Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/neRoHTNbaft37jVto7Xt1MG5xek.roa
File:                     neRoHTNbaft37jVto7Xt1MG5xek.roa (raw, json)
Hash identifier:          kg2EvLnJR87osuwMrlpyuF2aaZOc1h0x9K0QG1CHGmo=
Subject key identifier:   9D:E4:68:1D:33:5B:69:FB:77:EE:35:6D:A3:B5:ED:D4:C1:B9:C5:E9
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0185729EC717AA7338AF404B593AB4FA6ADA
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/neRoHTNbaft37jVto7Xt1MG5xek.roa
Signing time:             Mon 02 Jan 2023 13:14:46 +0000
ROA not before:           Mon 02 Jan 2023 13:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        193.31.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 12:45:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:c7:17:aa:73:38:af:40:4b:59:3a:b4:fa:6a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Jan  2 13:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9de4681d335b69fb77ee356da3b5edd4c1b9c5e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:15:3f:a7:cf:1e:72:1f:cc:2b:8a:67:87:00:
                    b5:0d:d9:13:8d:5d:ca:54:8d:01:69:62:dc:b7:88:
                    48:e3:e8:e3:cf:9e:f7:09:cb:e7:e4:42:3f:57:d0:
                    89:88:c6:7b:69:d3:72:41:1a:6d:10:37:b8:09:01:
                    16:cb:8f:bc:00:c7:a8:d8:48:fd:7d:51:4f:d8:66:
                    2f:a1:b0:a5:d7:e7:db:b1:91:6b:77:fd:62:e7:98:
                    cd:02:94:43:40:d4:86:47:5d:57:16:1a:3f:c5:24:
                    0b:b7:f8:1e:3a:3f:13:10:42:01:90:63:31:3a:a7:
                    54:f5:23:64:e1:ab:25:d3:76:84:82:58:8e:57:ff:
                    81:c4:5e:e2:2e:83:57:5a:eb:e4:e7:a4:2c:2c:75:
                    13:d6:9f:ea:9e:63:2d:bb:f8:aa:43:90:09:5f:57:
                    e2:50:f0:72:5d:13:44:91:1d:df:1c:2e:ba:3e:c1:
                    d2:1c:65:be:a6:6b:ec:2d:ad:cc:62:97:e6:64:93:
                    4c:78:6b:fc:3e:55:78:8d:04:14:91:26:74:2c:0b:
                    9e:c0:66:09:01:a9:8c:be:1e:93:5b:05:ac:76:e8:
                    84:fc:d5:61:bf:3f:21:0a:6f:a1:67:ea:77:f2:60:
                    a7:d2:a3:0b:b1:36:bd:c5:6f:14:68:13:6c:ae:70:
                    69:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:E4:68:1D:33:5B:69:FB:77:EE:35:6D:A3:B5:ED:D4:C1:B9:C5:E9
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/neRoHTNbaft37jVto7Xt1MG5xek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:17:3e:ba:83:22:ad:29:4e:33:90:15:bd:cd:d1:f4:03:6f:
         d5:27:a2:60:22:ef:42:a6:23:f9:64:55:2f:5a:60:84:fd:67:
         fc:22:82:d3:79:15:ac:7f:ba:bb:84:d4:d4:d1:c1:74:14:6f:
         a4:9c:ac:77:96:6d:8a:f9:b1:e4:8f:33:e2:42:65:1a:e1:ca:
         bf:70:71:ca:ed:ba:16:e8:53:03:01:34:cd:73:ed:a7:d1:62:
         cc:c4:83:2c:57:f9:9d:aa:a1:48:44:f2:9a:89:cd:5f:b9:f6:
         e8:26:15:4c:59:4b:28:82:85:99:7e:a6:86:4f:8f:a7:e1:89:
         f5:08:bc:7c:7f:7b:56:e1:6a:fa:7f:90:17:e8:e2:b0:ad:cc:
         b4:33:7b:20:a8:20:92:e3:fc:6a:c4:72:39:c8:b3:a1:e4:af:
         fd:30:fc:07:30:c2:16:46:c2:e0:b1:38:82:0b:18:bd:0c:ac:
         1d:5a:b9:0d:fc:1b:e5:cc:68:ee:e6:58:5d:9e:e4:3e:51:8f:
         ca:7e:c1:62:f7:55:ef:c3:0e:bd:96:99:be:b3:fb:d5:3c:62:
         b6:fa:25:89:34:50:ad:c7:a8:03:95:7a:00:10:45:ce:9c:1f:
         25:32:39:56:8d:d6:ef:e5:e4:a4:47:eb:bb:ce:ce:c9:df:06:
         7f:f7:94:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynscXqnM4r0BLWTq0+mraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjMwMTAyMTMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU0NjgxZDMzNWI2OWZiNzdlZTM1NmRhM2I1ZWRkNGMxYjljNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBU/p88ech/MK4pnhwC1DdkTjV3K
VI0BaWLct4hI4+jjz573Ccvn5EI/V9CJiMZ7adNyQRptEDe4CQEWy4+8AMeo2Ej9
fVFP2GYvobCl1+fbsZFrd/1i55jNApRDQNSGR11XFho/xSQLt/geOj8TEEIBkGMx
OqdU9SNk4asl03aEgliOV/+BxF7iLoNXWuvk56QsLHUT1p/qnmMtu/iqQ5AJX1fi
UPByXRNEkR3fHC66PsHSHGW+pmvsLa3MYpfmZJNMeGv8PlV4jQQUkSZ0LAuewGYJ
AamMvh6TWwWsduiE/NVhvz8hCm+hZ+p38mCn0qMLsTa9xW8UaBNsrnBpVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3kaB0zW2n7d+41baO17dTBucXpMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvbmVSb0hUTmJhZnQzN2pWdG83WHQxTUc1eGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR88MA0G
CSqGSIb3DQEBCwUAA4IBAQBCFz66gyKtKU4zkBW9zdH0A2/VJ6JgIu9CpiP5ZFUv
WmCE/Wf8IoLTeRWsf7q7hNTU0cF0FG+knKx3lm2K+bHkjzPiQmUa4cq/cHHK7boW
6FMDATTNc+2n0WLMxIMsV/mdqqFIRPKaic1fufboJhVMWUsogoWZfqaGT4+n4Yn1
CLx8f3tW4Wr6f5AX6OKwrcy0M3sgqCCS4/xqxHI5yLOh5K/9MPwHMMIWRsLgsTiC
Cxi9DKwdWrkN/BvlzGju5lhdnuQ+UY/KfsFi91Xvww69lpm+s/vVPGK2+iWJNFCt
x6gDlXoAEEXOnB8lMjlWjdbv5eSkR+u7zs7J3wZ/95Sb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org