Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/1-fItwEaQxQn9C7nwPTcKT5zVZsA.roa
File:                     1-fItwEaQxQn9C7nwPTcKT5zVZsA.roa (raw, json)
Hash identifier:          MeQdp2uxlPayWMHTBYKkgekpSufsz7Ah6918Ppbclko=
Subject key identifier:   F9:F2:2D:C0:46:90:C5:09:FD:0B:B9:F0:3D:37:0A:4F:9C:D5:66:C0
Certificate issuer:       /CN=80ebaf2cba8359438e434123dda7a5a396f5f519
Certificate serial:       01856D5400F842464C4343D7D645F048A50B
Authority key identifier: 80:EB:AF:2C:BA:83:59:43:8E:43:41:23:DD:A7:A5:A3:96:F5:F5:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/1-fItwEaQxQn9C7nwPTcKT5zVZsA.roa
Signing time:             Sun 01 Jan 2023 12:34:59 +0000
ROA not before:           Sun 01 Jan 2023 12:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211225
IP address blocks:        37.205.4.0/24 maxlen: 24
                          37.205.2.0/24 maxlen: 24
                          37.205.3.0/24 maxlen: 24
                          37.205.1.0/24 maxlen: 24
                          37.205.0.0/24 maxlen: 24
                          37.205.5.0/24 maxlen: 24
                          37.205.6.0/24 maxlen: 24
                          37.205.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:54:00:f8:42:46:4c:43:43:d7:d6:45:f0:48:a5:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80ebaf2cba8359438e434123dda7a5a396f5f519
        Validity
            Not Before: Jan  1 12:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9f22dc04690c509fd0bb9f03d370a4f9cd566c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ed:94:2f:2a:2d:a0:0f:82:df:ab:88:ed:fa:
                    5b:13:ed:ac:f5:f6:5e:e9:79:1f:3f:67:53:bf:d9:
                    a4:6c:a2:f3:d5:b9:d3:a9:e8:5c:56:3b:fc:19:b6:
                    bc:28:06:5b:92:5b:cb:6b:d0:2e:0a:36:01:f4:34:
                    8a:0e:4f:3e:ca:7f:e7:f3:44:dd:7e:49:a8:13:d7:
                    08:e5:98:82:e3:3d:aa:20:80:7f:37:d6:71:71:2f:
                    38:23:ac:90:ce:1b:ab:45:0e:d9:5b:23:9b:2c:ca:
                    ec:56:a9:7b:1a:1c:8f:03:75:4c:29:83:7a:74:d0:
                    e1:ab:b5:8c:9f:c1:5d:27:e9:ff:cd:d3:c4:90:e3:
                    17:3b:ec:02:fc:26:1e:65:d0:ea:dc:2a:0d:d5:4c:
                    99:51:53:20:1a:65:27:e4:3c:19:ff:d9:68:f7:2b:
                    f8:e7:3c:be:5c:7a:39:8d:91:d4:4d:89:40:4c:b9:
                    03:19:c2:2a:61:11:22:25:6d:40:69:37:e2:dc:ee:
                    59:9c:8b:51:d7:f5:f5:2a:19:fb:0a:b0:fc:5e:42:
                    91:71:ed:b0:00:67:51:d5:18:ad:00:99:b4:ad:39:
                    18:d4:3d:92:cb:08:14:f4:53:d0:c9:df:13:71:6c:
                    48:5e:3a:4a:44:e5:2b:ea:e1:ff:89:ec:e1:01:22:
                    e3:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:F2:2D:C0:46:90:C5:09:FD:0B:B9:F0:3D:37:0A:4F:9C:D5:66:C0
            X509v3 Authority Key Identifier:
