Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/2aPjMyzTlwAMzioOAc8wTgLrCPs.roa
File:                     2aPjMyzTlwAMzioOAc8wTgLrCPs.roa (raw, json)
Hash identifier:          3dem1M61y1bITpvWO62Og/vWhAOdQDFDCKiqLPeQfuU=
Subject key identifier:   D9:A3:E3:33:2C:D3:97:00:0C:CE:2A:0E:01:CF:30:4E:02:EB:08:FB
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       0185DAFE4DC7A164348DA9ABF11A61C2398A
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/2aPjMyzTlwAMzioOAc8wTgLrCPs.roa
Signing time:             Sun 22 Jan 2023 19:39:37 +0000
ROA not before:           Sun 22 Jan 2023 19:39:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60781
IP address blocks:        31.43.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:da:fe:4d:c7:a1:64:34:8d:a9:ab:f1:1a:61:c2:39:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Jan 22 19:39:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9a3e3332cd397000cce2a0e01cf304e02eb08fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:71:82:c6:fe:43:f3:3e:97:7c:97:77:ad:0b:
                    c3:d7:9d:ef:d6:1b:61:e7:2a:b3:ca:17:4c:06:8e:
                    94:ec:98:85:45:5e:94:9a:ce:e9:47:22:63:ed:e7:
                    99:99:cb:dd:18:4f:8d:48:3e:56:99:e8:f5:6d:47:
                    e6:5b:f9:65:e9:a8:df:82:af:63:3e:49:0a:b6:62:
                    eb:bc:83:fb:30:dc:4b:96:19:7a:61:d4:02:f3:48:
                    dd:47:d9:72:77:b4:8f:c3:6a:91:16:0a:e7:9d:13:
                    4f:8b:57:dd:1b:35:ad:73:55:50:0f:c1:eb:8e:f1:
                    1c:22:bd:7f:be:56:98:55:c9:dc:bf:93:47:11:f6:
                    1e:93:f5:55:80:f9:fc:bd:c3:ee:fe:ab:48:ba:8a:
                    18:3c:8c:4e:9c:7f:27:4e:75:c7:77:e7:75:59:bb:
                    fc:8b:37:71:4e:2e:c4:53:d0:14:dd:66:c5:52:d4:
                    6c:00:31:e8:98:06:66:3c:a5:5d:69:64:5f:a2:4c:
                    95:fb:eb:ab:52:93:8d:f7:ae:99:53:ae:9d:7b:38:
                    14:b5:90:d7:ac:2c:6f:61:f3:8b:44:37:32:d5:40:
                    4d:2b:d5:04:0b:5d:2e:a3:5d:a1:ed:a2:c1:ce:b4:
                    c0:fe:84:57:00:a2:f1:01:ca:6a:1c:95:7e:16:f4:
                    ea:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:A3:E3:33:2C:D3:97:00:0C:CE:2A:0E:01:CF:30:4E:02:EB:08:FB
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/2aPjMyzTlwAMzioOAc8wTgLrCPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:6b:aa:a4:d6:3d:53:b3:aa:03:7f:a9:f2:2f:2a:ea:a0:96:
         ec:27:1c:a9:38:e7:23:8f:dc:04:13:cd:b8:e4:14:7b:87:e9:
         45:f0:5b:82:2f:3d:fb:0a:1c:00:ef:93:2e:6a:54:65:1a:4c:
         b7:9f:7e:a8:99:59:34:e9:d9:f4:9e:6b:78:a3:4c:5b:6b:60:
         15:14:75:8b:66:af:82:81:5a:ac:7c:23:6d:8f:47:a1:27:1c:
         9c:5c:09:a8:a1:76:2c:71:16:6d:77:2a:35:c5:a4:b5:3f:86:
         f7:47:33:41:18:3d:e2:9d:ed:ca:6a:0c:b8:a3:ca:d8:93:3e:
         40:2e:65:ab:f2:e2:e7:d3:0c:26:b1:bc:13:3b:90:99:5f:66:
         9d:c3:72:8a:92:8c:7a:bd:c4:d2:ff:3d:33:30:28:0d:91:3f:
         76:e5:f0:02:00:5b:0b:39:47:96:53:44:c6:9d:07:f3:cc:8d:
         4e:f0:32:b6:45:0d:c1:d0:35:96:9b:24:b0:5a:a9:18:4b:6f:
         62:8d:59:3e:37:ea:df:60:d1:d0:74:9d:50:03:4a:fc:dd:c0:
         b5:72:fa:0a:2b:22:1a:bf:7f:ff:a8:27:18:7b:98:41:28:d5:
         d0:f9:81:a6:6d:3c:8d:88:54:fe:42:37:ac:a2:69:ec:a1:8c:
         47:fe:46:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXa/k3HoWQ0jamr8RphwjmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjMwMTIyMTkzOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWEzZTMzMzJjZDM5NzAwMGNjZTJhMGUwMWNmMzA0ZTAyZWIwOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnGCxv5D8z6XfJd3rQvD153v1hth
5yqzyhdMBo6U7JiFRV6Ums7pRyJj7eeZmcvdGE+NSD5Wmej1bUfmW/ll6ajfgq9j
PkkKtmLrvIP7MNxLlhl6YdQC80jdR9lyd7SPw2qRFgrnnRNPi1fdGzWtc1VQD8Hr
jvEcIr1/vlaYVcncv5NHEfYek/VVgPn8vcPu/qtIuooYPIxOnH8nTnXHd+d1Wbv8
izdxTi7EU9AU3WbFUtRsADHomAZmPKVdaWRfokyV++urUpON966ZU66dezgUtZDX
rCxvYfOLRDcy1UBNK9UEC10uo12h7aLBzrTA/oRXAKLxAcpqHJV+FvTqgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmj4zMs05cADM4qDgHPME4C6wj7MB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvMmFQak15elRsd0FNemlvT0FjOHdUZ0xyQ1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyunMA0G
CSqGSIb3DQEBCwUAA4IBAQBJa6qk1j1Ts6oDf6nyLyrqoJbsJxypOOcjj9wEE824
5BR7h+lF8FuCLz37ChwA75MualRlGky3n36omVk06dn0nmt4o0xba2AVFHWLZq+C
gVqsfCNtj0ehJxycXAmooXYscRZtdyo1xaS1P4b3RzNBGD3ine3Kagy4o8rYkz5A
LmWr8uLn0wwmsbwTO5CZX2adw3KKkox6vcTS/z0zMCgNkT925fACAFsLOUeWU0TG
nQfzzI1O8DK2RQ3B0DWWmySwWqkYS29ijVk+N+rfYNHQdJ1QA0r83cC1cvoKKyIa
v3//qCcYe5hBKNXQ+YGmbTyNiFT+QjesomnsoYxH/kbV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org