Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/njLgIefQStLOLqDvSUukqlDKCcg.roa
File:                     njLgIefQStLOLqDvSUukqlDKCcg.roa (raw, json)
Hash identifier:          9+8k1aB9V6PzeFT+Tt++gqWYUusbPaZmSvJk17QXKHo=
Subject key identifier:   9E:32:E0:21:E7:D0:4A:D2:CE:2E:A0:EF:49:4B:A4:AA:50:CA:09:C8
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0187FA67471F0AE3625E60B8D4D09CF1118D
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/njLgIefQStLOLqDvSUukqlDKCcg.roa
Signing time:             Mon 08 May 2023 08:08:05 +0000
ROA not before:           Mon 08 May 2023 08:08:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        193.31.60.0/24 maxlen: 24
                          193.31.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 May 2023 12:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fa:67:47:1f:0a:e3:62:5e:60:b8:d4:d0:9c:f1:11:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: May  8 08:08:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9e32e021e7d04ad2ce2ea0ef494ba4aa50ca09c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:73:7a:4b:d1:86:96:93:69:34:e9:3f:5d:d3:
                    54:23:b8:24:f2:f6:61:bc:c5:02:9c:c9:15:81:55:
                    75:50:1d:d4:c8:28:88:b4:d7:38:44:7a:a8:02:6f:
                    42:e9:4c:df:dc:49:c2:a1:37:4d:f9:15:37:10:3c:
                    85:c4:79:d9:ca:00:e7:4a:ae:ed:3e:18:ca:77:f1:
                    26:91:9b:2e:8b:66:03:67:fb:a1:06:30:8b:01:d0:
                    5f:33:b2:5f:03:54:f0:92:29:28:1c:07:c0:05:ee:
                    93:ac:49:c6:f7:a5:5a:39:69:99:4f:dc:39:b7:43:
                    57:bf:18:f0:08:9a:e2:6b:2a:c1:9c:ca:ed:4a:ca:
                    e2:61:a4:b3:45:0e:c9:1e:e4:38:6f:3c:93:ae:e6:
                    03:3c:de:38:e8:2f:92:30:aa:7a:93:cc:99:4b:2c:
                    3a:9c:7c:4f:6f:5c:77:0b:7d:49:5a:95:50:54:8b:
                    5f:6a:d8:fe:ca:0c:b0:23:36:b7:39:da:98:8b:f0:
                    44:c2:5c:ee:09:eb:b1:06:d1:37:b8:74:fd:4f:f5:
                    9e:f4:40:ae:d0:97:24:a0:47:13:b1:b6:f8:51:3d:
                    cb:9a:44:81:06:fe:0f:9e:47:4e:3a:6c:13:12:52:
                    7f:be:be:56:05:d8:e2:d9:dd:e6:32:be:88:c6:1c:
                    b5:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:32:E0:21:E7:D0:4A:D2:CE:2E:A0:EF:49:4B:A4:AA:50:CA:09:C8
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/njLgIefQStLOLqDvSUukqlDKCcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.60.0/24
                  193.31.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:13:09:8f:0a:b3:b9:19:7d:f6:80:dc:8a:af:87:68:99:dc:
         fa:10:ba:70:68:e5:a8:28:f7:ed:86:b9:2c:23:90:6d:09:1e:
         44:3d:1a:20:6b:16:25:c2:dd:39:18:81:09:ef:23:fe:1a:06:
         e1:48:45:d5:a0:20:e2:07:fb:b2:54:25:a0:8d:77:4b:7f:19:
         4b:af:ed:03:e6:66:0f:3a:d6:5f:4e:36:19:16:3b:a3:12:d1:
         85:d9:4c:9c:f6:98:16:a8:11:e4:a4:ca:83:45:6c:ac:b6:ec:
         4f:c4:af:c9:22:5b:f5:f8:3a:f0:94:42:4c:8b:b4:4d:35:0c:
         dc:d0:ad:32:a7:94:cb:bd:11:90:63:cf:d4:2d:76:47:c4:d9:
         15:0f:79:e6:4b:e6:61:ee:9c:3a:42:92:c2:99:97:c5:63:bc:
         55:cc:cb:fc:52:7d:45:c6:07:6b:6a:b7:2f:04:36:86:2d:cd:
         32:27:42:e5:fc:fa:df:48:b3:59:c4:1c:c3:dc:f7:9e:d4:96:
         10:40:18:a3:cf:00:6c:6c:fe:c8:9e:ea:15:24:40:7f:7c:78:
         93:c5:c2:a9:37:9c:89:23:a5:bf:31:b0:d4:89:f6:94:91:5a:
         8f:75:81:07:82:70:f1:c8:de:69:9d:e3:64:dc:c6:bc:18:e9:
         51:e7:58:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYf6Z0cfCuNiXmC41NCc8RGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjMwNTA4MDgwODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTMyZTAyMWU3ZDA0YWQyY2UyZWEwZWY0OTRiYTRhYTUwY2EwOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHN6S9GGlpNpNOk/XdNUI7gk8vZh
vMUCnMkVgVV1UB3UyCiItNc4RHqoAm9C6Uzf3EnCoTdN+RU3EDyFxHnZygDnSq7t
PhjKd/EmkZsui2YDZ/uhBjCLAdBfM7JfA1TwkikoHAfABe6TrEnG96VaOWmZT9w5
t0NXvxjwCJriayrBnMrtSsriYaSzRQ7JHuQ4bzyTruYDPN446C+SMKp6k8yZSyw6
nHxPb1x3C31JWpVQVItfatj+ygywIza3OdqYi/BEwlzuCeuxBtE3uHT9T/We9ECu
0JckoEcTsbb4UT3LmkSBBv4PnkdOOmwTElJ/vr5WBdji2d3mMr6Ixhy1NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ4y4CHn0ErSzi6g70lLpKpQygnIMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvbmpMZ0llZlFTdExPTHFEdlNVdWtxbERLQ2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwR88AwQA
wR8+MA0GCSqGSIb3DQEBCwUAA4IBAQBQEwmPCrO5GX32gNyKr4domdz6ELpwaOWo
KPfthrksI5BtCR5EPRogaxYlwt05GIEJ7yP+GgbhSEXVoCDiB/uyVCWgjXdLfxlL
r+0D5mYPOtZfTjYZFjujEtGF2Uyc9pgWqBHkpMqDRWystuxPxK/JIlv1+DrwlEJM
i7RNNQzc0K0yp5TLvRGQY8/ULXZHxNkVD3nmS+Zh7pw6QpLCmZfFY7xVzMv8Un1F
xgdrarcvBDaGLc0yJ0Ll/PrfSLNZxBzD3Pee1JYQQBijzwBsbP7InuoVJEB/fHiT
xcKpN5yJI6W/MbDUifaUkVqPdYEHgnDxyN5pneNk3Ma8GOlR51jr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org