Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f841d9-5505-4e3d-a2ff-f7c1899cd7fa/1/fqOkwfz-Kau9-rpwzI4S44rg1lE.roa
File:                     fqOkwfz-Kau9-rpwzI4S44rg1lE.roa (raw, json)
Hash identifier:          JuIFAosTIvX7YxISTviF5bHCzlsvjrrHwJsfwxG71Y8=
Subject key identifier:   7E:A3:A4:C1:FC:FE:29:AB:BD:FA:BA:70:CC:8E:12:E3:8A:E0:D6:51
Certificate issuer:       /CN=cb45b6e12516a0fd5ebabe7a7811082f3a746397
Certificate serial:       01856F14C28BBE21B49C1D27397AA6313771
Authority key identifier: CB:45:B6:E1:25:16:A0:FD:5E:BA:BE:7A:78:11:08:2F:3A:74:63:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y0W24SUWoP1eur56eBEILzp0Y5c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/f841d9-5505-4e3d-a2ff-f7c1899cd7fa/1/fqOkwfz-Kau9-rpwzI4S44rg1lE.roa
Signing time:             Sun 01 Jan 2023 20:45:09 +0000
ROA not before:           Sun 01 Jan 2023 20:45:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56933
IP address blocks:        31.131.224.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:c2:8b:be:21:b4:9c:1d:27:39:7a:a6:31:37:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb45b6e12516a0fd5ebabe7a7811082f3a746397
        Validity
            Not Before: Jan  1 20:45:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ea3a4c1fcfe29abbdfaba70cc8e12e38ae0d651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d5:9d:9e:c0:e3:93:29:f9:5e:c6:2d:99:b0:
                    2a:3b:85:21:0c:2f:a6:a0:b6:15:87:d9:f7:11:6b:
                    f8:ee:22:a7:57:e6:d8:bf:05:a7:25:79:50:93:eb:
                    f0:ae:ee:43:81:50:f4:04:d3:c3:a4:79:0b:4e:08:
                    a6:4f:77:15:da:7d:1d:be:0c:d3:5b:f0:11:33:17:
                    0a:a5:0e:32:2c:a8:b3:7c:3f:b8:c1:83:6a:41:6a:
                    86:fb:81:34:b2:24:b6:b2:a2:3a:f7:65:6a:7b:b0:
                    02:53:95:45:e4:77:c4:25:ee:89:a3:8c:e2:0a:50:
                    22:1d:c0:4e:66:22:d2:06:34:7e:c8:98:79:20:49:
                    af:a4:47:e7:64:f8:b8:ca:6c:f6:04:0b:c2:dc:f3:
                    ad:6c:2e:66:72:a7:0d:26:44:69:f2:34:4a:e2:0b:
                    0d:94:4d:fd:de:d5:9d:56:7c:15:55:8c:97:f7:d1:
                    af:02:e9:dc:11:0e:06:3b:1f:a6:b4:a8:1d:a8:2d:
                    af:5a:89:43:4b:3d:ca:22:68:d5:ab:60:a0:92:ac:
                    88:91:94:ab:0a:93:e4:8e:74:1d:99:ec:f7:ab:62:
                    f0:e3:f5:df:70:f1:7c:50:60:31:75:d2:30:a0:dd:
                    d5:34:dc:83:5a:7a:26:21:5b:1b:8f:7b:c5:f7:fa:
                    1f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:A3:A4:C1:FC:FE:29:AB:BD:FA:BA:70:CC:8E:12:E3:8A:E0:D6:51
            X509v3 Authority Key Identifier:
