Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/bsQScNkj1k_5rUC4G7ezuaXjHDk.roa
File:                     bsQScNkj1k_5rUC4G7ezuaXjHDk.roa (raw, json)
Hash identifier:          K7ZaasE1hSitrmKoiO441Jm3YOarjBpmZrnBORi+7d0=
Subject key identifier:   6E:C4:12:70:D9:23:D6:4F:F9:AD:40:B8:1B:B7:B3:B9:A5:E3:1C:39
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0188058876834DBB56D8AF253641717CF687
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/bsQScNkj1k_5rUC4G7ezuaXjHDk.roa
Signing time:             Wed 10 May 2023 12:00:09 +0000
ROA not before:           Wed 10 May 2023 12:00:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        193.31.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jul 2023 13:50:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:05:88:76:83:4d:bb:56:d8:af:25:36:41:71:7c:f6:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: May 10 12:00:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ec41270d923d64ff9ad40b81bb7b3b9a5e31c39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:4a:fc:41:1b:a7:0a:51:47:68:a1:cc:aa:e3:
                    72:24:bc:f2:45:6a:b7:34:af:12:45:a3:5d:bc:b5:
                    61:c0:37:98:cd:31:16:5d:b9:89:4f:d4:9a:27:34:
                    23:0e:38:be:78:0d:26:05:df:a9:f6:03:c1:9d:65:
                    40:b1:c8:92:1a:34:69:45:c7:7b:1c:a2:03:3d:d8:
                    8e:fd:32:d2:d4:dc:0a:ec:1f:b5:19:a8:8d:7c:85:
                    46:b0:45:9f:6f:80:64:cc:64:ae:62:4b:f9:b0:d4:
                    d3:6f:6f:ad:49:2a:c6:a5:35:dc:1e:53:e5:68:95:
                    fc:d9:75:ba:69:b3:fa:78:b1:4d:88:84:7c:72:f1:
                    18:07:0f:8f:5b:55:80:e5:d5:54:5c:5b:24:f1:87:
                    b9:9e:ce:7b:f9:8a:ba:7b:5d:48:35:fb:f3:cf:a9:
                    92:90:60:9a:5d:b9:fc:ad:b0:c4:d1:5e:23:06:94:
                    c7:53:9e:62:78:31:1c:4f:21:4b:85:90:9d:5d:b0:
                    2b:36:46:9c:3e:56:41:97:a8:5c:14:8a:5f:fb:22:
                    22:d2:e8:ef:9f:20:16:a5:97:38:10:2a:5c:11:b8:
                    cc:a7:65:26:86:cb:1a:1d:84:ac:66:23:82:30:9d:
                    cb:e7:71:32:11:00:99:ac:93:bb:33:98:dc:ee:13:
                    f5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:C4:12:70:D9:23:D6:4F:F9:AD:40:B8:1B:B7:B3:B9:A5:E3:1C:39
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/bsQScNkj1k_5rUC4G7ezuaXjHDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:ab:a0:31:18:24:90:85:10:e1:f3:1b:7e:d2:bf:fb:7d:5e:
         c5:e4:69:33:aa:2d:fa:ff:ce:bd:29:3d:3d:80:e7:ea:dd:20:
         9b:ad:fd:08:3c:6c:17:2a:66:5c:e4:e3:b8:b4:f6:17:d5:75:
         64:fe:bc:2c:d7:a6:b0:fb:a0:0b:ad:71:3b:28:84:17:3e:a2:
         d9:ad:51:88:80:57:74:59:5a:ed:2d:e8:2f:c1:b4:88:cd:d9:
         54:f7:38:98:54:ea:f8:22:b8:32:be:23:11:88:72:67:4b:1f:
         73:ab:5b:92:4f:74:32:f4:98:91:3e:3f:73:8f:3c:91:88:b9:
         f4:86:97:0e:ea:c2:bd:13:3f:c2:97:46:94:99:c8:b1:fe:cb:
         fb:a5:53:fe:c6:3e:dc:ae:9f:cf:08:8f:42:a5:a1:77:11:d2:
         2e:c6:66:94:77:f4:fa:e5:b1:d1:77:d6:61:29:12:ec:e4:89:
         a0:84:85:43:43:9a:ab:d7:68:ba:08:3e:81:98:17:0e:7b:19:
         51:3d:4f:b6:97:04:e0:3c:06:89:10:f6:44:d4:43:98:a0:90:
         62:bb:2a:6f:50:68:ae:4a:0f:93:4d:b9:63:a4:5b:fc:aa:ea:
         74:a4:3b:ff:b1:a8:7c:bd:08:a4:be:45:d6:6b:3d:d8:10:be:
         77:03:7f:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgFiHaDTbtW2K8lNkFxfPaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjMwNTEwMTIwMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM0MTI3MGQ5MjNkNjRmZjlhZDQwYjgxYmI3YjNiOWE1ZTMxYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0r8QRunClFHaKHMquNyJLzyRWq3
NK8SRaNdvLVhwDeYzTEWXbmJT9SaJzQjDji+eA0mBd+p9gPBnWVAsciSGjRpRcd7
HKIDPdiO/TLS1NwK7B+1GaiNfIVGsEWfb4BkzGSuYkv5sNTTb2+tSSrGpTXcHlPl
aJX82XW6abP6eLFNiIR8cvEYBw+PW1WA5dVUXFsk8Ye5ns57+Yq6e11INfvzz6mS
kGCaXbn8rbDE0V4jBpTHU55ieDEcTyFLhZCdXbArNkacPlZBl6hcFIpf+yIi0ujv
nyAWpZc4ECpcEbjMp2UmhssaHYSsZiOCMJ3L53EyEQCZrJO7M5jc7hP1GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7EEnDZI9ZP+a1AuBu3s7ml4xw5MB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvYnNRU2NOa2oxa181clVDNEc3ZXp1YVhqSERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR88MA0G
CSqGSIb3DQEBCwUAA4IBAQByq6AxGCSQhRDh8xt+0r/7fV7F5Gkzqi36/869KT09
gOfq3SCbrf0IPGwXKmZc5OO4tPYX1XVk/rws16aw+6ALrXE7KIQXPqLZrVGIgFd0
WVrtLegvwbSIzdlU9ziYVOr4IrgyviMRiHJnSx9zq1uST3Qy9JiRPj9zjzyRiLn0
hpcO6sK9Ez/Cl0aUmcix/sv7pVP+xj7crp/PCI9CpaF3EdIuxmaUd/T65bHRd9Zh
KRLs5ImghIVDQ5qr12i6CD6BmBcOexlRPU+2lwTgPAaJEPZE1EOYoJBiuypvUGiu
Sg+TTbljpFv8qup0pDv/sah8vQikvkXWaz3YEL53A3+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org