Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/nmmLP9zHjF_eGRQhjIgD_vWPgyM.roa
File:                     nmmLP9zHjF_eGRQhjIgD_vWPgyM.roa (raw, json)
Hash identifier:          iIiYH9CMEy8EGquyFuudpsrhMwbaFU2m8ZRi+3s9qYA=
Subject key identifier:   9E:69:8B:3F:DC:C7:8C:5F:DE:19:14:21:8C:88:03:FE:F5:8F:83:23
Certificate issuer:       /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial:       018DFB2B3128C1DBA17EB90D19984A2720E4
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/nmmLP9zHjF_eGRQhjIgD_vWPgyM.roa
Signing time:             Fri 01 Mar 2024 17:58:48 +0000
ROA not before:           Fri 01 Mar 2024 17:58:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56582
IP address blocks:        31.169.64.0/24 maxlen: 24
                          31.169.65.0/24 maxlen: 24
                          31.169.66.0/24 maxlen: 24
                          31.169.67.0/24 maxlen: 24
                          31.169.69.0/24 maxlen: 24
                          31.169.70.0/24 maxlen: 24
                          31.169.71.0/24 maxlen: 24
                          31.169.72.0/24 maxlen: 24
                          31.169.74.0/24 maxlen: 24
                          31.169.76.0/24 maxlen: 24
                          31.169.77.0/24 maxlen: 24
                          31.169.78.0/24 maxlen: 24
                          31.169.81.0/24 maxlen: 24
                          31.169.82.0/24 maxlen: 24
                          31.169.84.0/24 maxlen: 24
                          31.169.88.0/24 maxlen: 24
                          31.169.92.0/24 maxlen: 24
                          31.169.93.0/24 maxlen: 24
                          31.169.94.0/24 maxlen: 24
                          31.169.95.0/24 maxlen: 24
                          185.33.63.0/24 maxlen: 24
                          2a00:5740::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 16 Mar 2024 18:18:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:fb:2b:31:28:c1:db:a1:7e:b9:0d:19:98:4a:27:20:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
        Validity
            Not Before: Mar  1 17:58:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9e698b3fdcc78c5fde1914218c8803fef58f8323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:c2:98:05:a4:eb:f0:94:f4:6d:f8:22:9b:e1:
                    93:a9:ee:b8:4e:f2:52:65:dc:0e:eb:bc:f6:f7:4a:
                    f0:56:dd:d9:40:09:88:1f:80:83:1b:88:a2:7b:37:
                    22:6e:1c:0f:54:91:2c:26:09:47:f6:ce:29:fa:8c:
                    7f:8b:d0:3d:f6:a7:09:95:8a:45:4e:7d:ea:a3:4d:
                    ff:81:57:f6:eb:e8:f9:a8:cd:8f:3d:c0:00:f6:90:
                    ee:88:d2:75:f7:61:bd:06:9b:1b:13:58:35:46:09:
                    1b:49:d7:44:52:24:f9:c6:02:04:f4:02:eb:66:fd:
                    75:b3:66:b1:c2:13:a4:b4:66:0f:5c:66:7a:20:ed:
                    b1:8b:95:ed:fe:dc:78:00:57:96:bd:ae:9a:39:ba:
                    5d:7f:9c:e8:4e:12:2c:b8:de:f5:e1:54:f1:bd:b4:
                    3f:72:b5:db:bc:6e:99:92:3e:0f:93:4d:d9:f5:f8:
                    a0:66:0d:99:84:24:77:e5:65:3f:ef:d2:24:f5:31:
                    1e:c9:c6:9d:5e:e6:d0:f4:92:68:ef:dd:00:db:75:
                    04:b8:54:c0:d7:29:49:c8:87:02:a1:fa:e1:98:a2:
