Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/ESWxV6ulibY48494i7mFS2fGAAk.roa
File:                     ESWxV6ulibY48494i7mFS2fGAAk.roa (raw, json)
Hash identifier:          T000u2pZVrxEyj0jvIze3aDfj9kwc9rg8eZWBKS6Q1s=
Subject key identifier:   11:25:B1:57:AB:A5:89:B6:38:F3:8F:78:8B:B9:85:4B:67:C6:00:09
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       018AC06016C3240A96F9F369E3723D596E3A
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/ESWxV6ulibY48494i7mFS2fGAAk.roa
Signing time:             Sat 23 Sep 2023 04:50:37 +0000
ROA not before:           Sat 23 Sep 2023 04:50:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400810
IP address blocks:        31.43.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c0:60:16:c3:24:0a:96:f9:f3:69:e3:72:3d:59:6e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Sep 23 04:50:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1125b157aba589b638f38f788bb9854b67c60009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a0:42:6b:fd:58:f1:0d:2d:6f:8b:1e:81:04:
                    1d:23:80:81:29:7f:23:4b:b0:66:e1:94:9c:4e:13:
                    93:3d:c4:bb:d5:97:c7:f0:02:0f:e5:85:f2:b0:3e:
                    94:df:3e:b1:a2:91:4d:51:26:06:4e:b1:a6:64:4a:
                    9d:80:f6:71:9e:a1:b7:5d:ca:ee:a4:75:73:d7:ac:
                    20:5c:a4:8f:de:be:9d:af:b7:4e:93:60:91:96:4c:
                    ac:b9:74:93:22:c1:21:65:55:50:da:aa:84:d0:7e:
                    e8:5a:d1:db:9b:96:44:89:6a:14:7c:ba:51:d3:7f:
                    9b:d7:62:2c:02:77:96:5e:b7:2a:a0:eb:04:4e:64:
                    4a:55:16:9e:b8:47:d0:4d:1b:f8:2c:70:3e:7e:d3:
                    7c:11:22:88:df:51:ad:ea:f7:85:de:a5:13:f4:91:
                    e3:e9:0c:a7:ef:31:47:90:cb:14:e8:bc:18:f1:82:
                    52:84:d4:dc:d7:62:db:47:a1:62:cd:06:bb:4b:e4:
                    0a:64:9e:79:55:a8:76:7c:b6:98:75:1a:be:1a:ce:
                    22:ac:06:2f:ad:55:3f:e1:29:02:6d:2c:f6:68:82:
                    da:df:fb:5f:9d:e7:03:76:05:13:37:54:c0:86:b1:
                    4c:50:be:58:25:8b:ca:da:15:60:2d:7e:f3:22:27:
                    03:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:25:B1:57:AB:A5:89:B6:38:F3:8F:78:8B:B9:85:4B:67:C6:00:09
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/ESWxV6ulibY48494i7mFS2fGAAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:64:12:08:3b:34:a4:e7:ce:d4:e8:3c:6a:8b:64:09:4a:77:
         e1:34:2f:44:0b:65:66:65:61:b4:b3:ff:a1:e8:34:26:a9:b6:
         9c:7d:43:02:8c:8b:03:3e:0a:c1:b7:68:9f:70:08:da:f3:94:
         be:00:97:0d:d1:d6:03:3a:cb:83:ad:f3:d4:fe:2c:bc:e3:30:
         4e:fb:50:a7:70:98:a4:fb:e2:00:fe:e4:04:21:2a:bd:25:11:
         01:49:56:ff:04:1c:df:b3:93:27:30:80:d2:d5:df:b4:20:f5:
         90:2e:e2:cd:62:51:21:8b:95:3e:28:42:78:0f:c8:ee:0b:69:
         61:40:d3:2c:cb:71:ae:a5:4b:72:e1:e2:73:09:10:e1:06:5f:
         3c:16:68:84:58:20:8c:86:c0:de:dd:ea:81:db:14:11:8e:3f:
         34:4c:1e:06:b8:41:1c:d4:05:6f:0e:30:7f:95:18:54:2a:65:
         f4:9a:27:b2:93:4d:17:48:c2:ea:b1:3d:e5:2e:30:6d:4a:8b:
         a5:93:52:81:16:34:ea:eb:c7:8a:7b:11:35:52:c6:1e:44:7a:
         42:8b:36:62:07:c8:d1:c0:65:d3:a4:79:64:9a:6b:0f:5e:37:
         90:b2:7d:8f:3a:22:10:61:c2:d8:ac:ed:40:93:fd:33:8a:04:
         ff:24:53:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrAYBbDJAqW+fNp43I9WW46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjMwOTIzMDQ1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI1YjE1N2FiYTU4OWI2MzhmMzhmNzg4YmI5ODU0YjY3YzYwMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6BCa/1Y8Q0tb4segQQdI4CBKX8j
S7Bm4ZScThOTPcS71ZfH8AIP5YXysD6U3z6xopFNUSYGTrGmZEqdgPZxnqG3Xcru
pHVz16wgXKSP3r6dr7dOk2CRlkysuXSTIsEhZVVQ2qqE0H7oWtHbm5ZEiWoUfLpR
03+b12IsAneWXrcqoOsETmRKVRaeuEfQTRv4LHA+ftN8ESKI31Gt6veF3qUT9JHj
6Qyn7zFHkMsU6LwY8YJShNTc12LbR6FizQa7S+QKZJ55Vah2fLaYdRq+Gs4irAYv
rVU/4SkCbSz2aILa3/tfnecDdgUTN1TAhrFMUL5YJYvK2hVgLX7zIicD2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBElsVerpYm2OPOPeIu5hUtnxgAJMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvRVNXeFY2dWxpYlk0ODQ5NGk3bUZTMmZHQUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyukMA0G
CSqGSIb3DQEBCwUAA4IBAQBWZBIIOzSk587U6Dxqi2QJSnfhNC9EC2VmZWG0s/+h
6DQmqbacfUMCjIsDPgrBt2ifcAja85S+AJcN0dYDOsuDrfPU/iy84zBO+1CncJik
++IA/uQEISq9JREBSVb/BBzfs5MnMIDS1d+0IPWQLuLNYlEhi5U+KEJ4D8juC2lh
QNMsy3GupUty4eJzCRDhBl88FmiEWCCMhsDe3eqB2xQRjj80TB4GuEEc1AVvDjB/
lRhUKmX0mieyk00XSMLqsT3lLjBtSoulk1KBFjTq68eKexE1UsYeRHpCizZiB8jR
wGXTpHlkmmsPXjeQsn2POiIQYcLYrO1Ak/0zigT/JFOU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org