Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/24qWctAh5hcev0XboBBOTMNrxeA.roa
File:                     24qWctAh5hcev0XboBBOTMNrxeA.roa (raw, json)
Hash identifier:          Are8uY+42JLBOkJj6Si39RWpf837wx1dBwWnlYcn75Q=
Subject key identifier:   DB:8A:96:72:D0:21:E6:17:1E:BF:45:DB:A0:10:4E:4C:C3:6B:C5:E0
Certificate issuer:       /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial:       018731E65B04DD35319097182260CE353DCF
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/24qWctAh5hcev0XboBBOTMNrxeA.roa
Signing time:             Thu 30 Mar 2023 09:43:12 +0000
ROA not before:           Thu 30 Mar 2023 09:43:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197100
IP address blocks:        46.34.32.0/22 maxlen: 22
                          46.34.36.0/24 maxlen: 24
                          46.34.40.0/23 maxlen: 23
                          46.34.51.0/24 maxlen: 24
                          46.34.47.0/24 maxlen: 24
                          46.34.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 30 Mar 2023 13:56:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:31:e6:5b:04:dd:35:31:90:97:18:22:60:ce:35:3d:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
        Validity
            Not Before: Mar 30 09:43:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db8a9672d021e6171ebf45dba0104e4cc36bc5e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ca:b3:5b:42:11:7f:57:4c:5e:95:d4:9a:8e:
                    83:52:fe:8b:1e:c9:07:d7:6f:49:ea:04:1b:73:92:
                    3a:dd:63:79:80:0f:ef:4d:66:2d:bd:52:88:b8:d1:
                    5a:af:a5:9d:38:23:07:a9:ac:e3:2d:da:fd:59:f8:
                    eb:0b:2d:e9:19:1e:7f:1b:32:92:3b:93:d5:70:4a:
                    d6:48:e5:82:b8:42:36:7d:09:09:59:75:6b:9d:25:
                    16:4b:e7:f1:86:7b:53:b8:f1:c0:54:65:96:a8:03:
                    f2:83:f9:bf:af:7b:68:3c:6e:67:4a:73:bf:1f:4b:
                    1d:6b:f5:77:66:02:5b:07:67:f2:3d:d2:7b:df:fe:
                    33:4b:d0:20:1c:7b:c6:17:e4:15:6e:e9:d5:8c:5c:
                    87:34:ab:be:7a:95:ec:ba:4f:7b:b7:ba:f5:3d:52:
                    b7:98:fe:e4:6a:62:e7:aa:3f:24:14:e2:54:29:e1:
                    d6:33:17:ea:2c:02:13:0d:5d:5f:64:f2:61:b5:e0:
                    d7:74:77:50:2a:45:93:e7:8b:5e:18:bc:97:96:13:
                    1d:0f:b4:23:b5:07:fb:28:02:e0:bd:90:ab:49:10:
                    77:3c:f4:49:64:08:18:1e:f0:47:7b:f4:73:ee:19:
                    ec:ae:6d:b2:59:4e:c5:e2:a7:68:04:a6:93:a5:d7:
                    e4:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:8A:96:72:D0:21:E6:17:1E:BF:45:DB:A0:10:4E:4C:C3:6B:C5:E0
            X509v3 Authority Key Identifier:
                keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/24qWctAh5hcev0XboBBOTMNrxeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.34.32.0-46.34.36.255
                  46.34.40.0/23
                  46.34.47.0/24
                  46.34.51.0/24
                  46.34.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:af:02:ca:e1:13:0a:a1:1f:fa:9c:46:51:85:7b:3e:74:5b:
         f1:95:7a:46:ba:76:e5:2b:81:1f:87:5b:d4:b0:9f:fd:69:94:
         cb:70:5a:c5:a0:ef:86:74:6e:aa:e5:d7:ac:ce:2f:0a:4d:c3:
         4d:6e:7f:6e:9d:15:34:9b:53:b1:d3:47:96:51:e3:57:39:bf:
         fd:af:8a:41:1c:1e:0a:81:d4:de:83:77:29:a2:ed:aa:0e:13:
         e1:da:b7:0b:f0:c1:e7:49:00:70:4e:ce:4e:f5:28:ad:fd:23:
         9d:47:95:45:45:a6:8b:df:f4:f0:16:b8:53:ad:19:f5:5e:8e:
         11:2c:5e:58:51:9c:dd:0b:4a:de:15:1c:a4:65:b8:81:23:f9:
         2a:5e:18:2f:01:6c:ed:88:fe:cd:a3:21:80:1a:20:62:ba:15:
         69:32:eb:ea:83:f3:8a:17:91:d2:77:ae:a7:56:61:e4:89:24:
         a1:4f:86:72:05:55:2e:f0:75:5b:f4:d0:45:90:ad:07:8d:4a:
         e3:31:13:4a:e7:83:ef:70:2f:0d:a4:32:57:e9:d1:9b:e9:66:
         33:f6:17:2e:e2:c5:70:14:11:73:9e:70:ba:d4:1a:4a:09:20:
         80:07:a0:3c:13:44:4d:a4:b1:18:a8:c1:1b:b1:ca:8e:ff:fc:
         b4:96:8f:55
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcx5lsE3TUxkJcYImDONT3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMzMwMDk0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhhOTY3MmQwMjFlNjE3MWViZjQ1ZGJhMDEwNGU0Y2MzNmJjNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8qzW0IRf1dMXpXUmo6DUv6LHskH
129J6gQbc5I63WN5gA/vTWYtvVKIuNFar6WdOCMHqazjLdr9WfjrCy3pGR5/GzKS
O5PVcErWSOWCuEI2fQkJWXVrnSUWS+fxhntTuPHAVGWWqAPyg/m/r3toPG5nSnO/
H0sda/V3ZgJbB2fyPdJ73/4zS9AgHHvGF+QVbunVjFyHNKu+epXsuk97t7r1PVK3
mP7kamLnqj8kFOJUKeHWMxfqLAITDV1fZPJhteDXdHdQKkWT54teGLyXlhMdD7Qj
tQf7KALgvZCrSRB3PPRJZAgYHvBHe/Rz7hnsrm2yWU7F4qdoBKaTpdfkXwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNuKlnLQIeYXHr9F26AQTkzDa8XgMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMjRxV2N0QWg1aGNldjBYYm9CQk9UTU5yeGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUuIiAD
BAAuIiQDBAEuIigDBAAuIi8DBAAuIjMDBAIuIjwwDQYJKoZIhvcNAQELBQADggEB
AGSvAsrhEwqhH/qcRlGFez50W/GVeka6duUrgR+HW9Swn/1plMtwWsWg74Z0bqrl
16zOLwpNw01uf26dFTSbU7HTR5ZR41c5v/2vikEcHgqB1N6Ddymi7aoOE+Hatwvw
wedJAHBOzk71KK39I51HlUVFpovf9PAWuFOtGfVejhEsXlhRnN0LSt4VHKRluIEj
+SpeGC8BbO2I/s2jIYAaIGK6FWky6+qD84oXkdJ3rqdWYeSJJKFPhnIFVS7wdVv0
0EWQrQeNSuMxE0rng+9wLw2kMlfp0ZvpZjP2Fy7ixXAUEXOecLrUGkoJIIAHoDwT
RE2ksRiowRuxyo7//LSWj1U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org