Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/sQIOV-gxrrjic0P3p94-MY3tWLY.roa
File:                     sQIOV-gxrrjic0P3p94-MY3tWLY.roa (raw, json)
Hash identifier:          ST2Js+UGcbgjTjf9i10yv/nu7oiWld4c2NVVE7F8aMo=
Subject key identifier:   B1:02:0E:57:E8:31:AE:B8:E2:73:43:F7:A7:DE:3E:31:8D:ED:58:B6
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01897E5DD9155CE58E19B90DB254877A6BA8
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/sQIOV-gxrrjic0P3p94-MY3tWLY.roa
Signing time:             Sat 22 Jul 2023 16:10:26 +0000
ROA not before:           Sat 22 Jul 2023 16:10:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35575
IP address blocks:        194.15.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:7e:5d:d9:15:5c:e5:8e:19:b9:0d:b2:54:87:7a:6b:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jul 22 16:10:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1020e57e831aeb8e27343f7a7de3e318ded58b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d3:4e:a2:65:9a:7a:b3:17:b8:5a:57:26:0f:
                    69:8a:74:d9:2c:cb:3b:6f:b9:29:55:30:73:ce:84:
                    e2:57:36:d3:10:44:40:6d:90:06:98:0a:85:9d:d6:
                    a5:6a:8d:9f:9e:3c:cc:26:8a:bc:65:05:28:dc:04:
                    59:33:87:bf:38:c0:51:ef:65:f4:86:45:21:1d:8b:
                    0b:76:cb:9f:d5:4b:d7:e3:69:d5:43:45:33:66:29:
                    10:23:c9:e3:52:8c:16:99:a7:c0:5c:9e:e2:2c:6f:
                    54:71:f4:c8:39:ec:6a:79:a4:14:5a:16:35:e2:f9:
                    78:c5:3f:bc:64:9b:47:67:70:db:18:33:71:96:59:
                    29:a8:8e:76:f2:60:da:df:17:d1:59:d4:3b:2a:22:
                    73:33:c1:43:15:e5:d2:1b:5b:61:8a:d2:49:76:ab:
                    b4:b6:10:4a:27:6c:72:eb:2c:67:d1:8b:c9:16:0b:
                    c5:f4:88:05:f1:44:39:5c:85:55:fc:a9:9b:ba:18:
                    c5:ef:d5:b1:9c:49:21:ee:28:03:5b:ca:74:fc:5d:
                    5d:89:41:f0:47:5e:5b:f5:a0:8a:8e:90:99:46:69:
                    fa:08:ad:e1:a2:8f:b9:27:0f:87:72:21:da:a5:14:
                    ef:b7:3a:b7:cc:01:f1:bb:27:d6:e0:68:95:66:04:
                    95:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:02:0E:57:E8:31:AE:B8:E2:73:43:F7:A7:DE:3E:31:8D:ED:58:B6
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/sQIOV-gxrrjic0P3p94-MY3tWLY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:22:dc:f6:da:9c:bf:71:a6:8b:61:bc:92:e2:5a:4c:92:e1:
         89:ad:36:87:7e:6f:74:e4:64:66:b1:68:9b:38:0a:18:60:a4:
         ee:7f:e9:8d:50:d1:97:7e:9a:aa:40:de:77:81:37:38:8c:01:
         17:8b:ba:d4:7c:10:9c:87:76:13:be:28:15:68:76:46:96:25:
         fc:0f:1a:6c:34:89:5b:4c:99:20:5e:8a:c4:c8:d7:1f:a6:7c:
         d7:67:d0:c7:91:bc:1a:e5:a4:a0:45:e7:9e:dc:69:f9:9f:15:
         ea:4c:83:32:05:f7:8c:cf:40:3b:5a:0b:d9:f5:d4:3b:33:3c:
         40:97:29:ee:9c:7b:5e:00:e2:78:37:c3:90:4b:b1:73:a4:56:
         ce:4a:8d:16:e7:0b:99:e9:20:c1:fe:91:d8:b4:7f:f1:61:e4:
         34:7b:78:ef:cf:87:d3:61:23:21:39:d3:e9:16:d6:0f:11:d6:
         15:92:c7:c9:1c:66:95:87:76:5d:01:bc:4f:cc:9b:d5:02:66:
         b0:e9:c8:71:d8:9c:4e:a5:3a:82:a7:d0:8b:6a:46:02:81:a0:
         5a:f1:5b:c8:9e:11:51:a1:56:1c:62:d0:77:5a:5c:28:20:98:
         ec:51:64:5a:70:0c:b9:5d:8e:29:30:3a:d5:37:34:34:cc:c1:
         5b:77:40:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl+XdkVXOWOGbkNslSHemuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNzIyMTYxMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAyMGU1N2U4MzFhZWI4ZTI3MzQzZjdhN2RlM2UzMThkZWQ1OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodNOomWaerMXuFpXJg9pinTZLMs7
b7kpVTBzzoTiVzbTEERAbZAGmAqFndalao2fnjzMJoq8ZQUo3ARZM4e/OMBR72X0
hkUhHYsLdsuf1UvX42nVQ0UzZikQI8njUowWmafAXJ7iLG9UcfTIOexqeaQUWhY1
4vl4xT+8ZJtHZ3DbGDNxllkpqI528mDa3xfRWdQ7KiJzM8FDFeXSG1thitJJdqu0
thBKJ2xy6yxn0YvJFgvF9IgF8UQ5XIVV/KmbuhjF79WxnEkh7igDW8p0/F1diUHw
R15b9aCKjpCZRmn6CK3hoo+5Jw+HciHapRTvtzq3zAHxuyfW4GiVZgSV+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLECDlfoMa644nND96fePjGN7Vi2MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvc1FJT1YtZ3hycmppYzBQM3A5NC1NWTN0V0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg8lMA0G
CSqGSIb3DQEBCwUAA4IBAQBmItz22py/caaLYbyS4lpMkuGJrTaHfm905GRmsWib
OAoYYKTuf+mNUNGXfpqqQN53gTc4jAEXi7rUfBCch3YTvigVaHZGliX8DxpsNIlb
TJkgXorEyNcfpnzXZ9DHkbwa5aSgReee3Gn5nxXqTIMyBfeMz0A7WgvZ9dQ7MzxA
lynunHteAOJ4N8OQS7FzpFbOSo0W5wuZ6SDB/pHYtH/xYeQ0e3jvz4fTYSMhOdPp
FtYPEdYVksfJHGaVh3ZdAbxPzJvVAmaw6chx2JxOpTqCp9CLakYCgaBa8VvInhFR
oVYcYtB3WlwoIJjsUWRacAy5XY4pMDrVNzQ0zMFbd0Dr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org