                    4c:17:c9:d7:cf:c4:08:6c:6d:c6:00:16:20:b2:7b:
                    ef:6c:cc:63:77:e9:02:56:e0:f3:6e:6b:4e:bd:ba:
                    5f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:69:8B:3F:DC:C7:8C:5F:DE:19:14:21:8C:88:03:FE:F5:8F:83:23
            X509v3 Authority Key Identifier:
                keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/nmmLP9zHjF_eGRQhjIgD_vWPgyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.169.64.0/22
                  31.169.69.0-31.169.72.255
                  31.169.74.0/24
                  31.169.76.0-31.169.78.255
                  31.169.81.0-31.169.82.255
                  31.169.84.0/24
                  31.169.88.0/24
                  31.169.92.0/22
                  185.33.63.0/24
                IPv6:
                  2a00:5740::/29

    Signature Algorithm: sha256WithRSAEncryption
         55:2d:7d:1f:c1:c5:30:41:8a:f4:50:a7:d4:8f:a3:08:8e:a2:
         fc:3c:55:31:49:d7:8e:62:d2:9a:4e:7a:ca:d0:76:58:10:62:
         0c:03:18:8f:c7:24:dd:36:b7:e4:f6:9f:d9:2b:9a:1a:c5:f0:
         99:2c:f2:29:74:0d:32:4c:26:1b:4d:87:a3:d5:5d:81:94:26:
         a7:d4:1c:90:c7:ac:f1:f5:82:c7:36:1b:2a:e0:0f:37:b1:ec:
         02:4c:4b:cb:40:bc:2f:dc:fc:ea:29:12:9b:63:93:ab:c4:b9:
         20:41:f4:2d:ea:4c:11:ed:ca:30:e4:f1:87:93:06:82:f2:99:
         02:7e:f5:16:9b:af:b6:ab:f8:17:fe:24:02:60:91:30:d2:d3:
         d3:aa:73:1c:2b:96:04:99:28:50:d8:8a:52:17:04:20:7a:0d:
         2b:d4:d5:02:de:88:ac:46:ad:36:be:a7:ac:fc:95:41:39:1a:
         95:30:a2:8e:4e:4c:53:40:3c:ae:fc:fd:17:b0:70:4b:2b:33:
         e4:50:e0:df:da:5a:93:97:bb:7b:91:40:94:5e:a4:f0:03:f3:
         a4:f9:92:c8:57:f4:4f:19:39:f4:ee:ab:99:5a:a5:12:94:d2:
         76:2b:1b:83:bc:6c:45:08:a6:93:b6:d9:ac:23:74:eb:55:e8:
         dd:5b:cc:8e
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAY37KzEowduhfrkNGZhKJyDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMzAxMTc1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY5OGIzZmRjYzc4YzVmZGUxOTE0MjE4Yzg4MDNmZWY1OGY4MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8KYBaTr8JT0bfgim+GTqe64TvJS
ZdwO67z290rwVt3ZQAmIH4CDG4iiezcibhwPVJEsJglH9s4p+ox/i9A99qcJlYpF
Tn3qo03/gVf26+j5qM2PPcAA9pDuiNJ192G9BpsbE1g1RgkbSddEUiT5xgIE9ALr
Zv11s2axwhOktGYPXGZ6IO2xi5Xt/tx4AFeWva6aObpdf5zoThIsuN714VTxvbQ/
crXbvG6Zkj4Pk03Z9figZg2ZhCR35WU/79Ik9TEeycadXubQ9JJo790A23UEuFTA
1ylJyIcCofrhmKJMF8nXz8QIbG3GABYgsnvvbMxjd+kCVuDzbmtOvbpfRwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFJ5piz/cx4xf3hkUIYyIA/71j4MjMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvbm1tTFA5ekhqRl9lR1JRaGpJZ0RfdldQZ3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUowDAMEAh+pTAMEAB+pTjAMAwQAH6lRAwQAH6lSAwQA
H6lUAwQAH6lYAwQCH6lcAwQAuSE/MA0EAgACMAcDBQMqAFdAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVLX0fwcUwQYr0UKfUj6MIjqL8PFUxSdeOYtKaTnrK0HZYEGIMAxiP
xyTdNrfk9p/ZK5oaxfCZLPIpdA0yTCYbTYej1V2BlCan1ByQx6zx9YLHNhsq4A83
sewCTEvLQLwv3PzqKRKbY5OrxLkgQfQt6kwR7cow5PGHkwaC8pkCfvUWm6+2q/gX
/iQCYJEw0tPTqnMcK5YEmShQ2IpSFwQgeg0r1NUC3oisRq02vqes/JVBORqVMKKO
TkxTQDyu/P0XsHBLKzPkUODf2lqTl7t7kUCUXqTwA/Ok+ZLIV/RPGTn07quZWqUS
lNJ2KxuDvGxFCKaTttmsI3TrVejdW8yO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:47 2024 by rpki-client on console-ams.rpki-client.org