Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/KrZvcIn1pQ8Ryu0fgu2vkzq0oPE.roa
File:                     KrZvcIn1pQ8Ryu0fgu2vkzq0oPE.roa (raw, json)
Hash identifier:          Mr9DGA2m9oRO9RuSXO9WAKuhXhPrj1u0L1ZoTKJuTbg=
Subject key identifier:   2A:B6:6F:70:89:F5:A5:0F:11:CA:ED:1F:82:ED:AF:93:3A:B4:A0:F1
Certificate issuer:       /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial:       01856DE64D5EA5AA8A872DA6AA228150508D
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/KrZvcIn1pQ8Ryu0fgu2vkzq0oPE.roa
Signing time:             Sun 01 Jan 2023 15:14:47 +0000
ROA not before:           Sun 01 Jan 2023 15:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210997
IP address blocks:        185.6.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:e6:4d:5e:a5:aa:8a:87:2d:a6:aa:22:81:50:50:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
        Validity
            Not Before: Jan  1 15:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ab66f7089f5a50f11caed1f82edaf933ab4a0f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:6b:27:30:56:18:fa:95:3a:be:a9:71:73:09:
                    2b:c0:ce:af:4a:60:52:7b:4c:6a:52:85:95:8b:b0:
                    52:3a:82:96:34:d9:14:c5:7e:4c:87:0c:9b:7c:5f:
                    26:a0:45:f3:77:af:a9:5a:8d:d8:6b:f8:69:a4:6a:
                    c3:ec:4f:6f:db:c8:0d:a0:5d:ce:58:05:91:9b:ec:
                    4b:a5:09:1d:4f:c8:b2:b0:de:19:d2:90:5e:77:9b:
                    bf:97:6d:06:9f:d6:77:c9:ed:72:38:ae:a6:38:8c:
                    ac:5b:38:ed:9f:9a:ea:88:b4:6a:7d:79:9a:8e:b2:
                    a2:43:d6:67:00:22:d0:29:24:1c:d0:73:14:c0:61:
                    8d:5a:56:71:f4:25:37:47:72:54:74:b6:25:1e:c7:
                    e9:ea:6f:ca:ab:a7:f6:73:dd:1e:59:7d:60:73:ce:
                    1d:b4:98:05:10:2a:36:22:d1:9a:3e:01:67:d0:83:
                    6c:4b:ef:1d:ad:72:d2:c6:02:c7:9d:26:a6:36:41:
                    3e:fe:0a:e8:0d:2e:c8:72:1d:5a:ee:51:ce:97:23:
                    c1:d7:d2:6a:71:39:76:75:43:ce:25:87:a2:25:1e:
                    31:62:dc:0d:20:a8:17:b2:e2:e3:c5:eb:38:c1:be:
                    95:3a:5e:30:20:9d:97:51:b1:6d:71:9e:4e:e8:2b:
                    8e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B6:6F:70:89:F5:A5:0F:11:CA:ED:1F:82:ED:AF:93:3A:B4:A0:F1
            X509v3 Authority Key Identifier:
                keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/KrZvcIn1pQ8Ryu0fgu2vkzq0oPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.6.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:dc:55:63:d2:6c:fd:31:8e:aa:5c:6a:c1:17:c4:bc:0a:3b:
         eb:7a:20:38:a2:cc:6b:67:97:e0:00:61:66:3a:ff:e7:72:d5:
         b8:65:da:59:c4:31:48:9d:b0:24:9d:c3:77:35:cd:64:5f:1a:
         e0:2b:a7:26:c1:8b:6c:ea:f3:5d:d1:f1:9f:40:a2:65:b3:40:
         55:24:74:de:37:a7:8d:99:8c:e6:2c:5c:d1:07:7c:a4:ad:6e:
         92:d9:b1:67:d1:52:95:2a:d2:14:a5:5e:ba:03:74:4c:d5:a7:
         0a:16:e9:56:ef:af:28:af:24:85:3d:3d:8f:21:d4:13:c7:bc:
         3a:b1:d2:10:12:9d:cb:6d:a3:60:38:9d:a3:eb:7b:a2:e7:fd:
         c9:70:86:4c:30:c3:c7:71:04:0b:85:59:b3:84:e8:0a:41:99:
         22:15:a4:f8:ed:3d:0a:9f:d7:9a:10:a7:c6:9e:b0:0c:01:dd:
         7e:0e:71:c3:7a:1e:e8:1c:6c:77:2f:61:7e:66:e4:da:5e:22:
         b0:22:ea:ef:d4:ab:a7:9a:53:06:cd:31:f5:eb:a9:a5:1e:4e:
         fb:73:58:bc:d5:4d:be:fa:18:18:48:ca:aa:f5:89:42:a9:73:
         5e:69:21:e7:21:11:58:35:13:a2:bf:e8:f9:1e:6c:7c:42:21:
         d0:c5:99:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5k1epaqKhy2mqiKBUFCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjMwMTAxMTUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI2NmY3MDg5ZjVhNTBmMTFjYWVkMWY4MmVkYWY5MzNhYjRhMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmsnMFYY+pU6vqlxcwkrwM6vSmBS
e0xqUoWVi7BSOoKWNNkUxX5MhwybfF8moEXzd6+pWo3Ya/hppGrD7E9v28gNoF3O
WAWRm+xLpQkdT8iysN4Z0pBed5u/l20Gn9Z3ye1yOK6mOIysWzjtn5rqiLRqfXma
jrKiQ9ZnACLQKSQc0HMUwGGNWlZx9CU3R3JUdLYlHsfp6m/Kq6f2c90eWX1gc84d
tJgFECo2ItGaPgFn0INsS+8drXLSxgLHnSamNkE+/groDS7Ich1a7lHOlyPB19Jq
cTl2dUPOJYeiJR4xYtwNIKgXsuLjxes4wb6VOl4wIJ2XUbFtcZ5O6CuO3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq2b3CJ9aUPEcrtH4Ltr5M6tKDxMB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvS3JadmNJbjFwUThSeXUwZmd1MnZrenEwb1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQYfMA0G
CSqGSIb3DQEBCwUAA4IBAQAq3FVj0mz9MY6qXGrBF8S8CjvreiA4osxrZ5fgAGFm
Ov/nctW4ZdpZxDFInbAkncN3Nc1kXxrgK6cmwYts6vNd0fGfQKJls0BVJHTeN6eN
mYzmLFzRB3ykrW6S2bFn0VKVKtIUpV66A3RM1acKFulW768orySFPT2PIdQTx7w6
sdIQEp3LbaNgOJ2j63ui5/3JcIZMMMPHcQQLhVmzhOgKQZkiFaT47T0Kn9eaEKfG
nrAMAd1+DnHDeh7oHGx3L2F+ZuTaXiKwIurv1KunmlMGzTH166mlHk77c1i81U2+
+hgYSMqq9YlCqXNeaSHnIRFYNROiv+j5Hmx8QiHQxZmT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:09 2024 by rpki-client on console-ams.rpki-client.org