Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/VS3Y8djhxeL73uuH7r7IWwb-xxA.roa
File:                     VS3Y8djhxeL73uuH7r7IWwb-xxA.roa (raw, json)
Hash identifier:          K4Z+3S0Ams+MXOA+WI8zB5LAU57bshPo91zIfYYkI0o=
Subject key identifier:   55:2D:D8:F1:D8:E1:C5:E2:FB:DE:EB:87:EE:BE:C8:5B:06:FE:C7:10
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01859C078EF4540CFD5ACCA0A6217E9515C7
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/VS3Y8djhxeL73uuH7r7IWwb-xxA.roa
Signing time:             Tue 10 Jan 2023 14:13:39 +0000
ROA not before:           Tue 10 Jan 2023 14:13:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207252
IP address blocks:        37.221.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 Feb 2023 10:16:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9c:07:8e:f4:54:0c:fd:5a:cc:a0:a6:21:7e:95:15:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan 10 14:13:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=552dd8f1d8e1c5e2fbdeeb87eebec85b06fec710
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a4:31:7e:25:61:6e:55:64:4d:d8:d4:b7:5f:
                    a7:e2:f2:b4:5d:26:6d:b1:04:96:46:99:92:71:fd:
                    09:f6:5b:b9:18:33:50:a6:ec:e2:a8:53:36:e9:de:
                    91:fa:5b:77:95:bf:f1:e7:ff:ad:a1:ce:f2:6c:2e:
                    64:09:46:0b:eb:d7:19:fe:95:e2:c1:8c:1d:4c:a7:
                    a0:53:79:95:17:49:f6:2b:0d:c8:f2:12:f0:cb:8d:
                    1b:c1:ed:65:d4:89:44:4f:f9:0d:8a:e1:ae:c0:b1:
                    45:75:a8:54:f4:5d:02:08:82:fd:0d:21:c8:df:88:
                    fa:b7:84:ef:b6:25:d0:46:88:46:a9:b4:62:35:7e:
                    d8:04:d9:01:2a:ab:c5:cb:a8:c0:31:30:4e:f6:90:
                    0e:34:4e:78:03:26:29:54:03:d5:33:5c:11:17:4e:
                    69:53:55:a7:5c:5a:5c:2d:06:81:b7:a2:d9:93:e5:
                    e4:e2:a2:6d:42:fa:e2:6c:2c:16:51:09:77:8b:ad:
                    8c:0a:7c:a8:ec:d2:c2:a0:0f:78:3e:8d:36:3e:95:
                    b1:d8:4c:ce:e8:05:76:a7:32:39:7b:eb:09:a4:a2:
                    8c:1f:23:5a:df:36:05:c7:58:af:eb:4d:4b:60:f2:
                    80:53:ed:3d:5e:f2:c7:1c:b5:f6:aa:02:21:c3:c7:
                    b0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:2D:D8:F1:D8:E1:C5:E2:FB:DE:EB:87:EE:BE:C8:5B:06:FE:C7:10
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/VS3Y8djhxeL73uuH7r7IWwb-xxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:36:1c:9c:26:1d:30:89:1f:89:ad:42:15:55:45:9c:ac:cd:
         e0:82:bf:06:71:8f:b2:a9:74:e6:f0:9a:ef:e3:61:5b:21:a2:
         7e:7e:75:89:1b:c0:b5:05:f6:8f:9e:61:71:2b:8a:a9:49:32:
         3c:2b:e7:29:66:08:4f:48:28:c9:59:9f:24:75:27:55:dd:52:
         da:81:cb:38:14:8f:da:77:0a:d8:35:89:07:1e:b0:4c:85:36:
         9a:77:f5:43:ee:80:9c:0a:5b:0c:c7:08:62:07:b0:8a:75:dd:
         1b:97:84:e6:62:9e:72:65:04:8b:b7:4f:aa:55:35:66:8b:22:
         f2:bc:5f:3e:e7:11:6e:d4:af:33:1d:dc:e8:aa:f1:ff:97:2a:
         4e:b8:51:4e:50:4a:4d:77:cd:de:f8:5b:33:9f:ec:bf:15:1f:
         a0:ff:9b:cb:7c:82:84:62:dd:a0:80:47:29:49:be:04:68:76:
         89:7d:b1:bc:8c:aa:d6:60:e8:fa:65:0e:6d:45:57:e8:63:8b:
         e2:be:85:50:da:b8:6a:cf:0e:e7:b1:e1:c0:28:ba:a2:5f:8d:
         c1:28:bd:60:89:2e:4d:d1:de:3f:50:d5:0f:eb:a5:3b:83:79:
         ff:fa:3b:30:e4:19:da:9b:45:2b:5b:ab:6b:fd:a6:fc:fe:67:
         0c:9c:ec:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWcB470VAz9WsygpiF+lRXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTEwMTQxMzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTJkZDhmMWQ4ZTFjNWUyZmJkZWViODdlZWJlYzg1YjA2ZmVjNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqQxfiVhblVkTdjUt1+n4vK0XSZt
sQSWRpmScf0J9lu5GDNQpuziqFM26d6R+lt3lb/x5/+toc7ybC5kCUYL69cZ/pXi
wYwdTKegU3mVF0n2Kw3I8hLwy40bwe1l1IlET/kNiuGuwLFFdahU9F0CCIL9DSHI
34j6t4TvtiXQRohGqbRiNX7YBNkBKqvFy6jAMTBO9pAONE54AyYpVAPVM1wRF05p
U1WnXFpcLQaBt6LZk+Xk4qJtQvribCwWUQl3i62MCnyo7NLCoA94Po02PpWx2EzO
6AV2pzI5e+sJpKKMHyNa3zYFx1iv601LYPKAU+09XvLHHLX2qgIhw8ew/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUt2PHY4cXi+97rh+6+yFsG/scQMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvVlMzWThkamh4ZUw3M3V1SDdyN0lXd2IteHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJd1fMA0G
CSqGSIb3DQEBCwUAA4IBAQAjNhycJh0wiR+JrUIVVUWcrM3ggr8GcY+yqXTm8Jrv
42FbIaJ+fnWJG8C1BfaPnmFxK4qpSTI8K+cpZghPSCjJWZ8kdSdV3VLagcs4FI/a
dwrYNYkHHrBMhTaad/VD7oCcClsMxwhiB7CKdd0bl4TmYp5yZQSLt0+qVTVmiyLy
vF8+5xFu1K8zHdzoqvH/lypOuFFOUEpNd83e+Fszn+y/FR+g/5vLfIKEYt2ggEcp
Sb4EaHaJfbG8jKrWYOj6ZQ5tRVfoY4vivoVQ2rhqzw7nseHAKLqiX43BKL1giS5N
0d4/UNUP66U7g3n/+jsw5Bnam0UrW6tr/ab8/mcMnOyT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org