Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa
File:                     8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa (raw, json)
Hash identifier:          roDnDx2TeCS5WluNolcb65dfq0AjB5+nTxWlkzEoiiM=
Subject key identifier:   F1:05:0A:B0:09:D4:F8:DD:E0:30:13:75:BD:1E:51:7D:37:DA:E0:16
Certificate issuer:       /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial:       018CC727233FC4E25AC70728672D4D591941
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa
Signing time:             Mon 01 Jan 2024 22:31:19 +0000
ROA not before:           Mon 01 Jan 2024 22:31:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208972
IP address blocks:        31.169.84.0/24 maxlen: 24
                          31.169.82.0/24 maxlen: 24
                          31.169.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 13:23:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:23:3f:c4:e2:5a:c7:07:28:67:2d:4d:59:19:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
        Validity
            Not Before: Jan  1 22:31:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f1050ab009d4f8dde0301375bd1e517d37dae016
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:c9:c5:95:7f:a5:28:c3:f9:ad:b1:67:c3:00:
                    95:5f:bb:99:21:b8:c8:bc:1b:04:ca:79:be:1a:70:
                    bd:c4:5d:2a:55:ed:52:07:ae:45:b3:fc:e4:fa:74:
                    b3:c0:45:3a:95:ec:82:7c:b9:1a:11:d6:3b:0c:cf:
                    fe:9a:cd:2a:fd:3f:5b:51:20:e5:8e:fa:89:8a:68:
                    c4:99:e1:81:ae:05:64:cb:1d:57:38:e8:10:61:d8:
                    6e:cf:50:0c:d7:f1:7d:12:1c:86:4c:38:4e:fa:a5:
                    fb:25:45:16:d6:6c:e5:11:8c:7f:76:69:8c:9b:29:
                    2c:78:59:f9:f1:01:85:c4:ca:27:0f:c8:f6:a9:2b:
                    a2:25:f0:6f:82:f4:7b:fa:19:28:39:af:66:84:e6:
                    31:34:8e:51:b2:47:46:0c:0c:a4:40:08:3e:bf:b2:
                    a7:8b:56:b0:48:f7:6d:43:e7:93:3a:1f:2d:ab:34:
                    a9:f8:94:c5:3e:05:ab:1c:e7:25:7d:0a:b5:b0:be:
                    37:b5:5e:91:b4:cd:ca:60:e0:a6:f2:69:74:57:05:
                    2e:71:79:c4:e0:8b:4d:8b:53:06:29:9c:b5:24:e8:
                    eb:ed:8c:54:cf:46:a9:46:ca:aa:fa:6f:b7:aa:b5:
                    43:fb:2d:cd:28:7b:99:d9:ef:70:c0:85:89:4c:ed:
                    92:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:05:0A:B0:09:D4:F8:DD:E0:30:13:75:BD:1E:51:7D:37:DA:E0:16
            X509v3 Authority Key Identifier:
                keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.169.82.0/24
                  31.169.84.0/24
                  31.169.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:08:5f:d4:dc:ce:6e:94:89:3d:9f:22:68:63:e2:e6:b5:42:
         c1:15:3c:cf:c2:26:b0:56:e6:2c:80:37:e9:e4:78:67:bc:65:
         d4:74:12:5a:e9:8e:49:a8:da:5b:11:44:85:d6:fb:0d:6d:ad:
         13:a4:50:57:66:24:ba:e1:5b:ee:16:4d:db:20:eb:17:08:53:
         86:da:d6:2e:36:d9:f5:bb:2e:3f:98:bc:df:7b:10:2c:07:bb:
         e7:51:5d:88:df:47:89:d9:20:f0:4b:c7:02:78:a1:77:a6:ae:
         e6:1d:2c:5b:3b:ed:34:d2:db:eb:36:0e:a2:a0:aa:a7:3c:91:
         72:5c:c3:85:75:1b:09:43:e7:2c:65:d1:22:db:18:1e:70:6c:
         5b:18:e9:1e:b7:5c:92:51:ea:d0:36:b0:b2:92:6b:2a:df:34:
         5b:27:12:9c:56:95:95:59:bc:44:aa:67:ea:e6:ea:ca:d5:c4:
         ac:a3:f0:f5:1b:bb:b0:7b:30:b1:b1:bc:50:03:93:7b:4d:2a:
         40:18:44:ea:c0:eb:94:02:40:5c:90:8b:68:8e:b0:30:dd:b3:
         9b:d6:16:5e:f0:1c:a6:1a:5d:aa:0e:df:0c:ff:dd:a9:fc:10:
         56:78:02:9d:6e:90:f3:1b:83:05:65:da:9f:c7:45:95:11:3b:
         75:24:78:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJyM/xOJaxwcoZy1NWRlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTA1MGFiMDA5ZDRmOGRkZTAzMDEzNzViZDFlNTE3ZDM3ZGFlMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcnFlX+lKMP5rbFnwwCVX7uZIbjI
vBsEynm+GnC9xF0qVe1SB65Fs/zk+nSzwEU6leyCfLkaEdY7DM/+ms0q/T9bUSDl
jvqJimjEmeGBrgVkyx1XOOgQYdhuz1AM1/F9EhyGTDhO+qX7JUUW1mzlEYx/dmmM
mykseFn58QGFxMonD8j2qSuiJfBvgvR7+hkoOa9mhOYxNI5RskdGDAykQAg+v7Kn
i1awSPdtQ+eTOh8tqzSp+JTFPgWrHOclfQq1sL43tV6RtM3KYOCm8ml0VwUucXnE
4ItNi1MGKZy1JOjr7YxUz0apRsqq+m+3qrVD+y3NKHuZ2e9wwIWJTO2SYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPEFCrAJ1Pjd4DATdb0eUX032uAWMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvOFFVS3NBblUtTjNnTUJOMXZSNVJmVGZhNEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lSAwQA
H6lUAwQAH6laMA0GCSqGSIb3DQEBCwUAA4IBAQAeCF/U3M5ulIk9nyJoY+LmtULB
FTzPwiawVuYsgDfp5HhnvGXUdBJa6Y5JqNpbEUSF1vsNba0TpFBXZiS64VvuFk3b
IOsXCFOG2tYuNtn1uy4/mLzfexAsB7vnUV2I30eJ2SDwS8cCeKF3pq7mHSxbO+00
0tvrNg6ioKqnPJFyXMOFdRsJQ+csZdEi2xgecGxbGOket1ySUerQNrCykmsq3zRb
JxKcVpWVWbxEqmfq5urK1cSso/D1G7uwezCxsbxQA5N7TSpAGETqwOuUAkBckIto
jrAw3bOb1hZe8BymGl2qDt8M/92p/BBWeAKdbpDzG4MFZdqfx0WVETt1JHjL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:47 2024 by rpki-client on console-ams.rpki-client.org