Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/NBfjzj6mHyaNbcGNF5Fy3Z4_HDc.roa
File:                     NBfjzj6mHyaNbcGNF5Fy3Z4_HDc.roa (raw, json)
Hash identifier:          7b+3hH5lgtBkUkK1SHLnwIcYTdti5ZGOB/F/guTcO7A=
Subject key identifier:   34:17:E3:CE:3E:A6:1F:26:8D:6D:C1:8D:17:91:72:DD:9E:3F:1C:37
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       018963F167156A174EC7C63DDDDCC9B9A0DD
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/NBfjzj6mHyaNbcGNF5Fy3Z4_HDc.roa
Signing time:             Mon 17 Jul 2023 13:01:52 +0000
ROA not before:           Mon 17 Jul 2023 13:01:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        193.31.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:63:f1:67:15:6a:17:4e:c7:c6:3d:dd:dc:c9:b9:a0:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Jul 17 13:01:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3417e3ce3ea61f268d6dc18d179172dd9e3f1c37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3e:87:0d:79:ec:77:8e:59:ff:02:6f:db:78:
                    45:05:47:30:3c:ec:b5:37:2e:d3:5c:a2:20:f7:9e:
                    12:8d:97:37:68:3c:da:b6:1a:28:6f:d2:ac:ca:f6:
                    7b:d9:dc:06:3d:f0:5d:23:00:77:d2:31:9f:fc:ad:
                    0e:d5:6e:fc:de:90:b6:cc:ef:12:e4:12:50:b4:57:
                    27:91:88:fe:58:95:7c:64:d7:0f:84:8c:dd:e1:02:
                    13:49:4d:11:b9:b4:8b:89:bd:7b:95:e4:1d:ab:58:
                    79:e4:c5:85:32:14:44:22:64:79:80:ac:5f:8e:a8:
                    23:d6:40:12:b8:9c:fc:51:db:e5:fe:14:a0:ed:c8:
                    20:9d:f5:59:32:83:c5:54:5a:d2:2b:46:66:59:3a:
                    de:84:77:7f:38:f6:85:84:34:a8:ff:50:37:07:d2:
                    f6:9c:0c:7b:4a:d4:36:3c:6b:a7:ec:b9:4d:e7:8c:
                    7f:47:1f:46:c9:50:a2:7d:a8:7c:07:03:4e:22:7f:
                    70:65:a8:90:07:93:fd:92:69:b5:f4:aa:2b:6f:d9:
                    a8:f8:a0:77:30:32:82:db:2c:c7:89:61:6c:c1:b9:
                    00:a8:a3:8f:73:32:46:94:31:43:a0:81:c6:d7:70:
                    50:2c:37:0c:e4:0b:6a:31:79:3a:20:8f:70:f0:47:
                    18:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:17:E3:CE:3E:A6:1F:26:8D:6D:C1:8D:17:91:72:DD:9E:3F:1C:37
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/NBfjzj6mHyaNbcGNF5Fy3Z4_HDc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:3e:3f:5f:72:d0:c9:6a:62:9b:b4:47:1e:f2:07:ae:24:23:
         68:69:7a:f1:aa:f9:20:c3:a4:39:d8:78:1b:7b:6a:49:16:3d:
         c4:71:85:3f:4d:b1:61:90:4b:d1:de:7c:76:95:63:7d:73:75:
         c6:bc:e0:3f:cd:a6:06:72:10:4e:bd:90:8c:e6:17:78:3e:06:
         0b:5c:c3:3a:92:77:51:88:40:cc:c5:2a:9b:aa:94:91:0c:3b:
         ff:7c:56:aa:0d:e7:4a:06:b7:9a:17:18:73:f9:67:b8:e2:9d:
         70:d2:a4:dd:15:67:10:b2:17:97:9f:95:5f:06:b5:0d:e6:f7:
         31:d4:81:09:33:2d:b6:7e:74:ae:d4:d4:0d:8e:60:50:bc:1c:
         e9:cd:4d:4b:90:af:cd:04:73:e5:64:b5:7f:a1:ba:b4:2b:85:
         82:e9:e8:8c:51:aa:eb:1a:dd:c7:ae:0c:c1:09:5e:07:9d:be:
         f4:aa:68:d7:d2:6a:6c:c6:01:d1:11:03:92:8e:a5:3a:39:85:
         93:95:c5:39:08:4c:8e:18:a0:4b:a2:32:ea:84:fe:7d:4e:31:
         f5:dd:ac:f4:bc:ee:55:ba:d0:81:35:99:d0:ad:6c:b5:84:e6:
         db:57:82:b0:28:be:40:9f:b4:83:ff:8f:63:5c:6e:16:37:fd:
         4e:3b:84:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlj8WcVahdOx8Y93dzJuaDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjMwNzE3MTMwMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE3ZTNjZTNlYTYxZjI2OGQ2ZGMxOGQxNzkxNzJkZDllM2YxYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT6HDXnsd45Z/wJv23hFBUcwPOy1
Ny7TXKIg954SjZc3aDzathoob9KsyvZ72dwGPfBdIwB30jGf/K0O1W783pC2zO8S
5BJQtFcnkYj+WJV8ZNcPhIzd4QITSU0RubSLib17leQdq1h55MWFMhREImR5gKxf
jqgj1kASuJz8Udvl/hSg7cggnfVZMoPFVFrSK0ZmWTrehHd/OPaFhDSo/1A3B9L2
nAx7StQ2PGun7LlN54x/Rx9GyVCifah8BwNOIn9wZaiQB5P9kmm19Korb9mo+KB3
MDKC2yzHiWFswbkAqKOPczJGlDFDoIHG13BQLDcM5AtqMXk6II9w8EcY+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQX484+ph8mjW3BjReRct2ePxw3MB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvTkJmanpqNm1IeWFOYmNHTkY1RnkzWjRfSERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR88MA0G
CSqGSIb3DQEBCwUAA4IBAQAjPj9fctDJamKbtEce8geuJCNoaXrxqvkgw6Q52Hgb
e2pJFj3EcYU/TbFhkEvR3nx2lWN9c3XGvOA/zaYGchBOvZCM5hd4PgYLXMM6kndR
iEDMxSqbqpSRDDv/fFaqDedKBreaFxhz+We44p1w0qTdFWcQsheXn5VfBrUN5vcx
1IEJMy22fnSu1NQNjmBQvBzpzU1LkK/NBHPlZLV/obq0K4WC6eiMUarrGt3HrgzB
CV4Hnb70qmjX0mpsxgHREQOSjqU6OYWTlcU5CEyOGKBLojLqhP59TjH13az0vO5V
utCBNZnQrWy1hObbV4KwKL5An7SD/49jXG4WN/1OO4TM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org