Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/7d5CjI-R_ciP34Z4m5XZLb2xRDM.roa
File:                     7d5CjI-R_ciP34Z4m5XZLb2xRDM.roa (raw, json)
Hash identifier:          O1i8W4XpRX0oK3vj9WxOBiEk9k51/TQigRPDw0k5lB8=
Subject key identifier:   ED:DE:42:8C:8F:91:FD:C8:8F:DF:86:78:9B:95:D9:2D:BD:B1:44:33
Certificate issuer:       /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial:       01860C73F8CC6F70516D7FA04291FAB8A00A
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/7d5CjI-R_ciP34Z4m5XZLb2xRDM.roa
Signing time:             Wed 01 Feb 2023 10:09:32 +0000
ROA not before:           Wed 01 Feb 2023 10:09:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34665
IP address blocks:        178.130.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 09:55:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:0c:73:f8:cc:6f:70:51:6d:7f:a0:42:91:fa:b8:a0:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
        Validity
            Not Before: Feb  1 10:09:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=edde428c8f91fdc88fdf86789b95d92dbdb14433
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:a6:b4:d7:9c:23:0e:06:c5:63:8d:64:3e:72:
                    9e:ec:d5:9b:83:0c:a2:e0:d4:78:b6:43:1f:ee:24:
                    93:11:f5:92:20:7d:d8:b1:f3:d1:be:10:96:9d:66:
                    db:5d:b8:a7:92:61:f5:7d:07:4c:55:9b:32:21:5a:
                    31:c7:20:dc:d5:79:07:84:da:78:a5:d4:6b:5f:ba:
                    ab:86:9c:e8:fe:f3:22:67:79:f4:cf:16:93:87:0a:
                    b3:1d:c4:3b:cb:de:ba:c4:0a:e6:1c:cd:cf:48:75:
                    e0:c4:f2:d1:d4:cb:e3:05:09:76:75:1f:6e:69:28:
                    da:53:02:b2:6a:51:b5:14:82:a0:70:34:76:76:15:
                    c3:6f:19:5a:60:d2:0b:71:de:b7:e7:57:f7:72:c9:
                    f2:ce:ad:d9:56:df:f2:b5:10:8b:ff:cc:5d:51:f1:
                    4d:28:51:f4:ec:c2:10:ee:19:32:87:f0:dc:f6:d7:
                    c3:c5:ee:6a:45:8b:94:72:9f:75:ca:cd:07:cd:cc:
                    4c:2d:f7:24:e0:38:35:7f:af:df:be:92:4a:5b:cb:
                    a4:24:79:42:67:cd:52:46:41:88:22:50:a3:b2:ad:
                    2f:30:ce:69:17:da:d5:b4:eb:9c:22:32:3e:ab:89:
                    d6:97:cb:54:1b:12:00:f2:1a:26:47:2f:96:9c:91:
                    eb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:DE:42:8C:8F:91:FD:C8:8F:DF:86:78:9B:95:D9:2D:BD:B1:44:33
            X509v3 Authority Key Identifier:
                keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/7d5CjI-R_ciP34Z4m5XZLb2xRDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.130.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:89:3c:9d:ef:d8:c7:59:fc:c4:1c:b1:93:35:15:3e:bf:4f:
         dd:1e:c2:c4:cf:35:a1:ca:af:c8:73:7b:20:8e:f6:0e:c2:28:
         a2:ab:9a:f6:c7:a1:25:2a:57:c2:22:c7:e3:61:5d:01:ce:73:
         59:43:ea:e7:b6:af:dd:6b:4c:3f:bf:0f:07:34:97:7e:68:83:
         88:63:28:ae:99:ad:0c:9c:81:00:1b:3e:de:7a:5b:e8:1a:12:
         3e:a2:fb:7d:7a:36:9d:9e:35:fc:c4:ae:22:2b:f3:af:f7:d2:
         68:51:6f:5d:37:7d:4e:18:b5:89:a8:7a:24:b0:8d:5d:0e:ec:
         33:06:77:4a:ae:fe:9d:8b:3c:19:87:e2:f3:db:ba:42:69:85:
         f4:b0:46:4d:3f:ca:21:27:14:fc:0f:a3:97:b1:8a:e6:ff:af:
         59:b8:a1:f5:ca:c8:62:bc:9b:5c:d1:d9:8c:5c:92:87:33:ca:
         f4:8a:12:16:ca:b3:ed:fe:0a:b2:f5:2b:13:a1:43:8f:f9:d9:
         51:f8:32:fc:e1:aa:8c:38:26:36:10:6e:e6:69:ef:aa:f9:cd:
         f7:b0:16:e4:10:11:5e:d7:2b:fc:68:d4:1f:d1:4b:dd:a8:8c:
         9e:b5:cf:12:92:00:44:ba:16:aa:e3:94:02:99:1d:7e:a3:bd:
         ad:32:bb:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYMc/jMb3BRbX+gQpH6uKAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjMwMjAxMTAwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGRlNDI4YzhmOTFmZGM4OGZkZjg2Nzg5Yjk1ZDkyZGJkYjE0NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6a015wjDgbFY41kPnKe7NWbgwyi
4NR4tkMf7iSTEfWSIH3YsfPRvhCWnWbbXbinkmH1fQdMVZsyIVoxxyDc1XkHhNp4
pdRrX7qrhpzo/vMiZ3n0zxaThwqzHcQ7y966xArmHM3PSHXgxPLR1MvjBQl2dR9u
aSjaUwKyalG1FIKgcDR2dhXDbxlaYNILcd6351f3csnyzq3ZVt/ytRCL/8xdUfFN
KFH07MIQ7hkyh/Dc9tfDxe5qRYuUcp91ys0HzcxMLfck4Dg1f6/fvpJKW8ukJHlC
Z81SRkGIIlCjsq0vMM5pF9rVtOucIjI+q4nWl8tUGxIA8homRy+WnJHrswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO3eQoyPkf3Ij9+GeJuV2S29sUQzMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvN2Q1Q2pJLVJfY2lQMzRaNG01WFpMYjJ4UkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsoKDMA0G
CSqGSIb3DQEBCwUAA4IBAQCwiTyd79jHWfzEHLGTNRU+v0/dHsLEzzWhyq/Ic3sg
jvYOwiiiq5r2x6ElKlfCIsfjYV0BznNZQ+rntq/da0w/vw8HNJd+aIOIYyiuma0M
nIEAGz7eelvoGhI+ovt9ejadnjX8xK4iK/Ov99JoUW9dN31OGLWJqHoksI1dDuwz
BndKrv6dizwZh+Lz27pCaYX0sEZNP8ohJxT8D6OXsYrm/69ZuKH1yshivJtc0dmM
XJKHM8r0ihIWyrPt/gqy9SsToUOP+dlR+DL84aqMOCY2EG7mae+q+c33sBbkEBFe
1yv8aNQf0UvdqIyetc8SkgBEuhaq45QCmR1+o72tMruD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org