Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/cu1iclYWiufuTZjMTBiinzxRt6A.roa
File:                     cu1iclYWiufuTZjMTBiinzxRt6A.roa (raw, json)
Hash identifier:          YePxMHy4GbD6bRQISGUztf4UiA/e6/ZonsgxYwyuyuY=
Subject key identifier:   72:ED:62:72:56:16:8A:E7:EE:4D:98:CC:4C:18:A2:9F:3C:51:B7:A0
Certificate issuer:       /CN=79b6ceac5d42a637f36ba1e3fdae90ad5fee2cff
Certificate serial:       018573B1927574D3A54B9B8C1F9F191A1E7D
Authority key identifier: 79:B6:CE:AC:5D:42:A6:37:F3:6B:A1:E3:FD:AE:90:AD:5F:EE:2C:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ebbOrF1Cpjfza6Hj_a6QrV_uLP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/cu1iclYWiufuTZjMTBiinzxRt6A.roa
Signing time:             Mon 02 Jan 2023 18:14:55 +0000
ROA not before:           Mon 02 Jan 2023 18:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209733
IP address blocks:        31.24.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 12 Aug 2023 20:48:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:b1:92:75:74:d3:a5:4b:9b:8c:1f:9f:19:1a:1e:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79b6ceac5d42a637f36ba1e3fdae90ad5fee2cff
        Validity
            Not Before: Jan  2 18:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=72ed627256168ae7ee4d98cc4c18a29f3c51b7a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fa:e7:bc:8c:c9:04:43:f8:61:a1:90:ca:7a:
                    77:8c:3f:2a:55:cf:21:4a:d6:04:54:e5:b8:74:cd:
                    81:7c:0a:70:8b:58:97:54:ba:27:68:d8:c0:e4:d0:
                    9c:82:60:2b:fc:08:3e:54:02:ec:24:3a:92:f9:a0:
                    be:1b:c2:a7:52:9f:66:e7:f6:a9:90:81:20:7c:1b:
                    10:2f:12:e5:76:eb:60:4b:dd:d1:ca:7c:18:0c:82:
                    d4:c1:56:50:02:60:76:ec:7b:35:fc:c6:4e:47:e6:
                    c3:1e:2b:ba:c0:cf:a5:17:ea:c4:73:23:f8:2e:cc:
                    ec:21:9a:5d:4a:a1:97:1a:8d:8f:65:fb:2f:19:eb:
                    60:b0:f0:c2:dc:ac:75:dc:a5:9f:e1:b3:ad:94:af:
                    62:6d:b8:c0:61:01:da:1d:7b:5e:70:00:e9:3c:79:
                    be:46:34:1d:a4:3d:c3:1a:cb:33:c4:b3:07:44:5a:
                    06:90:16:40:d8:33:c7:69:9d:c4:8b:07:14:d9:5c:
                    0e:2c:95:22:e6:ed:b8:62:bf:93:7f:cf:39:22:c3:
                    ae:91:a7:a0:12:84:f5:ed:71:14:62:28:0b:6d:97:
                    c4:60:2b:a6:ce:2f:0b:b3:b7:2d:d1:37:20:f9:9c:
                    f4:cd:da:4e:45:c1:9d:2a:4b:b9:e1:c5:de:e8:2f:
                    05:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:ED:62:72:56:16:8A:E7:EE:4D:98:CC:4C:18:A2:9F:3C:51:B7:A0
            X509v3 Authority Key Identifier:
