Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Pea8acJj_DjhrzDcVsiZPzXq44A.roa
File:                     Pea8acJj_DjhrzDcVsiZPzXq44A.roa (raw, json)
Hash identifier:          3tnxEBWBJQFdpJtsrFfm4/vPXNOxa4FcStoHlu4OOEo=
Subject key identifier:   3D:E6:BC:69:C2:63:FC:38:E1:AF:30:DC:56:C8:99:3F:35:EA:E3:80
Certificate issuer:       /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial:       0187762FDF97B607A479807590D87E960321
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Pea8acJj_DjhrzDcVsiZPzXq44A.roa
Signing time:             Wed 12 Apr 2023 15:57:41 +0000
ROA not before:           Wed 12 Apr 2023 15:57:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        46.34.37.0/24 maxlen: 24
                          46.34.42.0/23 maxlen: 23
                          46.34.38.0/23 maxlen: 23
                          46.34.48.0/24 maxlen: 24
                          46.34.49.0/24 maxlen: 24
                          46.34.55.0/24 maxlen: 24
                          46.34.58.0/23 maxlen: 23
                          46.34.54.0/24 maxlen: 24
                          46.34.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 10:06:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:76:2f:df:97:b6:07:a4:79:80:75:90:d8:7e:96:03:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
        Validity
            Not Before: Apr 12 15:57:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3de6bc69c263fc38e1af30dc56c8993f35eae380
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:89:31:55:04:fb:4d:57:09:45:45:dc:4d:ce:
                    39:ec:5a:59:b2:8e:a7:d1:b6:cb:d8:fc:68:54:fd:
                    c1:22:fd:b7:f9:d1:d5:d2:ef:6a:7f:ff:97:55:d2:
                    28:c0:0a:8d:11:52:b3:fd:15:da:85:4b:b5:af:f4:
                    e9:71:55:3e:e7:86:52:6c:16:5d:78:6c:4c:90:f4:
                    a5:d0:ea:60:6c:c6:1d:5b:c2:41:b1:60:e8:9c:6d:
                    e9:69:f2:36:ac:c0:ea:30:43:e9:dc:4b:94:0c:05:
                    24:da:77:48:4a:97:55:31:ec:bf:a5:b7:2e:ac:ca:
                    46:5d:16:06:41:89:f5:6e:1c:4d:83:89:5f:dd:76:
                    3b:f7:61:9c:e1:70:39:af:a0:89:60:69:74:7f:8d:
                    e8:ad:73:46:28:ca:fe:e9:3e:af:a5:22:46:62:7d:
                    d0:81:ac:d9:99:a9:93:81:c0:81:1b:14:98:9c:8e:
                    e1:42:f0:e4:30:2c:43:c7:38:d0:5d:5d:cc:1c:cf:
                    88:a0:f2:f2:42:fc:88:06:e4:b8:ea:c4:77:32:43:
                    14:0c:64:00:57:71:33:58:2d:08:bd:90:1e:48:18:
                    17:4c:b3:fc:d6:5c:ff:20:34:5a:ae:e5:f6:d9:d3:
                    d7:9e:ce:1e:57:aa:0e:49:bf:83:15:9f:bf:aa:26:
                    20:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E6:BC:69:C2:63:FC:38:E1:AF:30:DC:56:C8:99:3F:35:EA:E3:80
            X509v3 Authority Key Identifier:
                keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Pea8acJj_DjhrzDcVsiZPzXq44A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.34.37.0-46.34.39.255
                  46.34.42.0/23
                  46.34.48.0/23
                  46.34.54.0/23
                  46.34.58.0/23
                  46.34.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:7f:13:51:0b:fe:6d:8f:65:a9:30:63:e0:c9:aa:41:44:8a:
         e2:bc:f7:a1:f8:c9:b0:6f:f9:34:f5:db:68:8a:2c:15:2e:74:
         2b:cf:5c:01:d8:7b:54:05:1c:80:db:60:f1:98:79:7d:e9:21:
         43:97:c2:df:7c:b3:40:c9:94:73:e7:06:76:ad:8a:f6:3f:4a:
         c0:79:46:51:02:26:d6:c4:40:b0:81:67:97:d4:eb:a4:67:36:
         e9:3d:18:0f:3a:fb:57:2a:ae:50:7b:7e:fc:bf:87:62:ed:c2:
         9b:ed:18:e2:47:c5:71:14:dd:1d:cf:ff:f0:49:a2:4c:56:76:
         13:a3:58:7c:a2:a0:98:95:23:29:d4:23:0d:17:b0:d0:d3:2a:
         a6:ea:ea:5f:6f:83:2a:fe:c3:45:68:b0:41:69:54:fd:be:d5:
         10:3d:c1:8a:c2:92:fe:26:49:c9:14:e7:38:d9:73:81:95:6f:
         fc:9c:4d:d8:14:aa:99:47:f0:03:73:ae:fa:14:f9:57:eb:f3:
         67:94:f4:7b:13:17:d3:ed:cc:2f:18:69:f5:af:b2:cb:bb:c7:
         f4:da:1b:4c:fb:a2:46:33:d4:50:77:0c:53:21:09:f9:5e:89:
         ec:3e:c9:9c:9d:49:42:35:23:ca:24:32:35:b1:b9:d8:e8:80:
         2c:dd:5d:2e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYd2L9+XtgekeYB1kNh+lgMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNDEyMTU1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU2YmM2OWMyNjNmYzM4ZTFhZjMwZGM1NmM4OTkzZjM1ZWFlMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIkxVQT7TVcJRUXcTc457FpZso6n
0bbL2PxoVP3BIv23+dHV0u9qf/+XVdIowAqNEVKz/RXahUu1r/TpcVU+54ZSbBZd
eGxMkPSl0OpgbMYdW8JBsWDonG3pafI2rMDqMEPp3EuUDAUk2ndISpdVMey/pbcu
rMpGXRYGQYn1bhxNg4lf3XY792Gc4XA5r6CJYGl0f43orXNGKMr+6T6vpSJGYn3Q
gazZmamTgcCBGxSYnI7hQvDkMCxDxzjQXV3MHM+IoPLyQvyIBuS46sR3MkMUDGQA
V3EzWC0IvZAeSBgXTLP81lz/IDRaruX22dPXns4eV6oOSb+DFZ+/qiYgVwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFD3mvGnCY/w44a8w3FbImT816uOAMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvUGVhOGFjSmpfRGpocnpEY1ZzaVpQelhxNDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAuIiUD
BAMuIiADBAEuIioDBAEuIjADBAEuIjYDBAEuIjoDBAAuIj4wDQYJKoZIhvcNAQEL
BQADggEBAHR/E1EL/m2PZakwY+DJqkFEiuK896H4ybBv+TT122iKLBUudCvPXAHY
e1QFHIDbYPGYeX3pIUOXwt98s0DJlHPnBnativY/SsB5RlECJtbEQLCBZ5fU66Rn
Nuk9GA86+1cqrlB7fvy/h2LtwpvtGOJHxXEU3R3P//BJokxWdhOjWHyioJiVIynU
Iw0XsNDTKqbq6l9vgyr+w0VosEFpVP2+1RA9wYrCkv4mSckU5zjZc4GVb/ycTdgU
qplH8ANzrvoU+Vfr82eU9HsTF9PtzC8YafWvssu7x/TaG0z7okYz1FB3DFMhCfle
iew+yZydSUI1I8okMjWxudjogCzdXS4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org