Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QsuJerumkCqzbHy-VuZiPtdHvu0.roa
File:                     QsuJerumkCqzbHy-VuZiPtdHvu0.roa (raw, json)
Hash identifier:          ppzmtt1X7c7bdHMi4EyabHyCV7Hq7fCpeb/C8Xqr2iU=
Subject key identifier:   42:CB:89:7A:BB:A6:90:2A:B3:6C:7C:BE:56:E6:62:3E:D7:47:BE:ED
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       01856C13954CE3E987E30A23F3D1B3C23852
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QsuJerumkCqzbHy-VuZiPtdHvu0.roa
Signing time:             Sun 01 Jan 2023 06:45:00 +0000
ROA not before:           Sun 01 Jan 2023 06:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        37.140.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:13:95:4c:e3:e9:87:e3:0a:23:f3:d1:b3:c2:38:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Jan  1 06:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42cb897abba6902ab36c7cbe56e6623ed747beed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e0:9d:5c:09:9a:ea:4d:8e:e9:a2:e3:c9:8a:
                    e0:11:7b:29:1a:e9:08:14:de:7c:ee:5a:92:2a:42:
                    4d:d4:e8:e3:0b:19:5c:f2:8f:e7:84:83:d7:fa:19:
                    f0:2e:05:b6:e5:ff:ae:4f:96:4f:25:36:fa:7b:2b:
                    82:81:b5:6e:04:5f:21:b4:95:f7:5c:24:01:77:9d:
                    83:a9:0e:83:08:02:aa:ea:0b:4f:4f:92:ea:ba:2a:
                    c8:e9:0e:32:53:38:f4:07:44:61:e2:0a:aa:5a:40:
                    ae:84:d1:0a:73:bc:8f:ac:d3:03:47:bc:ca:9f:03:
                    ab:fb:41:35:19:41:ea:8e:30:88:b4:be:29:0c:bd:
                    31:74:a8:ea:83:03:ec:86:35:cf:0a:c8:ed:da:56:
                    55:b5:69:d9:ce:b5:70:49:d0:cf:58:52:23:e3:e6:
                    c3:b2:85:15:c7:88:0b:b8:a9:7f:86:c8:71:8b:c3:
                    3f:29:52:f2:5a:4d:c0:98:38:dc:53:68:31:f3:a0:
                    14:3d:e5:90:12:f0:13:08:af:03:f6:ec:4d:27:bf:
                    5c:4f:65:3f:95:85:0a:c7:12:c2:1e:8a:6f:21:55:
                    3d:1a:ad:f4:65:88:1e:b5:32:c9:e8:41:37:58:39:
                    cf:45:2c:e3:fa:0a:c9:02:c8:52:c8:13:2b:9c:3b:
                    e8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:CB:89:7A:BB:A6:90:2A:B3:6C:7C:BE:56:E6:62:3E:D7:47:BE:ED
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QsuJerumkCqzbHy-VuZiPtdHvu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:cb:2d:e1:c4:91:46:f1:6d:c9:9c:1c:3b:7e:55:62:91:e1:
         39:6d:7d:8c:a8:b8:90:4c:99:c0:27:36:d6:e2:a3:ee:de:07:
         95:50:b3:82:5d:95:5d:92:00:ad:08:9a:53:5c:e3:ce:cf:93:
         13:46:ac:05:c5:06:8f:00:3e:ea:df:aa:1c:1f:03:52:48:38:
         36:df:c5:86:98:d3:cc:48:25:73:9a:dd:df:e6:83:bb:38:b2:
         be:84:73:da:9c:66:92:31:bf:e6:f9:7a:7a:84:2e:56:62:01:
         c4:ba:c1:9d:c2:c7:bd:a1:df:69:72:54:d4:86:3d:55:8a:20:
         38:0c:29:ed:b8:31:a4:7c:47:b9:48:37:42:d7:b4:95:c1:47:
         bd:21:9c:c4:23:79:6e:c7:65:f7:a0:c6:8d:ac:32:0a:f0:dd:
         5d:ae:8d:cd:d0:28:e7:84:d3:bf:6d:c5:4f:f1:18:74:52:88:
         21:d2:04:ea:16:a7:2d:33:02:5d:dd:0f:a8:39:6c:6b:30:dc:
         75:c9:19:80:3c:b3:4c:65:55:24:00:94:ea:68:b7:5c:98:a1:
         78:94:6e:02:f2:08:6f:5b:e1:01:ec:1f:66:20:55:86:77:49:
         02:1d:eb:f8:1a:b6:0d:b0:10:f4:25:75:31:1d:39:0c:aa:de:
         1e:dc:f7:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE5VM4+mH4woj89GzwjhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwMTAxMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmNiODk3YWJiYTY5MDJhYjM2YzdjYmU1NmU2NjIzZWQ3NDdiZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+CdXAma6k2O6aLjyYrgEXspGukI
FN587lqSKkJN1OjjCxlc8o/nhIPX+hnwLgW25f+uT5ZPJTb6eyuCgbVuBF8htJX3
XCQBd52DqQ6DCAKq6gtPT5LquirI6Q4yUzj0B0Rh4gqqWkCuhNEKc7yPrNMDR7zK
nwOr+0E1GUHqjjCItL4pDL0xdKjqgwPshjXPCsjt2lZVtWnZzrVwSdDPWFIj4+bD
soUVx4gLuKl/hshxi8M/KVLyWk3AmDjcU2gx86AUPeWQEvATCK8D9uxNJ79cT2U/
lYUKxxLCHopvIVU9Gq30ZYgetTLJ6EE3WDnPRSzj+grJAshSyBMrnDvoFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELLiXq7ppAqs2x8vlbmYj7XR77tMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvUXN1SmVydW1rQ3F6Ykh5LVZ1WmlQdGRIdnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYzfMA0G
CSqGSIb3DQEBCwUAA4IBAQC+yy3hxJFG8W3JnBw7flVikeE5bX2MqLiQTJnAJzbW
4qPu3geVULOCXZVdkgCtCJpTXOPOz5MTRqwFxQaPAD7q36ocHwNSSDg238WGmNPM
SCVzmt3f5oO7OLK+hHPanGaSMb/m+Xp6hC5WYgHEusGdwse9od9pclTUhj1ViiA4
DCntuDGkfEe5SDdC17SVwUe9IZzEI3lux2X3oMaNrDIK8N1dro3N0CjnhNO/bcVP
8Rh0Uogh0gTqFqctMwJd3Q+oOWxrMNx1yRmAPLNMZVUkAJTqaLdcmKF4lG4C8ghv
W+EB7B9mIFWGd0kCHev4GrYNsBD0JXUxHTkMqt4e3PcU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org