Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/vBJT_24oTrr0n6oSGygM4dbDCzU.roa
File:                     vBJT_24oTrr0n6oSGygM4dbDCzU.roa (raw, json)
Hash identifier:          CTL0qVt85/7BLJUSg23qfcP1a1A0KLg5QeVbGuTGAL8=
Subject key identifier:   BC:12:53:FF:6E:28:4E:BA:F4:9F:AA:12:1B:28:0C:E1:D6:C3:0B:35
Certificate issuer:       /CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Certificate serial:       01856E66698867E8FD0BD77D5E169879C26C
Authority key identifier: 40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/vBJT_24oTrr0n6oSGygM4dbDCzU.roa
Signing time:             Sun 01 Jan 2023 17:34:43 +0000
ROA not before:           Sun 01 Jan 2023 17:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198436
IP address blocks:        37.72.54.0/24 maxlen: 24
                          37.72.55.0/24 maxlen: 24
                          37.72.56.0/24 maxlen: 24
                          37.72.57.0/24 maxlen: 24
                          37.72.58.0/24 maxlen: 24
                          37.72.52.0/24 maxlen: 24
                          37.72.53.0/24 maxlen: 24
                          37.72.61.0/24 maxlen: 24
                          37.72.62.0/24 maxlen: 24
                          37.72.63.0/24 maxlen: 24
                          37.72.59.0/24 maxlen: 24
                          37.72.60.0/24 maxlen: 24
                          37.72.48.0/24 maxlen: 24
                          37.72.49.0/24 maxlen: 24
                          37.72.50.0/24 maxlen: 24
                          37.72.51.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:69:88:67:e8:fd:0b:d7:7d:5e:16:98:79:c2:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
        Validity
            Not Before: Jan  1 17:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc1253ff6e284ebaf49faa121b280ce1d6c30b35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1b:ba:ac:bb:e6:51:17:66:e9:bb:a8:14:42:
                    83:bc:d7:7b:5f:7a:5c:c9:ea:a1:02:d2:16:52:56:
                    19:eb:55:2b:02:2f:9e:1b:81:e9:17:d4:7f:53:4b:
                    90:b5:7b:a1:b9:51:90:91:b4:76:31:6a:7a:e7:aa:
                    2e:eb:c9:b0:bf:99:09:27:45:83:8f:3e:1d:78:ad:
                    e5:07:13:4d:a7:e8:6e:1e:a9:37:85:58:23:2d:2d:
                    41:1d:6b:fa:a2:c0:60:d0:cd:dd:35:1c:d5:c0:83:
                    18:d0:f0:33:01:93:80:de:5c:c9:84:05:4a:a0:15:
                    29:b6:16:ab:4d:ca:38:22:4a:86:2a:e5:3b:83:d6:
                    b7:a5:76:f0:50:43:2c:ee:04:49:f1:a5:22:9f:c2:
                    81:8a:31:b9:31:b8:4f:36:97:1d:ef:a7:79:bf:81:
                    5a:70:f7:4e:11:16:65:33:3b:28:f8:b0:12:d1:60:
                    89:0c:2a:9c:54:f8:14:ee:30:95:0d:de:db:00:58:
                    4a:0a:47:76:df:ae:c1:5f:24:34:62:06:a3:e1:34:
                    3a:06:a8:29:7c:f6:a0:db:01:82:a4:c4:90:35:96:
                    5b:dc:03:29:21:71:5d:06:32:60:03:f1:e8:4d:7f:
                    fb:88:a2:b0:d8:82:74:2c:24:f0:41:6c:5a:c5:05:
