Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/KtEzaB3dwCzDJ3kT6wp6pe--Nmw.roa
File:                     KtEzaB3dwCzDJ3kT6wp6pe--Nmw.roa (raw, json)
Hash identifier:          jVJenKiunC1tNPWfR06lt+gqaW/m0TWSt12iAtBWFzw=
Subject key identifier:   2A:D1:33:68:1D:DD:C0:2C:C3:27:79:13:EB:0A:7A:A5:EF:BE:36:6C
Certificate issuer:       /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial:       018DE595FD1D13ABF96DA8B4E4222A85A9B1
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/KtEzaB3dwCzDJ3kT6wp6pe--Nmw.roa
Signing time:             Mon 26 Feb 2024 13:23:48 +0000
ROA not before:           Mon 26 Feb 2024 13:23:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208972
IP address blocks:        31.169.82.0/24 maxlen: 24
                          31.169.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 17:58:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:e5:95:fd:1d:13:ab:f9:6d:a8:b4:e4:22:2a:85:a9:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
        Validity
            Not Before: Feb 26 13:23:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2ad133681dddc02cc3277913eb0a7aa5efbe366c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f3:f9:29:0a:d6:ae:04:36:86:ba:87:5a:e6:
                    c0:be:25:d4:0c:80:ba:42:ee:6d:0a:b9:69:50:65:
                    e3:38:0e:34:3f:47:27:74:16:d0:a5:b8:5e:7f:e2:
                    6e:e3:8c:60:ff:a5:c4:7b:4b:25:58:57:71:e7:17:
                    10:26:98:2d:9a:72:db:d8:e0:43:a8:09:0c:b8:61:
                    9c:f0:29:77:3b:70:01:27:f0:89:8a:19:92:12:26:
                    a7:fd:41:31:d9:28:7f:3e:99:ef:8c:ee:33:76:da:
                    b2:f9:a4:ba:78:6a:02:43:2a:41:f4:72:3b:2e:c4:
                    66:28:1c:8a:31:7b:83:0c:28:c9:4f:08:85:f1:f0:
                    e0:0a:db:85:2d:96:f7:82:b0:d3:6c:32:19:03:2f:
                    21:7e:1a:d1:7f:ef:54:9c:22:e4:a1:f6:16:c9:6b:
                    b4:78:a7:57:23:42:37:79:2b:c9:61:63:54:89:c9:
                    06:e2:fa:ac:0b:fd:dc:43:55:fc:5d:33:53:79:9d:
                    b0:d9:a0:21:8f:2a:56:19:62:9c:5d:ed:6f:47:75:
                    b6:72:80:46:ec:bc:ae:ab:e0:13:f4:11:42:e1:39:
                    ab:cf:87:53:4d:c1:ba:d9:19:be:8d:14:6b:e2:8c:
                    5a:93:95:90:85:2d:5e:7f:24:f9:b0:f6:1c:c5:f0:
                    3b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:D1:33:68:1D:DD:C0:2C:C3:27:79:13:EB:0A:7A:A5:EF:BE:36:6C
            X509v3 Authority Key Identifier:
                keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/KtEzaB3dwCzDJ3kT6wp6pe--Nmw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.169.82.0/24
                  31.169.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:10:57:6f:80:a8:77:86:3b:60:53:5e:d4:ca:2e:c8:1b:1d:
         54:fe:cc:02:14:14:b8:45:f3:35:f9:42:0e:aa:f7:3f:ea:95:
         01:3d:73:b2:a6:49:44:35:42:de:31:86:53:88:f6:06:f6:fb:
         95:9c:bc:bb:3a:04:57:e1:76:4c:57:3b:89:58:63:fd:fa:20:
         09:9f:8f:c2:cf:a4:b7:c1:d9:d4:d1:ce:99:c1:1d:59:27:50:
         44:a7:ce:12:28:46:db:45:81:95:e4:4d:69:c6:76:ed:88:cc:
         a4:aa:45:2c:22:71:aa:33:c2:b6:87:55:77:3d:55:91:62:d2:
         96:c0:a6:55:ef:b2:7d:b3:11:b4:24:91:79:cb:93:6a:79:7c:
         15:a5:a1:26:da:9b:a2:ec:f1:c3:7d:16:56:05:48:d2:bb:0b:
         0a:37:82:82:08:25:28:d4:f7:9d:b8:98:4b:15:a6:68:17:22:
         36:ec:c0:14:78:d1:14:eb:34:26:c8:1c:bc:03:ff:9e:8e:f4:
         f6:9f:6a:ee:b9:ea:39:8f:5d:dc:52:7b:64:05:eb:4f:4c:cc:
         a2:e6:83:23:e7:02:68:df:4c:ef:7d:37:79:1f:69:7c:e0:ef:
         56:a2:86:18:75:27:52:14:9f:3e:d6:b7:ed:f7:8c:f4:0f:07:
         58:bf:81:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3llf0dE6v5bai05CIqhamxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMjI2MTMyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQxMzM2ODFkZGRjMDJjYzMyNzc5MTNlYjBhN2FhNWVmYmUzNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fP5KQrWrgQ2hrqHWubAviXUDIC6
Qu5tCrlpUGXjOA40P0cndBbQpbhef+Ju44xg/6XEe0slWFdx5xcQJpgtmnLb2OBD
qAkMuGGc8Cl3O3ABJ/CJihmSEian/UEx2Sh/PpnvjO4zdtqy+aS6eGoCQypB9HI7
LsRmKByKMXuDDCjJTwiF8fDgCtuFLZb3grDTbDIZAy8hfhrRf+9UnCLkofYWyWu0
eKdXI0I3eSvJYWNUickG4vqsC/3cQ1X8XTNTeZ2w2aAhjypWGWKcXe1vR3W2coBG
7Lyuq+AT9BFC4Tmrz4dTTcG62Rm+jRRr4oxak5WQhS1efyT5sPYcxfA73QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCrRM2gd3cAswyd5E+sKeqXvvjZsMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvS3RFemFCM2R3Q3pESjNrVDZ3cDZwZS0tTm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH6lSAwQA
H6laMA0GCSqGSIb3DQEBCwUAA4IBAQC7EFdvgKh3hjtgU17Uyi7IGx1U/swCFBS4
RfM1+UIOqvc/6pUBPXOypklENULeMYZTiPYG9vuVnLy7OgRX4XZMVzuJWGP9+iAJ
n4/Cz6S3wdnU0c6ZwR1ZJ1BEp84SKEbbRYGV5E1pxnbtiMykqkUsInGqM8K2h1V3
PVWRYtKWwKZV77J9sxG0JJF5y5NqeXwVpaEm2pui7PHDfRZWBUjSuwsKN4KCCCUo
1PeduJhLFaZoFyI27MAUeNEU6zQmyBy8A/+ejvT2n2ruueo5j13cUntkBetPTMyi
5oMj5wJo30zvfTd5H2l84O9WooYYdSdSFJ8+1rft94z0DwdYv4Gw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org