Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410184f2477fc40aab/0/3230352e3231312e3135352e302f32342d3234203d3e2037303138.roa
File:                     3230352e3231312e3135352e302f32342d3234203d3e2037303138.roa (raw, json)
Hash identifier:          +NizCSamHVHWrfvdzZv9eVaIMWJ1WZ2yIb73wh9lq20=
Subject key identifier:   C7:E1:38:1D:51:C0:21:CE:64:76:BB:2F:5F:D2:E1:F9:AE:93:BC:01
Certificate issuer:       /CN=37601393f78ee12fe7f73ae79bbfb74b431da7700cef2cf8cf
Certificate serial:       40A698AE1200B42C31ABB5D794A205E91C54FBC1
Authority key identifier: B2:1B:D1:77:1A:96:D7:9F:70:79:60:91:51:2F:27:81:11:14:8E:F0
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/8cabc1b4-9bdf-40a6-bbbb-66ae9d5a685a/37601393f78ee12fe7f73ae79bbfb74b431da7700cef2cf8cf.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f2477fc40aab/0/3230352e3231312e3135352e302f32342d3234203d3e2037303138.roa
Signing time:             Thu 09 Nov 2023 15:56:26 +0000
ROA not before:           Thu 09 Nov 2023 15:51:26 +0000
ROA not after:            Thu 07 Nov 2024 15:56:26 +0000
asID:                     7018
IP address blocks:        205.211.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 00:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:a6:98:ae:12:00:b4:2c:31:ab:b5:d7:94:a2:05:e9:1c:54:fb:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37601393f78ee12fe7f73ae79bbfb74b431da7700cef2cf8cf
        Validity
            Not Before: Nov  9 15:51:26 2023 GMT
            Not After : Nov  7 15:56:26 2024 GMT
        Subject: CN=C7E1381D51C021CE6476BB2F5FD2E1F9AE93BC01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0b:d8:82:e2:c9:7b:89:97:f5:06:21:f0:8b:
                    77:19:b7:f8:c1:5f:dd:04:6e:a1:e7:7e:18:20:13:
                    e1:23:3d:a7:f1:9e:ae:a9:65:87:4c:56:e1:fb:3b:
                    55:83:10:53:d1:b0:35:64:1d:9b:45:18:e7:e4:9e:
                    d1:5b:93:cc:7c:6d:91:77:66:db:33:5e:59:05:ee:
                    d1:08:2f:51:43:9f:2a:69:8f:51:23:b7:26:f6:b4:
                    39:cb:b2:24:b3:4d:c7:4d:c7:7b:05:d5:d8:57:17:
                    80:d8:06:69:15:52:33:a4:ed:40:70:9f:01:0c:a2:
                    bd:c1:45:8c:bc:59:7e:f4:97:f8:63:42:66:86:bd:
                    1e:37:c7:5b:e2:ff:ef:63:33:a4:cb:e4:60:32:c5:
                    b3:58:11:f6:07:3d:cb:01:36:8b:7e:67:e0:cb:ac:
                    f7:88:bc:dc:51:de:3b:d7:40:0d:3a:25:95:84:ad:
                    17:07:ce:3b:95:21:42:da:cf:9b:3b:dc:a0:39:ab:
                    49:04:a6:6d:c5:b6:e1:f7:45:f3:a8:09:43:bc:c1:
                    7c:42:07:67:90:25:00:3e:19:b4:9b:6b:56:5c:82:
                    b4:22:62:26:d4:2e:5a:d4:14:b1:1b:2e:cf:a4:55:
                    70:42:58:af:70:8d:94:76:df:58:9a:01:4b:ca:61:
                    5c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:E1:38:1D:51:C0:21:CE:64:76:BB:2F:5F:D2:E1:F9:AE:93:BC:01
            X509v3 Authority Key Identifier:
