:d5:43:73:b2:58:
         6b:ea:7d:b8:7c:1c:6d:7c:d4:81:48:32:9c:bd:10:f6:70:d6:
         1a:66:c2:c8:12:a7:da:e8:56:00:14:61:f3:53:22:73:f9:07:
         b2:53:14:b1:6e:a5:8d:9c:f8:2d:93:ee:05:0c:0b:72:a3:5e:
         2b:17:f9:ea:11:ab:70:fd:34:10:98:5f:40:17:da:7c:bf:8b:
         11:3c:be:56:e7:43:1c:92:69:8d:57:53:77:2c:79:7d:a5:70:
         5b:56:ef:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwhBL8w7I3tFzTSlVHIjNFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWVhZGMyZWM3MGIzMGZhNDIyNWVkN2ZjZDU3MzBmMGM3
YmM2MTYwHhcNMjMxMTMwMTYxNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRhODUxOTk1ODA1MTJkNTZkZjhmNWY1OWFkMTcxYzZiNGFiNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PQ/rDzSF76NjJtF6VcF6Lh+4pGU
q7J45snReoC3O1SYU6fIjTc2+NSY/O2splU/eKbw0nbejfMPkidfRdPaOlWJ/kKG
Z+mt2M4uud7TXAM4hXbn23l8LRtwwAKVt5ysFbAsIP8tcKyaHTLmUKnuP11Uel6A
OBSCynIySK52alJ+NroW9odPjDsWlOyibrDIOKWWJmwYo6GyM9cPz/6yyP1T1HPx
qzf0Y4lSp95du6TCtsV47DZSiVNkhFQ0tcBMmbVN4dbyQZ8SKrgZHPqAhgxiT5Cj
vNpy2fd3hDeyZqUhNQ+Dfp0qIOSHQ0At76JZGtPkc1R7aLMi0K/Q9NDUFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDZKhRmVgFEtVt+PX1mtFxxrSrU8MB8GA1UdIwQY
MBaAFLhercLscLMPpCJe1/zVcw8Me8YWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUY2dHd1eHdzdy1rSWw3WF9OVnpEd3g3eGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMDdiMTgtMTlkNy00MWYyLWFmNmIt
YmM3YTIwOGE1ZTJlLzEvTmtxRkdaV0FVUzFXMzQ5ZldhMFhIR3RLdFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMDdiMTgtMTlkNy00MWYyLWFmNmItYmM3YTIwOGE1ZTJl
LzEvdUY2dHd1eHdzdy1rSWw3WF9OVnpEd3g3eGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHyo6AwQB
H4D2MA0GCSqGSIb3DQEBCwUAA4IBAQCEFXroJRGJGQR6ZFhM0ZJJJaZgmh5mx7Nd
YtUyNAIRo5hXjXkxM7p2tqHGRL4NtXwihMaIrtUr+ptbssri02hWWKj0eD3S/ime
dzaMBzLeiITW1L6BAfTD2ssGsI8i3rgE9C8VLuOmdjgrjUCqz2V8HyckWNgLgTvk
06kcWtdLe2jILCTIJ9v6MhRBtVbqOligJtgYfK/zfFKfO5WQ1UNzslhr6n24fBxt
fNSBSDKcvRD2cNYaZsLIEqfa6FYAFGHzUyJz+QeyUxSxbqWNnPgtk+4FDAtyo14r
F/nqEatw/TQQmF9AF9p8v4sRPL5W50MckmmNV1N3LHl9pXBbVu+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:42 2024 by rpki-client on console-ams.rpki-client.org