Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tIhFLNiEvPr0fvBTMMubh8pDFAE.roa
File:                     tIhFLNiEvPr0fvBTMMubh8pDFAE.roa (raw, json)
Hash identifier:          lUMawHWVI8tT8R7RYrKi9mKt8R9IMOhNWK1epUuY0Y0=
Subject key identifier:   B4:88:45:2C:D8:84:BC:FA:F4:7E:F0:53:30:CB:9B:87:CA:43:14:01
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       01856FF98C82D0777F502247731C01D8F2CA
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tIhFLNiEvPr0fvBTMMubh8pDFAE.roa
Signing time:             Mon 02 Jan 2023 00:55:03 +0000
ROA not before:           Mon 02 Jan 2023 00:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205526
IP address blocks:        213.169.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:8c:82:d0:77:7f:50:22:47:73:1c:01:d8:f2:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  2 00:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b488452cd884bcfaf47ef05330cb9b87ca431401
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:20:45:bd:a7:c3:54:17:c4:9e:ea:cf:ca:5b:
                    db:85:34:18:88:4c:e1:82:e2:35:02:56:42:d3:1d:
                    d6:29:3a:c9:90:7e:03:20:85:46:05:08:f3:37:cc:
                    b4:9f:48:55:28:26:1f:42:08:19:94:7d:05:6f:86:
                    a5:18:f5:d1:02:d0:aa:88:66:06:dc:d3:4d:76:5c:
                    16:97:74:6d:83:6a:4a:77:f6:77:bf:39:a8:72:d7:
                    d8:ee:90:61:e5:06:11:e3:ee:1a:4d:99:92:c4:51:
                    7a:59:ec:a6:6d:cc:4f:95:81:32:6e:94:17:d4:a5:
                    5b:fe:10:bf:f6:98:22:2f:43:90:b9:50:5d:25:eb:
                    3a:06:63:a1:09:65:92:b5:4f:39:bc:65:6b:ce:93:
                    c8:75:4c:68:9a:b0:a7:8b:d0:6d:68:7e:75:b9:51:
                    d8:de:a0:5e:12:05:52:51:36:a9:89:67:e3:ad:0c:
                    9b:20:a6:f3:12:c8:87:75:5b:0d:30:dc:8b:02:ee:
                    18:49:f5:c9:50:cb:39:52:66:06:23:e1:b1:a3:7e:
                    c9:7b:20:6b:52:ab:fc:83:29:24:b5:eb:c8:91:b4:
                    30:21:ba:b3:f3:c6:67:92:69:e1:45:8a:15:2c:8d:
                    aa:ed:58:30:6b:bb:50:14:a5:8c:85:35:0f:46:3d:
                    d2:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:88:45:2C:D8:84:BC:FA:F4:7E:F0:53:30:CB:9B:87:CA:43:14:01
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tIhFLNiEvPr0fvBTMMubh8pDFAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.169.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:99:f8:bb:db:0e:aa:01:03:35:a2:60:f8:0a:cf:fa:8e:ef:
         d7:7e:fa:f5:05:c1:0d:9a:5e:88:ea:33:e1:7d:6d:25:d4:6f:
         f2:83:7b:1e:ef:4c:2c:b6:97:0a:2e:d8:84:ef:5e:9f:9a:c7:
         08:1a:b2:2e:73:7f:ec:cb:cd:fb:d3:b0:70:9e:7c:0f:35:b9:
         e3:fc:da:10:3a:eb:7d:fd:4e:65:2e:39:4b:e0:85:f9:b2:f3:
         df:d8:9c:c4:bb:26:ea:e8:b3:47:e6:cf:f1:10:5c:d5:24:ab:
         8f:0f:30:3d:1e:39:48:61:ca:c7:e3:1d:29:db:10:ed:93:ac:
         9e:13:8b:35:cc:26:01:6d:52:a8:0c:27:d0:df:63:17:38:10:
         c1:e7:be:cc:11:f3:97:95:73:13:78:01:a1:4b:ba:6b:ed:a7:
         9c:b2:0e:25:43:d8:ed:a0:5f:56:c4:9a:dc:bf:46:ef:60:1e:
         9c:32:27:92:cd:83:a7:b8:ed:01:f9:75:f8:c2:2f:43:d3:2f:
         20:6c:35:df:16:e8:0b:36:7c:26:e3:95:21:07:61:c0:42:41:
         87:e7:91:d2:2c:44:56:52:19:a1:2d:50:66:7b:3f:f9:bb:27:
         9b:8c:30:0d:53:03:bb:87:16:2a:9b:3a:83:3b:fa:a6:b8:76:
         02:32:74:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+YyC0Hd/UCJHcxwB2PLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg4NDUyY2Q4ODRiY2ZhZjQ3ZWYwNTMzMGNiOWI4N2NhNDMxNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+SBFvafDVBfEnurPylvbhTQYiEzh
guI1AlZC0x3WKTrJkH4DIIVGBQjzN8y0n0hVKCYfQggZlH0Fb4alGPXRAtCqiGYG
3NNNdlwWl3Rtg2pKd/Z3vzmoctfY7pBh5QYR4+4aTZmSxFF6WeymbcxPlYEybpQX
1KVb/hC/9pgiL0OQuVBdJes6BmOhCWWStU85vGVrzpPIdUxomrCni9BtaH51uVHY
3qBeEgVSUTapiWfjrQybIKbzEsiHdVsNMNyLAu4YSfXJUMs5UmYGI+Gxo37JeyBr
Uqv8gykktevIkbQwIbqz88ZnkmnhRYoVLI2q7Vgwa7tQFKWMhTUPRj3SvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSIRSzYhLz69H7wUzDLm4fKQxQBMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvdEloRkxOaUV2UHIwZnZCVE1NdWJoOHBERkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aklMA0G
CSqGSIb3DQEBCwUAA4IBAQB7mfi72w6qAQM1omD4Cs/6ju/Xfvr1BcENml6I6jPh
fW0l1G/yg3se70wstpcKLtiE716fmscIGrIuc3/sy83707BwnnwPNbnj/NoQOut9
/U5lLjlL4IX5svPf2JzEuybq6LNH5s/xEFzVJKuPDzA9HjlIYcrH4x0p2xDtk6ye
E4s1zCYBbVKoDCfQ32MXOBDB577MEfOXlXMTeAGhS7pr7aecsg4lQ9jtoF9WxJrc
v0bvYB6cMieSzYOnuO0B+XX4wi9D0y8gbDXfFugLNnwm45UhB2HAQkGH55HSLERW
UhmhLVBmez/5uyebjDANUwO7hxYqmzqDO/qmuHYCMnQ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org