Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/qZsQVS5MqusKBMGrp3qv449UizE.roa
File:                     qZsQVS5MqusKBMGrp3qv449UizE.roa (raw, json)
Hash identifier:          ARq+F2YINFbTgh0joh1lr65kEP7+30Mwt3ni8UhvUjs=
Subject key identifier:   A9:9B:10:55:2E:4C:AA:EB:0A:04:C1:AB:A7:7A:AF:E3:8F:54:8B:31
Certificate issuer:       /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial:       018B0414F4A26CD3D5D0B9AAD6171235F2A5
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/qZsQVS5MqusKBMGrp3qv449UizE.roa
Signing time:             Fri 06 Oct 2023 08:22:44 +0000
ROA not before:           Fri 06 Oct 2023 08:22:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208972
IP address blocks:        31.169.84.0/24 maxlen: 24
                          31.169.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Dec 2023 19:58:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:04:14:f4:a2:6c:d3:d5:d0:b9:aa:d6:17:12:35:f2:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
        Validity
            Not Before: Oct  6 08:22:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a99b10552e4caaeb0a04c1aba77aafe38f548b31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:81:6d:28:d6:40:b3:91:4e:93:4d:20:31:11:
                    bb:3a:34:33:2b:8d:0e:2c:f6:23:e6:42:27:7f:33:
                    a1:51:d4:3e:1e:16:c4:d9:9e:3f:70:38:a4:94:f9:
                    36:e7:8c:31:b1:a8:98:c0:13:22:93:70:8c:fa:6c:
                    71:fa:c9:17:76:54:e8:46:6a:6c:64:7e:5c:46:83:
                    b9:8d:eb:e8:ec:5b:62:a2:a2:a0:05:18:39:29:3a:
                    3d:af:49:cc:7d:f6:d1:1e:54:55:8b:df:a6:73:cf:
                    bc:05:e3:85:69:9f:30:36:91:72:9b:db:c5:0a:7c:
                    41:da:85:c5:96:8f:3f:52:3c:43:f5:13:6d:2c:e0:
                    1a:c6:4c:85:4b:55:d0:17:63:5e:59:c5:4c:c8:a0:
                    66:de:fa:aa:df:be:05:f2:c4:75:c4:7e:4b:2c:07:
                    18:9d:13:32:7d:7b:8e:6e:e1:24:41:28:d1:94:08:
                    8c:c2:5b:f8:4b:69:b7:27:12:ac:f0:54:8a:13:ae:
                    76:2b:f2:b2:1a:22:02:d4:cd:d0:8b:7d:10:b5:b6:
                    1c:c1:69:c1:c8:7e:28:63:99:b4:96:69:a2:a3:58:
                    0f:3f:6c:13:f7:c0:fb:95:45:7e:f2:26:51:0f:28:
                    57:b6:0c:70:ea:da:6c:29:be:49:e8:f4:10:98:9d:
                    b6:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:9B:10:55:2E:4C:AA:EB:0A:04:C1:AB:A7:7A:AF:E3:8F:54:8B:31
            X509v3 Authority Key Identifier:
                keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/qZsQVS5MqusKBMGrp3qv449UizE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.169.84.0/24
                  31.169.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:89:9e:a1:f6:d6:bb:23:fd:54:01:7e:f1:31:eb:a1:f3:eb:
         6c:fa:b2:75:5e:da:cd:a5:d7:54:72:36:7e:6e:14:77:79:2a:
         8b:7e:06:d6:18:0f:6f:5c:66:9e:7f:91:3b:cb:c8:07:d3:2b:
         9e:2b:57:80:76:d2:5f:ce:04:67:15:0f:ca:fb:24:9e:58:e7:
         c9:dd:43:07:35:05:a7:13:c6:77:b5:1e:20:44:b3:6a:72:b0:
         82:94:2d:34:83:e0:7c:14:a8:19:35:78:97:99:42:db:af:df:
         df:bc:80:93:18:05:f4:6e:68:da:00:3e:da:95:00:9c:64:70:
         df:18:f8:e0:72:a3:c7:e9:3a:50:6e:12:23:8b:88:68:c3:c5:
         cc:2a:61:f6:85:bd:61:4b:89:ff:59:7b:c0:48:63:0f:07:11:
         da:e0:29:e7:87:50:fd:a2:a9:58:e9:fd:d3:28:59:1c:4f:e0:
         09:be:73:73:f4:d6:06:c0:72:9f:02:89:4e:24:5a:1e:59:24:
         69:7d:da:09:87:e9:24:25:58:50:02:76:7c:e8:91:ac:04:60:
         6d:1f:11:a4:3a:53:8b:be:dc:a0:41:d9:cc:bd:f3:e4:7b:c3:
         f6:9c:e0:44:30:66:61:8b:84:55:a2:fe:d5:a0:4d:36:09:81:
         cd:28:85:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsEFPSibNPV0Lmq1hcSNfKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMxMDA2MDgyMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTliMTA1NTJlNGNhYWViMGEwNGMxYWJhNzdhYWZlMzhmNTQ4YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4FtKNZAs5FOk00gMRG7OjQzK40O
LPYj5kInfzOhUdQ+HhbE2Z4/cDiklPk254wxsaiYwBMik3CM+mxx+skXdlToRmps
ZH5cRoO5jevo7FtioqKgBRg5KTo9r0nMffbRHlRVi9+mc8+8BeOFaZ8wNpFym9vF
CnxB2oXFlo8/UjxD9RNtLOAaxkyFS1XQF2NeWcVMyKBm3vqq374F8sR1xH5LLAcY
nRMyfXuObuEkQSjRlAiMwlv4S2m3JxKs8FSKE652K/KyGiIC1M3Qi30QtbYcwWnB
yH4oY5m0lmmio1gPP2wT98D7lUV+8iZRDyhXtgxw6tpsKb5J6PQQmJ22JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKmbEFUuTKrrCgTBq6d6r+OPVIsxMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvcVpzUVZTNU1xdXNLQk1HcnAzcXY0NDlVaXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH6lUAwQA
H6laMA0GCSqGSIb3DQEBCwUAA4IBAQANiZ6h9ta7I/1UAX7xMeuh8+ts+rJ1XtrN
pddUcjZ+bhR3eSqLfgbWGA9vXGaef5E7y8gH0yueK1eAdtJfzgRnFQ/K+ySeWOfJ
3UMHNQWnE8Z3tR4gRLNqcrCClC00g+B8FKgZNXiXmULbr9/fvICTGAX0bmjaAD7a
lQCcZHDfGPjgcqPH6TpQbhIji4how8XMKmH2hb1hS4n/WXvASGMPBxHa4Cnnh1D9
oqlY6f3TKFkcT+AJvnNz9NYGwHKfAolOJFoeWSRpfdoJh+kkJVhQAnZ86JGsBGBt
HxGkOlOLvtygQdnMvfPke8P2nOBEMGZhi4RVov7VoE02CYHNKIVJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org