Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/nycfn2VS7INXPAM6thsx7cDqGRM.roa
File:                     nycfn2VS7INXPAM6thsx7cDqGRM.roa (raw, json)
Hash identifier:          yPtvgQlsXpZwn++mETqZ7HmcvPmlMre7N0mRxZZHvts=
Subject key identifier:   9F:27:1F:9F:65:52:EC:83:57:3C:03:3A:B6:1B:31:ED:C0:EA:19:13
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0185729EC4EB742FEDB36C7FFF5A2885333C
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/nycfn2VS7INXPAM6thsx7cDqGRM.roa
Signing time:             Mon 02 Jan 2023 13:14:45 +0000
ROA not before:           Mon 02 Jan 2023 13:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        193.31.15.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:c4:eb:74:2f:ed:b3:6c:7f:ff:5a:28:85:33:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Jan  2 13:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f271f9f6552ec83573c033ab61b31edc0ea1913
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:91:4a:67:07:7a:b3:75:69:30:63:6e:62:4d:
                    f8:bc:ff:af:37:a4:19:9f:58:50:51:03:7a:8a:19:
                    a6:bd:9f:71:c3:b6:3d:54:d8:be:42:33:62:17:61:
                    49:b2:b8:e0:0c:8e:40:44:79:6c:68:02:e1:ea:f0:
                    ef:19:fb:bc:e5:b1:eb:15:60:83:12:ee:a9:56:82:
                    0d:ed:ce:16:96:3f:c0:eb:e4:8f:44:39:00:4a:4e:
                    38:19:d9:9c:fd:9e:76:c9:a9:80:83:73:af:fa:0a:
                    56:c4:3b:79:bc:9d:33:37:e5:3f:8c:e2:1a:3c:0b:
                    fc:a0:b1:f8:63:84:bd:b6:95:e1:d8:93:d1:db:1a:
                    a8:1f:a0:8f:4c:b0:92:e2:a4:63:6c:03:d7:ae:50:
                    6a:c7:60:e3:0a:08:59:f8:d3:01:65:e2:9d:2c:dc:
                    ce:1b:06:b6:4b:8e:bc:f2:b2:fa:c6:94:45:b7:66:
                    f6:50:7a:87:84:93:21:ac:5a:fd:f0:f2:7a:80:5e:
                    41:10:e7:67:6a:18:d8:06:42:ee:d3:9e:4c:41:f9:
                    a4:41:8c:d4:89:c2:43:91:cf:31:b7:a6:2c:36:bb:
                    3c:84:9f:f1:0b:76:5a:9b:a8:1f:92:93:5d:da:e8:
                    9c:fc:0a:ae:b8:b5:c2:38:61:26:2e:89:1e:10:2c:
                    07:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:27:1F:9F:65:52:EC:83:57:3C:03:3A:B6:1B:31:ED:C0:EA:19:13
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/nycfn2VS7INXPAM6thsx7cDqGRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:25:e8:21:65:c5:3b:c2:38:ff:a9:ae:e5:d4:d4:20:31:41:
         3f:67:ec:eb:a6:bf:62:86:ab:0e:ee:2c:5e:2e:cc:fa:bc:aa:
         8e:40:b5:22:d7:e0:7d:06:aa:51:4d:5e:8c:d5:88:6a:5e:c4:
         dd:f7:7b:15:26:6e:9d:2f:3b:98:95:c7:18:75:3f:0b:ff:b0:
         a7:16:e1:54:ab:17:d4:51:3d:10:63:3e:d1:6e:c9:28:1b:5b:
         86:6f:49:84:e7:02:d4:ce:9c:e5:47:1a:f4:fc:5d:1a:32:0a:
         6a:84:12:59:7b:1c:df:c7:cc:ea:16:76:c2:c1:0f:30:78:2d:
         94:41:b9:ce:cb:de:a8:ba:c7:80:fa:b4:be:a8:f8:a6:af:45:
         ad:84:54:64:1f:cc:be:d6:98:0d:36:9e:e3:ff:26:43:dd:46:
         ca:e0:a6:89:04:96:47:e0:b3:ad:56:c6:4f:8e:ad:3b:23:59:
         b5:e7:60:6e:96:4d:68:e7:28:9f:ea:e9:37:d8:e2:94:40:be:
         51:ff:e1:66:50:50:a1:80:ca:3d:b6:5d:7e:d5:36:a8:8b:14:
         1c:39:e9:de:b1:fe:1c:de:48:f7:f6:6c:0d:2b:b0:32:ac:77:
         1c:64:bc:99:ab:e2:f1:3b:61:19:82:56:d4:45:63:15:66:98:
         8b:5f:95:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynsTrdC/ts2x//1oohTM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjMwMTAyMTMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI3MWY5ZjY1NTJlYzgzNTczYzAzM2FiNjFiMzFlZGMwZWExOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJFKZwd6s3VpMGNuYk34vP+vN6QZ
n1hQUQN6ihmmvZ9xw7Y9VNi+QjNiF2FJsrjgDI5ARHlsaALh6vDvGfu85bHrFWCD
Eu6pVoIN7c4Wlj/A6+SPRDkASk44Gdmc/Z52yamAg3Ov+gpWxDt5vJ0zN+U/jOIa
PAv8oLH4Y4S9tpXh2JPR2xqoH6CPTLCS4qRjbAPXrlBqx2DjCghZ+NMBZeKdLNzO
Gwa2S4688rL6xpRFt2b2UHqHhJMhrFr98PJ6gF5BEOdnahjYBkLu055MQfmkQYzU
icJDkc8xt6YsNrs8hJ/xC3Zam6gfkpNd2uic/AquuLXCOGEmLokeECwHPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8nH59lUuyDVzwDOrYbMe3A6hkTMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvbnljZm4yVlM3SU5YUEFNNnRoc3g3Y0RxR1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR8PMA0G
CSqGSIb3DQEBCwUAA4IBAQArJeghZcU7wjj/qa7l1NQgMUE/Z+zrpr9ihqsO7ixe
Lsz6vKqOQLUi1+B9BqpRTV6M1YhqXsTd93sVJm6dLzuYlccYdT8L/7CnFuFUqxfU
UT0QYz7RbskoG1uGb0mE5wLUzpzlRxr0/F0aMgpqhBJZexzfx8zqFnbCwQ8weC2U
QbnOy96ouseA+rS+qPimr0WthFRkH8y+1pgNNp7j/yZD3UbK4KaJBJZH4LOtVsZP
jq07I1m152Bulk1o5yif6uk32OKUQL5R/+FmUFChgMo9tl1+1TaoixQcOenesf4c
3kj39mwNK7AyrHccZLyZq+LxO2EZglbURWMVZpiLX5Xc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org