Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/MteNmUrC9FK2R9ovRaDko0zySHQ.roa
File:                     MteNmUrC9FK2R9ovRaDko0zySHQ.roa (raw, json)
Hash identifier:          SC1mpwfWOKBhvBqEbtRGeUkQaQ9Af7fDGRkH1kh3mzc=
Subject key identifier:   32:D7:8D:99:4A:C2:F4:52:B6:47:DA:2F:45:A0:E4:A3:4C:F2:48:74
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       01894D3CB55B6F12F81C46E45C40FA19FB37
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/MteNmUrC9FK2R9ovRaDko0zySHQ.roa
Signing time:             Thu 13 Jul 2023 03:12:51 +0000
ROA not before:           Thu 13 Jul 2023 03:12:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.255.4.0/24 maxlen: 24
                          31.43.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 19 Jul 2023 19:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4d:3c:b5:5b:6f:12:f8:1c:46:e4:5c:40:fa:19:fb:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Jul 13 03:12:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32d78d994ac2f452b647da2f45a0e4a34cf24874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:24:1f:5b:da:c4:0c:1e:a6:f8:10:1e:31:ec:
                    3e:47:3b:34:8d:13:1e:97:a1:1b:35:a5:79:b0:06:
                    5b:a2:42:f8:21:32:ec:e2:14:1a:18:d3:a9:9a:9b:
                    55:64:1b:23:c4:67:43:44:49:d6:8c:3e:ca:23:bf:
                    91:86:b0:8a:c8:91:53:1a:95:21:3e:fd:ae:3b:53:
                    9a:9a:2c:b9:71:27:b1:ff:9c:90:e0:00:16:80:e6:
                    63:c7:20:1d:c9:09:de:6e:ae:a1:b9:e7:03:9e:66:
                    27:90:08:90:9a:a5:92:ce:28:27:7a:16:4a:fa:ad:
                    d3:7c:51:bf:98:ac:d0:d0:5c:5b:7f:f5:82:47:b4:
                    c8:b1:86:2d:b5:6f:f8:f7:c4:4c:e2:fa:dc:77:35:
                    b4:d7:84:c6:86:02:04:97:92:b0:11:1a:41:12:0b:
                    f1:c1:da:90:af:df:13:7f:05:72:12:f8:8a:04:ef:
                    b0:3a:6c:99:fe:82:d1:c3:27:e6:15:74:80:d7:b9:
                    dc:14:59:fa:66:6a:03:55:31:98:52:70:3a:b7:f0:
                    22:d2:b5:88:3e:dd:91:8f:d0:1f:06:a3:41:00:ba:
                    a1:a6:a9:c1:a9:07:05:31:c8:2c:16:84:65:8e:ab:
                    7d:4c:57:ac:d0:4f:00:58:33:6b:57:85:7e:5c:c3:
                    d9:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D7:8D:99:4A:C2:F4:52:B6:47:DA:2F:45:A0:E4:A3:4C:F2:48:74
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/MteNmUrC9FK2R9ovRaDko0zySHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.164.0/24
                  185.255.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:3d:27:c6:07:ec:8a:5a:8c:19:f2:42:84:21:16:f1:46:70:
         ee:e4:92:9a:2c:99:1f:23:12:66:06:83:1e:70:1d:a1:10:a6:
         c6:96:bd:c8:68:03:5a:cc:49:fc:42:05:c9:04:32:8e:df:c8:
         b3:ad:77:c4:d7:92:c9:aa:74:36:88:1e:11:3b:62:47:2e:03:
         62:05:c5:f0:bd:c7:0e:8f:b6:e7:23:c9:d6:c4:45:dd:c9:53:
         27:7d:d1:6f:63:c2:20:be:b8:cf:7c:ff:97:b0:5e:96:61:a2:
         49:da:99:cc:91:58:d5:7b:c3:54:8f:ae:26:23:1e:58:7e:ef:
         fc:18:0b:71:8c:9a:f5:ee:e6:e2:40:86:b1:4f:91:24:be:8f:
         b8:1c:70:2f:8d:c1:b1:c6:58:c4:5a:c4:f8:8e:7b:d7:53:2c:
         b9:b1:13:01:4c:8a:bc:f9:27:ba:d0:b0:90:ed:6b:fb:c7:f5:
         d5:2d:c9:db:08:3b:77:28:18:44:ac:65:36:e1:5f:4f:1f:5b:
         ab:f7:59:35:0f:28:d1:eb:36:bc:7e:fa:2c:2e:36:fe:c7:52:
         f7:9d:71:a7:09:63:8a:48:3f:2b:93:46:d0:3e:76:7a:da:14:
         af:4c:6d:ab:6c:b5:1f:16:db:0f:e8:ce:4f:c9:25:e6:cb:bb:
         17:75:0c:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlNPLVbbxL4HEbkXED6Gfs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjMwNzEzMDMxMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ3OGQ5OTRhYzJmNDUyYjY0N2RhMmY0NWEwZTRhMzRjZjI0ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSQfW9rEDB6m+BAeMew+Rzs0jRMe
l6EbNaV5sAZbokL4ITLs4hQaGNOpmptVZBsjxGdDREnWjD7KI7+RhrCKyJFTGpUh
Pv2uO1Oamiy5cSex/5yQ4AAWgOZjxyAdyQnebq6huecDnmYnkAiQmqWSzignehZK
+q3TfFG/mKzQ0Fxbf/WCR7TIsYYttW/498RM4vrcdzW014TGhgIEl5KwERpBEgvx
wdqQr98TfwVyEviKBO+wOmyZ/oLRwyfmFXSA17ncFFn6ZmoDVTGYUnA6t/Ai0rWI
Pt2Rj9AfBqNBALqhpqnBqQcFMcgsFoRljqt9TFes0E8AWDNrV4V+XMPZawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDLXjZlKwvRStkfaL0Wg5KNM8kh0MB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvTXRlTm1VckM5RksyUjlvdlJhRGtvMHp5U0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyukAwQA
uf8EMA0GCSqGSIb3DQEBCwUAA4IBAQBxPSfGB+yKWowZ8kKEIRbxRnDu5JKaLJkf
IxJmBoMecB2hEKbGlr3IaANazEn8QgXJBDKO38izrXfE15LJqnQ2iB4RO2JHLgNi
BcXwvccOj7bnI8nWxEXdyVMnfdFvY8IgvrjPfP+XsF6WYaJJ2pnMkVjVe8NUj64m
Ix5Yfu/8GAtxjJr17ubiQIaxT5Ekvo+4HHAvjcGxxljEWsT4jnvXUyy5sRMBTIq8
+Se60LCQ7Wv7x/XVLcnbCDt3KBhErGU24V9PH1ur91k1DyjR6za8fvosLjb+x1L3
nXGnCWOKSD8rk0bQPnZ62hSvTG2rbLUfFtsP6M5PySXmy7sXdQyB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org