                keyid:B2:1B:D1:77:1A:96:D7:9F:70:79:60:91:51:2F:27:81:11:14:8E:F0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f2477fc40aab/0/B21BD1771A96D79F70796091512F278111148EF0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/8cabc1b4-9bdf-40a6-bbbb-66ae9d5a685a/37601393f78ee12fe7f73ae79bbfb74b431da7700cef2cf8cf.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f2477fc40aab/0/3230352e3231312e3135352e302f32342d3234203d3e2037303138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.211.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:2f:a1:58:d5:f5:eb:cd:96:b0:08:48:1c:c5:83:b8:72:5a:
         9b:04:cb:71:6d:83:6b:69:6f:ce:87:80:f9:d4:4d:6c:2d:87:
         5c:46:94:58:93:73:32:52:f4:87:3f:09:e5:63:e1:50:f4:da:
         79:52:94:8e:0a:7b:a1:b5:67:d8:bc:96:51:e6:74:4d:33:01:
         40:c3:da:d4:53:10:29:16:32:75:dd:32:c3:3c:e0:79:55:1e:
         ff:48:7a:61:59:6a:01:6c:67:b9:29:89:a2:0f:ad:17:41:cb:
         67:22:69:59:19:33:98:2c:cb:4d:a2:7e:7f:29:d2:7a:36:6a:
         47:ed:aa:2a:77:ee:3c:a6:19:04:7a:d7:d3:c4:ad:5b:30:d4:
         a8:d5:5c:72:a3:00:46:bc:96:97:79:23:89:29:64:ec:c9:57:
         66:9a:ea:ad:e8:5a:1c:47:10:cb:4c:7b:00:18:46:49:6c:00:
         46:89:9f:a1:b5:72:50:2d:03:2b:f2:7a:4f:4e:ad:ab:df:f1:
         a7:14:52:7a:fc:d9:9e:35:1c:ce:3d:fe:09:d9:87:6a:3c:8d:
         72:93:00:ca:37:e4:d5:e5:50:34:80:e7:34:a2:5f:cc:74:4b:
         fa:82:bd:af:c6:0c:e1:d0:b5:bd:93:ea:8a:98:b3:95:b5:38:
         66:00:d4:c4
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIUQKaYrhIAtCwxq7XXlKIF6RxU+8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMzc2MDEzOTNmNzhlZTEyZmU3ZjczYWU3OWJiZmI3NGI0
MzFkYTc3MDBjZWYyY2Y4Y2YwHhcNMjMxMTA5MTU1MTI2WhcNMjQxMTA3MTU1NjI2
WjAzMTEwLwYDVQQDEyhDN0UxMzgxRDUxQzAyMUNFNjQ3NkJCMkY1RkQyRTFGOUFF
OTNCQzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgvYguLJe4mX
9QYh8It3Gbf4wV/dBG6h534YIBPhIz2n8Z6uqWWHTFbh+ztVgxBT0bA1ZB2bRRjn
5J7RW5PMfG2Rd2bbM15ZBe7RCC9RQ58qaY9RI7cm9rQ5y7Iks03HTcd7BdXYVxeA
2AZpFVIzpO1AcJ8BDKK9wUWMvFl+9Jf4Y0Jmhr0eN8db4v/vYzOky+RgMsWzWBH2
Bz3LATaLfmfgy6z3iLzcUd4710ANOiWVhK0XB847lSFC2s+bO9ygOatJBKZtxbbh
90XzqAlDvMF8QgdnkCUAPhm0m2tWXIK0ImIm1C5a1BSxGy7PpFVwQlivcI2Udt9Y
mgFLymFcvQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFMfhOB1RwCHOZHa7L1/S4fmu
k7wBMB8GA1UdIwQYMBaAFLIb0XcaltefcHlgkVEvJ4ERFI7wMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTg0ZjI0NzdmYzQwYWFiLzAv
QjIxQkQxNzcxQTk2RDc5RjcwNzk2MDkxNTEyRjI3ODExMTE0OEVGMC5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvMDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5
ZWYzMjIzLzhjYWJjMWI0LTliZGYtNDBhNi1iYmJiLTY2YWU5ZDVhNjg1YS8zNzYw
MTM5M2Y3OGVlMTJmZTdmNzNhZTc5YmJmYjc0YjQzMWRhNzcwMGNlZjJjZjhjZi5j
ZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4NGYy
NDc3ZmM0MGFhYi8wLzMyMzAzNTJlMzIzMTMxMmUzMTM1MzUyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzNzMwMzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAM3TmzANBgkqhkiG9w0BAQsF
AAOCAQEAlS+hWNX1682WsAhIHMWDuHJamwTLcW2Da2lvzoeA+dRNbC2HXEaUWJNz
MlL0hz8J5WPhUPTaeVKUjgp7obVn2LyWUeZ0TTMBQMPa1FMQKRYydd0ywzzgeVUe
/0h6YVlqAWxnuSmJog+tF0HLZyJpWRkzmCzLTaJ+fynSejZqR+2qKnfuPKYZBHrX
08StWzDUqNVccqMARryWl3kjiSlk7MlXZprqrehaHEcQy0x7ABhGSWwARomfobVy
UC0DK/J6T06tq9/xpxRSevzZnjUczj3+CdmHajyNcpMAyjfk1eVQNIDnNKJfzHRL
+oK9r8YM4dC1vZPqipizlbU4ZgDUxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:03 2024 by rpki-client on console-fra.rpki-client.org