                keyid:80:EB:AF:2C:BA:83:59:43:8E:43:41:23:DD:A7:A5:A3:96:F5:F5:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/1-fItwEaQxQn9C7nwPTcKT5zVZsA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.205.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:cd:5d:27:8f:df:37:3d:07:f0:64:76:3f:5e:92:36:f8:51:
         6e:14:0b:f1:1f:25:44:2c:bc:80:1e:bd:1f:b2:f0:d4:00:d7:
         6b:61:1b:41:dc:30:71:e3:5d:f1:26:95:90:58:ed:0e:a8:20:
         6a:8f:16:9f:8c:56:54:63:38:82:c7:69:71:64:20:76:4e:dd:
         b5:67:35:40:37:40:e2:e0:c8:88:67:ec:a2:0e:19:3a:dc:a3:
         c9:01:3c:ff:c8:01:51:a0:26:b8:01:51:9a:ed:bc:5a:20:44:
         fb:79:df:08:3d:fe:01:e5:3b:16:02:87:82:c1:7d:ed:36:71:
         b7:7b:45:3a:74:db:72:eb:e6:f5:12:1d:d1:aa:fc:50:c0:52:
         bd:25:9f:01:7f:cf:bf:19:1e:61:15:7e:95:56:b5:27:5f:d0:
         44:c1:c6:1a:37:b2:99:32:ea:61:9c:72:77:4e:17:62:9a:03:
         14:08:ef:67:9b:6f:2c:2a:6b:f8:6f:15:49:07:f5:d7:63:7c:
         51:c9:45:31:23:49:ce:df:64:bf:97:ce:58:a6:dd:af:05:ef:
         09:8e:d7:45:46:46:c7:4b:19:8d:3b:1c:17:b6:ea:f2:f8:4c:
         21:4a:8d:ca:6b:ec:8b:9e:5b:d1:84:a6:cc:c5:8e:ee:93:98:
         7e:b4:bf:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtVAD4QkZMQ0PX1kXwSKULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWJhZjJjYmE4MzU5NDM4ZTQzNDEyM2RkYTdhNWEzOTZm
NWY1MTkwHhcNMjMwMTAxMTIzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWYyMmRjMDQ2OTBjNTA5ZmQwYmI5ZjAzZDM3MGE0ZjljZDU2NmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe2ULyotoA+C36uI7fpbE+2s9fZe
6XkfP2dTv9mkbKLz1bnTqehcVjv8Gba8KAZbklvLa9AuCjYB9DSKDk8+yn/n80Td
fkmoE9cI5ZiC4z2qIIB/N9ZxcS84I6yQzhurRQ7ZWyObLMrsVql7GhyPA3VMKYN6
dNDhq7WMn8FdJ+n/zdPEkOMXO+wC/CYeZdDq3CoN1UyZUVMgGmUn5DwZ/9lo9yv4
5zy+XHo5jZHUTYlATLkDGcIqYREiJW1AaTfi3O5ZnItR1/X1Khn7CrD8XkKRce2w
AGdR1RitAJm0rTkY1D2SywgU9FPQyd8TcWxIXjpKROUr6uH/iezhASLjrwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnyLcBGkMUJ/Qu58D03Ck+c1WbAMB8GA1UdIwQY
MBaAFIDrryy6g1lDjkNBI92npaOW9fUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ091dkxMcURXVU9PUTBFajNhZWxvNWIxOVJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMWY4YTAtN2U5NS00ZmUyLTg4MDkt
Zjc4YmRiNmY2MGMyLzEvMS1mSXR3RWFReFFuOUM3bndQVGNLVDV6VlpzQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvMzFmOGEwLTdlOTUtNGZlMi04ODA5LWY3OGJkYjZmNjBj
Mi8xL2dPdXZMTHFEV1VPT1EwRWozYWVsbzViMTlSay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyXNADAN
BgkqhkiG9w0BAQsFAAOCAQEANM1dJ4/fNz0H8GR2P16SNvhRbhQL8R8lRCy8gB69
H7Lw1ADXa2EbQdwwceNd8SaVkFjtDqggao8Wn4xWVGM4gsdpcWQgdk7dtWc1QDdA
4uDIiGfsog4ZOtyjyQE8/8gBUaAmuAFRmu28WiBE+3nfCD3+AeU7FgKHgsF97TZx
t3tFOnTbcuvm9RId0ar8UMBSvSWfAX/PvxkeYRV+lVa1J1/QRMHGGjeymTLqYZxy
d04XYpoDFAjvZ5tvLCpr+G8VSQf112N8UclFMSNJzt9kv5fOWKbdrwXvCY7XRUZG
x0sZjTscF7bq8vhMIUqNymvsi55b0YSmzMWO7pOYfrS/gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:32 2024 by rpki-client on console-ams.rpki-client.org