Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa
File:                     PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa (raw, json)
Hash identifier:          CkjBBkPKcS8h5fGsrsrYyXxa64LO5CvzrJupg5ATdYs=
Subject key identifier:   3E:31:B1:93:04:F8:E0:03:A3:BF:C9:D5:B8:9A:AF:A3:E6:74:51:74
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018EB95A1BF81DD20F61F53C4357B1FA2671
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa
Signing time:             Sun 07 Apr 2024 16:17:54 +0000
ROA not before:           Sun 07 Apr 2024 16:17:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7922
IP address blocks:        31.132.53.0/24 maxlen: 24
                          103.130.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 18:49:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b9:5a:1b:f8:1d:d2:0f:61:f5:3c:43:57:b1:fa:26:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Apr  7 16:17:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3e31b19304f8e003a3bfc9d5b89aafa3e6745174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:77:25:00:22:0c:50:42:8e:86:45:28:bb:7b:
                    47:0c:11:4f:01:2d:65:01:10:10:ec:3c:2c:1c:88:
                    30:d1:ab:48:b2:f7:8e:1d:40:82:58:df:a9:00:78:
                    7d:f2:b5:20:d0:1d:04:ed:72:4a:79:18:bd:ac:aa:
                    dc:37:48:3c:c5:1c:52:77:2b:54:fe:99:8f:0f:0a:
                    15:76:1f:53:c6:46:35:b6:b1:4c:d6:94:62:d9:45:
                    72:2b:a6:bf:72:3d:75:ed:9e:b4:9f:f9:52:7b:a7:
                    a9:97:9a:cf:31:af:7c:42:5f:d3:89:c7:1a:78:4b:
                    e2:60:3c:21:88:14:06:b8:e4:a9:20:68:ee:b9:1e:
                    4a:56:43:f3:d9:7e:52:55:b0:3b:6c:29:5e:10:4b:
                    15:41:9a:fb:92:cf:3b:60:6a:f3:62:26:5a:80:70:
                    79:32:0d:fc:b7:45:7e:02:46:d1:86:e3:6e:12:dd:
                    5c:20:f8:2f:0d:24:6d:c8:2b:26:9c:f1:7a:9c:66:
                    84:55:f2:b4:9c:b8:f0:52:ba:b7:ff:0b:67:da:50:
                    57:e1:ac:2d:48:46:9c:0e:67:c7:73:7e:dc:f1:14:
                    f6:bd:77:ec:d5:9d:73:24:9b:23:54:7f:b1:d3:1d:
                    27:b8:e7:b4:96:06:5c:14:95:73:2a:e8:31:03:3b:
                    4a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:31:B1:93:04:F8:E0:03:A3:BF:C9:D5:B8:9A:AF:A3:E6:74:51:74
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.132.53.0/24
                  103.130.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:a2:41:59:58:42:4d:d2:8e:81:af:6f:c8:8a:1d:51:0e:3e:
         89:3f:2a:4b:2d:18:76:06:ef:60:63:00:42:27:33:b5:1a:db:
         63:dc:9a:74:52:ee:20:9c:35:8d:29:97:be:cb:9b:1e:3e:3f:
         be:ab:f0:14:90:cb:a6:35:90:ca:e1:6b:db:26:57:b3:a1:be:
         a0:06:d8:40:2d:9d:01:a1:6f:54:e5:fe:fd:24:3a:1b:b2:52:
         50:7f:74:42:91:df:96:4f:42:b3:8c:8d:50:66:2a:7a:14:0d:
         f0:8b:10:0c:c5:e5:32:90:52:e4:87:b4:3b:b3:e2:17:c1:dc:
         38:c3:c2:c1:b0:88:aa:74:40:b5:33:99:c3:8a:a1:de:43:dc:
         80:e5:27:f5:c4:30:69:fe:2a:01:c7:ab:2f:82:c0:76:c2:43:
         aa:0f:8d:c6:b8:47:e5:99:7a:d9:4b:5f:29:0e:ca:35:df:9d:
         cc:a1:5d:23:ab:a9:a1:3b:24:c2:a0:4e:4d:31:65:24:9f:3b:
         f6:ce:fc:7e:1c:1c:87:a1:e3:0a:9c:94:95:99:1d:ee:55:9a:
         aa:fc:f0:ea:2f:32:2b:27:6c:8c:df:94:de:0a:b8:8d:57:7e:
         6b:27:82:f1:cf:94:5d:0b:81:d7:aa:8d:fb:40:9b:f2:6f:13:
         fb:e6:1e:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY65Whv4HdIPYfU8Q1ex+iZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNDA3MTYxNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTMxYjE5MzA0ZjhlMDAzYTNiZmM5ZDViODlhYWZhM2U2NzQ1MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nclACIMUEKOhkUou3tHDBFPAS1l
ARAQ7DwsHIgw0atIsveOHUCCWN+pAHh98rUg0B0E7XJKeRi9rKrcN0g8xRxSdytU
/pmPDwoVdh9TxkY1trFM1pRi2UVyK6a/cj117Z60n/lSe6epl5rPMa98Ql/Ticca
eEviYDwhiBQGuOSpIGjuuR5KVkPz2X5SVbA7bCleEEsVQZr7ks87YGrzYiZagHB5
Mg38t0V+AkbRhuNuEt1cIPgvDSRtyCsmnPF6nGaEVfK0nLjwUrq3/wtn2lBX4awt
SEacDmfHc37c8RT2vXfs1Z1zJJsjVH+x0x0nuOe0lgZcFJVzKugxAztKvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD4xsZME+OADo7/J1biar6PmdFF0MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUGpHeGt3VDQ0QU9qdjhuVnVKcXZvLVowVVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH4Q1AwQA
Z4KyMA0GCSqGSIb3DQEBCwUAA4IBAQB9okFZWEJN0o6Br2/Iih1RDj6JPypLLRh2
Bu9gYwBCJzO1Gttj3Jp0Uu4gnDWNKZe+y5sePj++q/AUkMumNZDK4WvbJlezob6g
BthALZ0BoW9U5f79JDobslJQf3RCkd+WT0KzjI1QZip6FA3wixAMxeUykFLkh7Q7
s+IXwdw4w8LBsIiqdEC1M5nDiqHeQ9yA5Sf1xDBp/ioBx6svgsB2wkOqD43GuEfl
mXrZS18pDso1353MoV0jq6mhOyTCoE5NMWUknzv2zvx+HByHoeMKnJSVmR3uVZqq
/PDqLzIrJ2yM35TeCriNV35rJ4Lxz5RdC4HXqo37QJvybxP75h65
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org