                keyid:CB:45:B6:E1:25:16:A0:FD:5E:BA:BE:7A:78:11:08:2F:3A:74:63:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0W24SUWoP1eur56eBEILzp0Y5c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f841d9-5505-4e3d-a2ff-f7c1899cd7fa/1/fqOkwfz-Kau9-rpwzI4S44rg1lE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f841d9-5505-4e3d-a2ff-f7c1899cd7fa/1/y0W24SUWoP1eur56eBEILzp0Y5c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.131.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         80:21:f6:65:99:dd:b0:1c:54:aa:f8:83:d2:ec:02:9c:2f:2c:
         eb:a9:8f:f8:5f:b8:6f:75:cf:2e:d8:ea:00:8a:da:c1:fa:90:
         0d:4c:7c:3d:de:fc:7f:87:bc:7d:51:ac:95:03:61:20:94:40:
         d4:9a:62:e7:79:47:f4:e4:b6:2f:7d:d7:ff:1a:0e:14:14:a4:
         ab:68:82:53:c0:6a:d0:ff:23:fe:ea:53:6e:24:c3:00:1a:ea:
         07:b8:b5:74:b8:f8:82:a3:5e:ac:74:b1:cf:7d:05:07:3e:5d:
         d2:cf:ab:1b:39:31:6d:14:69:5e:9f:81:94:c8:0f:dd:d5:99:
         5f:70:9a:cf:1f:c3:3d:2c:d5:72:75:dd:ec:a2:3d:43:1e:0b:
         44:a5:45:50:72:0d:38:35:ab:e8:ad:87:de:41:a7:13:b1:79:
         d7:3c:37:a8:3b:85:12:65:92:e6:96:ea:6f:c9:a2:5a:3a:2c:
         d6:93:ad:d4:94:cf:3a:b7:cb:aa:99:cc:bf:9c:5d:03:ac:bf:
         58:0c:1b:01:f3:d2:5d:67:38:ba:6b:61:69:1e:37:9b:5b:c1:
         aa:49:7d:8c:6e:1f:64:ea:38:8f:cf:6c:19:16:7d:fd:e4:1b:
         03:dd:22:19:3c:1d:e9:7f:29:45:6d:ae:96:05:ea:2a:db:52:
         03:dc:78:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFMKLviG0nB0nOXqmMTdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNDViNmUxMjUxNmEwZmQ1ZWJhYmU3YTc4MTEwODJmM2E3
NDYzOTcwHhcNMjMwMTAxMjA0NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWEzYTRjMWZjZmUyOWFiYmRmYWJhNzBjYzhlMTJlMzhhZTBkNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NWdnsDjkyn5XsYtmbAqO4UhDC+m
oLYVh9n3EWv47iKnV+bYvwWnJXlQk+vwru5DgVD0BNPDpHkLTgimT3cV2n0dvgzT
W/ARMxcKpQ4yLKizfD+4wYNqQWqG+4E0siS2sqI692Vqe7ACU5VF5HfEJe6Jo4zi
ClAiHcBOZiLSBjR+yJh5IEmvpEfnZPi4ymz2BAvC3POtbC5mcqcNJkRp8jRK4gsN
lE393tWdVnwVVYyX99GvAuncEQ4GOx+mtKgdqC2vWolDSz3KImjVq2CgkqyIkZSr
CpPkjnQdmez3q2Lw4/XfcPF8UGAxddIwoN3VNNyDWnomIVsbj3vF9/ofJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6jpMH8/imrvfq6cMyOEuOK4NZRMB8GA1UdIwQY
MBaAFMtFtuElFqD9Xrq+engRCC86dGOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTBXMjRTVVdvUDFldXI1NmVCRUlMenAwWTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mODQxZDktNTUwNS00ZTNkLWEyZmYt
ZjdjMTg5OWNkN2ZhLzEvZnFPa3dmei1LYXU5LXJwd3pJNFM0NHJnMWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mODQxZDktNTUwNS00ZTNkLWEyZmYtZjdjMTg5OWNkN2Zh
LzEveTBXMjRTVVdvUDFldXI1NmVCRUlMenAwWTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4PgMA0G
CSqGSIb3DQEBCwUAA4IBAQCAIfZlmd2wHFSq+IPS7AKcLyzrqY/4X7hvdc8u2OoA
itrB+pANTHw93vx/h7x9UayVA2EglEDUmmLneUf05LYvfdf/Gg4UFKSraIJTwGrQ
/yP+6lNuJMMAGuoHuLV0uPiCo16sdLHPfQUHPl3Sz6sbOTFtFGlen4GUyA/d1Zlf
cJrPH8M9LNVydd3soj1DHgtEpUVQcg04NavorYfeQacTsXnXPDeoO4USZZLmlupv
yaJaOizWk63UlM86t8uqmcy/nF0DrL9YDBsB89JdZzi6a2FpHjebW8GqSX2Mbh9k
6jiPz2wZFn395BsD3SIZPB3pfylFba6WBeoq21ID3HiV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:10 2024 by rpki-client on console-fra.rpki-client.org