Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/E3wTuDf8XARAYbxZiIEgVX0RnDQ.roa
File:                     E3wTuDf8XARAYbxZiIEgVX0RnDQ.roa (raw, json)
Hash identifier:          t/21A61TMRUXiyA+kpxVdtdA7tgHoYcRUYsB6nSE/do=
Subject key identifier:   13:7C:13:B8:37:FC:5C:04:40:61:BC:59:88:81:20:55:7D:11:9C:34
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       018570028824C2083099C2747A9BFD7ACF53
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/E3wTuDf8XARAYbxZiIEgVX0RnDQ.roa
Signing time:             Mon 02 Jan 2023 01:04:52 +0000
ROA not before:           Mon 02 Jan 2023 01:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58203
IP address blocks:        195.87.18.0/24 maxlen: 24
                          195.87.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:88:24:c2:08:30:99:c2:74:7a:9b:fd:7a:cf:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=137c13b837fc5c044061bc59888120557d119c34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:66:34:1c:1d:29:72:49:65:28:47:f5:05:ad:
                    77:63:20:90:00:6c:a6:69:f9:ac:8a:e1:b5:81:ac:
                    ee:39:2c:d5:00:eb:14:07:37:cb:70:62:ef:e7:fa:
                    c0:c8:6c:f1:b4:c4:bc:9e:b2:15:2f:c6:28:cd:83:
                    f8:f3:86:67:3a:f4:e8:e7:10:9c:c9:f8:d4:3c:07:
                    da:6b:07:11:09:29:88:c4:3d:85:dc:b1:08:60:4d:
                    73:3c:ec:f9:5b:ca:73:96:52:7b:45:1f:36:78:07:
                    e0:ed:91:78:6b:b6:7f:21:a4:83:05:93:30:6f:0d:
                    11:8a:9f:1e:a1:f6:5a:d8:cc:33:a2:a6:bb:6c:12:
                    fb:66:b4:95:31:2a:9c:62:1b:a3:87:59:67:fc:91:
                    31:61:bf:ef:04:5d:9d:3c:ee:00:d4:8e:a7:3a:9d:
                    c6:97:86:a7:4b:24:0a:5a:9a:da:57:c5:d0:24:59:
                    60:c6:61:21:25:d1:3d:36:aa:d7:62:6f:a2:fd:2b:
                    ce:81:62:58:cf:97:ce:b9:d5:54:06:a8:ff:3e:60:
                    2f:f9:27:00:9d:66:6d:f9:45:5f:52:5b:5f:e1:96:
                    3c:ae:6c:ca:21:91:62:69:c5:b7:39:9a:4c:84:85:
                    7e:32:eb:10:2a:07:f2:3f:6a:41:3f:b5:c6:e4:0d:
                    c4:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:7C:13:B8:37:FC:5C:04:40:61:BC:59:88:81:20:55:7D:11:9C:34
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/E3wTuDf8XARAYbxZiIEgVX0RnDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.87.18.0/24
                  195.87.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:70:da:16:14:ed:37:a0:ac:e9:2f:66:54:50:eb:94:31:a0:
         4b:7f:74:f2:b9:91:07:63:51:06:f6:5f:1a:e7:d0:6c:6c:32:
         a1:a4:4d:4b:45:be:b9:80:be:37:a2:aa:c4:5c:1b:21:12:81:
         0c:3a:7b:68:f0:6a:15:4a:0a:ac:ce:54:60:0b:ee:b1:7e:8b:
         ac:93:02:6b:35:45:50:ee:fa:f9:6e:f2:9b:7b:e7:17:aa:da:
         27:cd:4b:82:dd:26:63:ac:26:ab:e2:b6:d0:3f:7f:e7:dc:82:
         f2:3d:80:b6:d5:ae:03:23:69:da:b8:4e:c3:7e:26:3c:b0:db:
         fc:e3:e2:91:a2:7f:ca:7c:21:59:52:5c:7b:c7:d4:7a:9c:35:
         21:7d:53:ae:fd:a4:c9:f1:1a:b6:64:63:2c:05:2e:b0:c7:40:
         37:ba:7e:5a:c3:c3:1f:c0:f9:a0:b5:67:f8:6c:aa:25:5b:2a:
         22:6d:56:d2:aa:b6:5c:f7:2b:06:f4:f6:f8:09:87:28:b1:72:
         b9:32:8a:de:ce:b8:13:17:97:17:23:54:1a:1c:ab:c8:67:fc:
         38:7b:0c:29:20:52:1b:df:8b:ce:2f:1a:02:48:be:f2:41:5c:
         ae:23:28:6f:3c:c5:13:55:a4:d0:fc:ff:3a:1c:dd:30:2b:5a:
         8b:a2:99:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAogkwggwmcJ0epv9es9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzdjMTNiODM3ZmM1YzA0NDA2MWJjNTk4ODgxMjA1NTdkMTE5YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmY0HB0pckllKEf1Ba13YyCQAGym
afmsiuG1gazuOSzVAOsUBzfLcGLv5/rAyGzxtMS8nrIVL8YozYP484ZnOvTo5xCc
yfjUPAfaawcRCSmIxD2F3LEIYE1zPOz5W8pzllJ7RR82eAfg7ZF4a7Z/IaSDBZMw
bw0Rip8eofZa2Mwzoqa7bBL7ZrSVMSqcYhujh1ln/JExYb/vBF2dPO4A1I6nOp3G
l4anSyQKWpraV8XQJFlgxmEhJdE9NqrXYm+i/SvOgWJYz5fOudVUBqj/PmAv+ScA
nWZt+UVfUltf4ZY8rmzKIZFiacW3OZpMhIV+MusQKgfyP2pBP7XG5A3EbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBN8E7g3/FwEQGG8WYiBIFV9EZw0MB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvRTN3VHVEZjhYQVJBWWJ4WmlJRWdWWDBSbkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw1cSAwQA
w1fvMA0GCSqGSIb3DQEBCwUAA4IBAQDOcNoWFO03oKzpL2ZUUOuUMaBLf3TyuZEH
Y1EG9l8a59BsbDKhpE1LRb65gL43oqrEXBshEoEMOnto8GoVSgqszlRgC+6xfous
kwJrNUVQ7vr5bvKbe+cXqtonzUuC3SZjrCar4rbQP3/n3ILyPYC21a4DI2nauE7D
fiY8sNv84+KRon/KfCFZUlx7x9R6nDUhfVOu/aTJ8Rq2ZGMsBS6wx0A3un5aw8Mf
wPmgtWf4bKolWyoibVbSqrZc9ysG9Pb4CYcosXK5MorezrgTF5cXI1QaHKvIZ/w4
ewwpIFIb34vOLxoCSL7yQVyuIyhvPMUTVaTQ/P86HN0wK1qLopnU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org