                keyid:79:B6:CE:AC:5D:42:A6:37:F3:6B:A1:E3:FD:AE:90:AD:5F:EE:2C:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebbOrF1Cpjfza6Hj_a6QrV_uLP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/cu1iclYWiufuTZjMTBiinzxRt6A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/ebbOrF1Cpjfza6Hj_a6QrV_uLP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.24.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:0a:f2:fd:e5:5a:a2:cd:da:eb:a9:f1:3a:57:c5:3d:e7:ec:
         31:bd:51:4c:53:28:52:a9:bf:c8:5b:8a:b1:54:1a:bd:93:71:
         4e:34:b5:46:2e:fa:2a:c7:e8:64:c7:0f:ac:ee:a9:41:33:d1:
         4e:7d:fb:95:8a:38:cd:c4:94:d4:30:99:0e:cf:e9:26:58:0d:
         41:4b:10:a6:f5:91:c5:11:51:60:a3:52:77:d0:e6:6e:4a:da:
         4c:c5:16:0a:51:a3:26:22:f1:56:80:6d:d7:3d:34:28:cb:73:
         12:3d:ce:fd:2e:7c:68:4c:b8:6c:2c:11:a0:ef:ee:9a:61:f3:
         fd:01:91:e0:80:db:5d:db:df:ab:af:2c:8c:51:e9:62:ba:77:
         5c:f7:b1:2f:26:76:45:a5:f2:d6:29:aa:36:d4:f2:1e:54:fd:
         f2:6a:92:5c:07:7c:30:89:ce:cd:3f:f0:64:19:a4:dd:f8:30:
         e7:c8:2b:07:f7:dd:94:0c:2f:f9:ae:99:2d:47:8e:48:30:40:
         00:98:4d:e0:ec:00:22:8f:ad:95:36:73:50:2d:ef:40:4a:d9:
         63:93:61:02:f6:a0:ff:d1:3b:a3:7a:27:b3:08:bb:53:2f:ab:
         5a:c8:0a:fb:30:14:65:4f:6c:e9:2e:4d:31:33:2c:7f:19:b5:
         8a:65:c1:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzsZJ1dNOlS5uMH58ZGh59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YjZjZWFjNWQ0MmE2MzdmMzZiYTFlM2ZkYWU5MGFkNWZl
ZTJjZmYwHhcNMjMwMTAyMTgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmVkNjI3MjU2MTY4YWU3ZWU0ZDk4Y2M0YzE4YTI5ZjNjNTFiN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPrnvIzJBEP4YaGQynp3jD8qVc8h
StYEVOW4dM2BfApwi1iXVLonaNjA5NCcgmAr/Ag+VALsJDqS+aC+G8KnUp9m5/ap
kIEgfBsQLxLldutgS93RynwYDILUwVZQAmB27Hs1/MZOR+bDHiu6wM+lF+rEcyP4
LszsIZpdSqGXGo2PZfsvGetgsPDC3Kx13KWf4bOtlK9ibbjAYQHaHXtecADpPHm+
RjQdpD3DGsszxLMHRFoGkBZA2DPHaZ3EiwcU2VwOLJUi5u24Yr+Tf885IsOukaeg
EoT17XEUYigLbZfEYCumzi8Ls7ct0Tcg+Zz0zdpORcGdKku54cXe6C8FuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLtYnJWForn7k2YzEwYop88UbegMB8GA1UdIwQY
MBaAFHm2zqxdQqY382uh4/2ukK1f7iz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJiT3JGMUNwamZ6YTZIal9hNlFyVl91TFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hN2Q0MjEtZThjZC00OTI5LWFlZDAt
NGZlM2Y2MTExMGRlLzEvY3UxaWNsWVdpdWZ1VFpqTVRCaWluenhSdDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hN2Q0MjEtZThjZC00OTI5LWFlZDAtNGZlM2Y2MTExMGRl
LzEvZWJiT3JGMUNwamZ6YTZIal9hNlFyVl91TFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxj8MA0G
CSqGSIb3DQEBCwUAA4IBAQBVCvL95VqizdrrqfE6V8U95+wxvVFMUyhSqb/IW4qx
VBq9k3FONLVGLvoqx+hkxw+s7qlBM9FOffuVijjNxJTUMJkOz+kmWA1BSxCm9ZHF
EVFgo1J30OZuStpMxRYKUaMmIvFWgG3XPTQoy3MSPc79LnxoTLhsLBGg7+6aYfP9
AZHggNtd29+rryyMUeliundc97EvJnZFpfLWKao21PIeVP3yapJcB3wwic7NP/Bk
GaTd+DDnyCsH992UDC/5rpktR45IMEAAmE3g7AAij62VNnNQLe9AStljk2EC9qD/
0TujeiezCLtTL6tayAr7MBRlT2zpLk0xMyx/GbWKZcH9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:15 2024 by rpki-client on console-ams.rpki-client.org