                    46:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:12:53:FF:6E:28:4E:BA:F4:9F:AA:12:1B:28:0C:E1:D6:C3:0B:35
            X509v3 Authority Key Identifier:
                keyid:40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/vBJT_24oTrr0n6oSGygM4dbDCzU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/QOxdgqjrXZjOduYdr-UXZh_E5nU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.72.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0d:26:58:f5:de:c5:07:e1:9c:3b:b0:2b:e6:25:d2:19:9b:09:
         43:d7:bd:9b:c8:f3:c3:59:3b:f5:99:4a:94:83:64:98:5f:56:
         42:f7:bb:64:d0:61:2f:3e:d0:9a:35:84:70:ec:88:51:a7:f1:
         ec:8a:bc:a4:13:c7:fb:2f:ab:bd:52:ed:60:e0:b3:24:33:8b:
         50:5f:a2:64:c3:09:f1:22:41:11:43:c1:a2:8e:ca:87:08:32:
         3f:c8:96:ce:e5:5e:4c:3c:7c:13:a0:0e:d3:62:d3:7a:3c:e6:
         e2:4d:7a:0d:aa:7c:39:b1:66:81:cd:5a:32:2c:99:3f:ff:ce:
         af:9a:31:9d:16:e5:ab:a6:56:bc:7a:ae:cd:1d:11:08:d1:55:
         f1:be:5e:c2:1b:fb:66:1c:e7:24:52:4a:7f:b0:13:18:fa:74:
         2a:01:6d:79:34:70:0e:20:bf:ae:29:3d:6d:8b:98:aa:a7:2a:
         4d:e6:b9:0d:a1:5b:9d:29:ae:b6:76:ec:29:c5:35:9b:32:0f:
         b9:8a:4a:c9:d9:d0:0f:e2:48:68:b1:a1:b1:98:a0:a5:d8:ad:
         34:4c:43:fb:3a:f1:ce:80:0c:f5:fc:80:8d:75:6e:c5:57:54:
         01:b3:d3:d4:0f:d6:9b:e2:c1:4e:e2:31:ff:81:36:40:6f:9b:
         3d:84:1a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZmmIZ+j9C9d9XhaYecJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWM1ZDgyYThlYjVkOThjZTc2ZTYxZGFmZTUxNzY2MWZj
NGU2NzUwHhcNMjMwMTAxMTczNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzEyNTNmZjZlMjg0ZWJhZjQ5ZmFhMTIxYjI4MGNlMWQ2YzMwYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhu6rLvmURdm6buoFEKDvNd7X3pc
yeqhAtIWUlYZ61UrAi+eG4HpF9R/U0uQtXuhuVGQkbR2MWp656ou68mwv5kJJ0WD
jz4deK3lBxNNp+huHqk3hVgjLS1BHWv6osBg0M3dNRzVwIMY0PAzAZOA3lzJhAVK
oBUptharTco4IkqGKuU7g9a3pXbwUEMs7gRJ8aUin8KBijG5MbhPNpcd76d5v4Fa
cPdOERZlMzso+LAS0WCJDCqcVPgU7jCVDd7bAFhKCkd2367BXyQ0Ygaj4TQ6Bqgp
fPag2wGCpMSQNZZb3AMpIXFdBjJgA/HoTX/7iKKw2IJ0LCTwQWxaxQVGzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwSU/9uKE669J+qEhsoDOHWwws1MB8GA1UdIwQY
MBaAFEDsXYKo612YznbmHa/lF2YfxOZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUt
ZGYzMTc0NWNjMjI5LzEvdkJKVF8yNG9UcnIwbjZvU0d5Z000ZGJEQ3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUtZGYzMTc0NWNjMjI5
LzEvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJUgwMA0G
CSqGSIb3DQEBCwUAA4IBAQANJlj13sUH4Zw7sCvmJdIZmwlD172byPPDWTv1mUqU
g2SYX1ZC97tk0GEvPtCaNYRw7IhRp/HsirykE8f7L6u9Uu1g4LMkM4tQX6Jkwwnx
IkERQ8GijsqHCDI/yJbO5V5MPHwToA7TYtN6PObiTXoNqnw5sWaBzVoyLJk//86v
mjGdFuWrpla8eq7NHREI0VXxvl7CG/tmHOckUkp/sBMY+nQqAW15NHAOIL+uKT1t
i5iqpypN5rkNoVudKa62duwpxTWbMg+5ikrJ2dAP4khosaGxmKCl2K00TEP7OvHO
gAz1/ICNdW7FV1QBs9PUD9ab4sFO4jH/gTZAb5s9hBoX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:29 2024 by rpki-client on console-ams.rpki-client.org