Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/ESkQkOTeaF9K6YtWQgHCXmfIB2c.roa
File:                     ESkQkOTeaF9K6YtWQgHCXmfIB2c.roa (raw, json)
Hash identifier:          0/cKh3KdZauOZRacQgBGREJ6XQJvecr8xjLO7abAA5I=
Subject key identifier:   11:29:10:90:E4:DE:68:5F:4A:E9:8B:56:42:01:C2:5E:67:C8:07:67
Certificate issuer:       /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial:       01857042A83B827FB5DDB2F403F26C4B110C
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/ESkQkOTeaF9K6YtWQgHCXmfIB2c.roa
Signing time:             Mon 02 Jan 2023 02:14:54 +0000
ROA not before:           Mon 02 Jan 2023 02:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22612
IP address blocks:        37.61.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:a8:3b:82:7f:b5:dd:b2:f4:03:f2:6c:4b:11:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
        Validity
            Not Before: Jan  2 02:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11291090e4de685f4ae98b564201c25e67c80767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:16:bb:01:43:93:8f:2c:95:cf:42:0c:f3:d9:
                    bd:04:65:8c:0c:12:83:20:85:de:85:eb:ad:3f:2b:
                    90:27:02:63:b9:5c:45:69:97:c7:d5:70:fb:19:a1:
                    6c:59:d1:c6:0c:e5:e9:6a:d0:b2:41:50:f1:a5:81:
                    62:d7:0e:b5:eb:ff:4a:08:fc:ca:c2:6b:32:7b:88:
                    14:12:25:59:9c:fc:cd:74:c7:fe:64:0b:fe:01:61:
                    da:8a:62:df:0a:00:3d:42:a1:50:e9:7e:87:50:13:
                    a8:d8:77:b0:2d:7a:69:33:f3:af:87:b1:d9:79:21:
                    43:45:67:63:ab:90:60:a1:ba:21:20:b2:58:0c:47:
                    d0:6b:68:2c:fa:91:ce:29:41:bc:d3:bd:61:2a:7c:
                    eb:33:00:ad:89:36:16:5e:f4:d0:af:7d:ba:89:f5:
                    0e:c3:12:fc:e0:ce:68:19:77:95:5a:41:b1:23:42:
                    3b:49:a7:7a:60:44:0b:99:d4:11:73:13:e8:a1:c6:
                    ad:8e:32:d0:39:0e:d6:28:da:eb:9a:fd:86:7a:77:
                    57:22:d0:92:e7:6e:3c:4b:4f:86:a8:b3:43:d9:22:
                    7e:7c:7d:97:a8:99:b2:ff:40:ca:3a:ed:2c:22:9f:
                    6e:73:db:e8:25:65:3d:52:de:98:f5:7e:4c:09:26:
                    62:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:29:10:90:E4:DE:68:5F:4A:E9:8B:56:42:01:C2:5E:67:C8:07:67
            X509v3 Authority Key Identifier:
                keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/ESkQkOTeaF9K6YtWQgHCXmfIB2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.61.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:e4:e1:d6:bc:f3:f7:f3:bd:29:95:79:e7:8e:12:b0:85:4a:
         1e:33:7d:19:21:6a:84:77:b9:30:5f:67:bb:3a:84:45:a9:fa:
         b4:a2:16:2a:e6:0f:55:10:48:8a:60:20:b7:ce:9b:f5:a4:2b:
         a8:30:12:17:0c:27:8b:c3:72:72:1c:d6:2f:0a:13:c1:b2:52:
         d0:ad:24:06:32:ad:53:84:7b:fe:ef:06:f5:93:45:a8:5b:3b:
         ee:14:5d:84:e0:15:2c:af:d6:30:92:44:84:b7:9b:5d:b6:d5:
         93:3d:4a:0d:52:61:07:c0:29:bc:f5:f6:3c:4a:0e:e5:de:cd:
         51:39:b5:df:cb:9d:13:5f:1f:d9:11:1c:f7:f0:75:dc:7f:05:
         54:38:8b:86:c6:5d:8a:78:d5:5c:5a:c3:fc:dc:7a:e4:b4:d3:
         25:9e:df:39:79:dd:41:38:30:ab:9d:5a:99:a8:77:c7:25:7f:
         30:df:f4:d6:83:39:af:bd:d4:d7:90:7b:2b:f5:80:f6:a0:53:
         48:32:8c:ca:01:ae:6f:bf:fb:39:f4:6a:2a:10:0e:17:d4:f7:
         07:f3:7f:2f:32:57:fb:f7:ef:a3:42:97:ba:4d:bf:f1:ac:d6:
         a1:6e:93:d4:33:cb:c5:a6:6e:05:9c:ca:d7:a4:50:ce:77:3f:
         e2:2b:14:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqg7gn+13bL0A/JsSxEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI5MTA5MGU0ZGU2ODVmNGFlOThiNTY0MjAxYzI1ZTY3YzgwNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmha7AUOTjyyVz0IM89m9BGWMDBKD
IIXeheutPyuQJwJjuVxFaZfH1XD7GaFsWdHGDOXpatCyQVDxpYFi1w616/9KCPzK
wmsye4gUEiVZnPzNdMf+ZAv+AWHaimLfCgA9QqFQ6X6HUBOo2HewLXppM/Ovh7HZ
eSFDRWdjq5BgobohILJYDEfQa2gs+pHOKUG8071hKnzrMwCtiTYWXvTQr326ifUO
wxL84M5oGXeVWkGxI0I7Sad6YEQLmdQRcxPoocatjjLQOQ7WKNrrmv2GendXItCS
5248S0+GqLND2SJ+fH2XqJmy/0DKOu0sIp9uc9voJWU9Ut6Y9X5MCSZibwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEpEJDk3mhfSumLVkIBwl5nyAdnMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvRVNrUWtPVGVhRjlLNll0V1FnSENYbWZJQjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJT3uMA0G
CSqGSIb3DQEBCwUAA4IBAQCo5OHWvPP3870plXnnjhKwhUoeM30ZIWqEd7kwX2e7
OoRFqfq0ohYq5g9VEEiKYCC3zpv1pCuoMBIXDCeLw3JyHNYvChPBslLQrSQGMq1T
hHv+7wb1k0WoWzvuFF2E4BUsr9YwkkSEt5tdttWTPUoNUmEHwCm89fY8Sg7l3s1R
ObXfy50TXx/ZERz38HXcfwVUOIuGxl2KeNVcWsP83HrktNMlnt85ed1BODCrnVqZ
qHfHJX8w3/TWgzmvvdTXkHsr9YD2oFNIMozKAa5vv/s59GoqEA4X1PcH838vMlf7
9++jQpe6Tb/xrNahbpPUM8vFpm4FnMrXpFDOdz/iKxR2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:39 2024 by rpki-client on console-ams.rpki-client.org