Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/KI777FVeQX82MAZdtrCP_jQd3-k.roa
File:                     KI777FVeQX82MAZdtrCP_jQd3-k.roa (raw, json)
Hash identifier:          LVwRop5F6diDxKnna3eBG+0WRi1TjJUbQI35eRwX7CU=
Subject key identifier:   28:8E:FB:EC:55:5E:41:7F:36:30:06:5D:B6:B0:8F:FE:34:1D:DF:E9
Certificate issuer:       /CN=684ac8a021270682765d23ef0338f35c786ddb35
Certificate serial:       01856DDD48459D593919E29CEE41C2712389
Authority key identifier: 68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/KI777FVeQX82MAZdtrCP_jQd3-k.roa
Signing time:             Sun 01 Jan 2023 15:04:56 +0000
ROA not before:           Sun 01 Jan 2023 15:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58207
IP address blocks:        31.129.124.0/24 maxlen: 24
                          195.16.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:48:45:9d:59:39:19:e2:9c:ee:41:c2:71:23:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684ac8a021270682765d23ef0338f35c786ddb35
        Validity
            Not Before: Jan  1 15:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=288efbec555e417f3630065db6b08ffe341ddfe9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:30:b0:ae:8e:7b:2c:e5:88:f8:d1:2e:8c:9a:
                    f2:2c:4f:96:71:63:c2:9f:f8:19:30:25:c3:95:88:
                    95:27:c7:ec:e5:29:22:d8:6a:1e:4b:dd:22:60:fd:
                    05:90:0f:5d:73:9a:b8:bf:4f:ce:08:36:8d:bf:48:
                    b7:ef:65:a1:e2:08:25:9f:fc:2a:1c:2a:fa:59:91:
                    0b:b4:64:69:01:60:a2:b6:87:49:1a:f6:ae:f8:a0:
                    41:3d:6d:93:dc:30:b4:b3:c7:5c:73:9f:0e:d4:b9:
                    49:4c:06:d7:01:e1:d6:01:82:4d:05:93:58:26:14:
                    d7:35:fb:6e:80:71:b9:d0:99:e6:9a:b4:79:48:22:
                    9b:48:08:03:a6:53:f2:48:80:dd:ed:2f:25:95:91:
                    00:e2:0c:4e:49:10:2e:20:88:ab:fc:ce:e7:6a:4d:
                    f6:98:bc:04:4f:09:ce:5e:ce:36:69:28:c1:d3:18:
                    4a:09:69:c9:67:e4:a1:9f:8f:ce:a4:ca:2c:b2:4b:
                    89:b8:7d:85:c1:74:2c:40:15:3a:d7:19:69:5e:5e:
                    3d:0c:15:2c:d2:49:fd:ea:86:30:f9:9c:89:45:ae:
                    51:4e:83:54:fa:4f:6b:3f:24:86:c5:2c:82:f0:7f:
                    88:0f:4e:86:11:1a:38:64:24:f5:75:38:a5:b0:f7:
                    a0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:8E:FB:EC:55:5E:41:7F:36:30:06:5D:B6:B0:8F:FE:34:1D:DF:E9
            X509v3 Authority Key Identifier:
                keyid:68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/KI777FVeQX82MAZdtrCP_jQd3-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.129.124.0/24
                  195.16.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:22:80:a4:17:a3:41:5b:c8:1c:34:ed:04:96:ef:cf:92:4c:
         6c:86:1e:67:4f:a2:3a:7c:a2:2c:7e:cd:73:70:5c:93:7a:0e:
         e4:5a:fa:5f:18:1f:dd:99:ea:48:14:da:00:eb:5c:5d:9a:f9:
         b4:24:0e:ae:a9:26:5f:87:1f:ac:31:79:65:ab:a7:d3:cc:ba:
         23:ff:7a:c3:46:11:7a:cc:5a:90:3c:b2:06:a1:91:5c:6c:6d:
         73:ff:76:af:4f:b4:f8:cd:53:1b:3a:30:c9:08:03:ed:c7:3c:
         b6:71:6a:8d:61:54:e6:91:2f:96:cb:c7:dd:e4:c8:bb:83:02:
         78:f3:34:33:30:06:9a:43:ec:ff:69:16:90:bb:69:52:30:44:
         2e:96:4a:f9:36:02:7c:ba:93:02:64:57:b4:e7:c6:92:e7:50:
         35:02:d9:d2:75:d0:64:c5:f5:d5:cb:b1:a2:29:11:3a:5c:b9:
         86:16:34:0e:a4:81:4d:3e:7a:f2:cc:0a:aa:02:d1:85:5f:9c:
         d7:7e:90:0e:22:18:fb:b1:d0:43:f0:c4:5f:fe:d1:9d:98:d2:
         2a:ef:02:c6:70:77:ca:68:a8:e1:85:4b:32:8a:4d:6e:8f:fb:
         5c:a4:82:4e:37:c1:f9:9e:ee:9a:0f:11:21:09:9c:e9:89:cd:
         21:88:d9:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt3UhFnVk5GeKc7kHCcSOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NGFjOGEwMjEyNzA2ODI3NjVkMjNlZjAzMzhmMzVjNzg2
ZGRiMzUwHhcNMjMwMTAxMTUwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhlZmJlYzU1NWU0MTdmMzYzMDA2NWRiNmIwOGZmZTM0MWRkZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzCwro57LOWI+NEujJryLE+WcWPC
n/gZMCXDlYiVJ8fs5Ski2GoeS90iYP0FkA9dc5q4v0/OCDaNv0i372Wh4ggln/wq
HCr6WZELtGRpAWCitodJGvau+KBBPW2T3DC0s8dcc58O1LlJTAbXAeHWAYJNBZNY
JhTXNftugHG50JnmmrR5SCKbSAgDplPySIDd7S8llZEA4gxOSRAuIIir/M7nak32
mLwETwnOXs42aSjB0xhKCWnJZ+Shn4/OpMosskuJuH2FwXQsQBU61xlpXl49DBUs
0kn96oYw+ZyJRa5RToNU+k9rPySGxSyC8H+ID06GERo4ZCT1dTilsPegPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCiO++xVXkF/NjAGXbawj/40Hd/pMB8GA1UdIwQY
MBaAFGhKyKAhJwaCdl0j7wM481x4bds1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTct
MGMwMTFjOWM5MjdkLzEvS0k3NzdGVmVRWDgyTUFaZHRyQ1BfalFkMy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTctMGMwMTFjOWM5Mjdk
LzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH4F8AwQA
wxBdMA0GCSqGSIb3DQEBCwUAA4IBAQBPIoCkF6NBW8gcNO0Elu/Pkkxshh5nT6I6
fKIsfs1zcFyTeg7kWvpfGB/dmepIFNoA61xdmvm0JA6uqSZfhx+sMXllq6fTzLoj
/3rDRhF6zFqQPLIGoZFcbG1z/3avT7T4zVMbOjDJCAPtxzy2cWqNYVTmkS+Wy8fd
5Mi7gwJ48zQzMAaaQ+z/aRaQu2lSMEQulkr5NgJ8upMCZFe058aS51A1AtnSddBk
xfXVy7GiKRE6XLmGFjQOpIFNPnryzAqqAtGFX5zXfpAOIhj7sdBD8MRf/tGdmNIq
7wLGcHfKaKjhhUsyik1uj/tcpIJON8H5nu6aDxEhCZzpic0hiNlD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:13 2024 by rpki-client on console-ams.rpki-client.org