Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/36MR9njXpIqbqHH3wWRNMf57eHk.roa
File:                     36MR9njXpIqbqHH3wWRNMf57eHk.roa (raw, json)
Hash identifier:          zHOcmeEPit34OTZsHMPI62I+nH6zcCeuyOSbDwCGn7c=
Subject key identifier:   DF:A3:11:F6:78:D7:A4:8A:9B:A8:71:F7:C1:64:4D:31:FE:7B:78:79
Certificate issuer:       /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial:       018CC87058F340D7246D3CDDDBE69CCCFF48
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/36MR9njXpIqbqHH3wWRNMf57eHk.roa
Signing time:             Tue 02 Jan 2024 04:30:55 +0000
ROA not before:           Tue 02 Jan 2024 04:30:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44530
IP address blocks:        37.77.32.0/20 maxlen: 20
                          2a02:e5c::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 28 May 2024 21:08:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:58:f3:40:d7:24:6d:3c:dd:db:e6:9c:cc:ff:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
        Validity
            Not Before: Jan  2 04:30:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dfa311f678d7a48a9ba871f7c1644d31fe7b7879
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:35:34:f2:be:79:19:b0:c5:65:61:5e:25:41:
                    de:6f:46:9d:b0:4a:6e:b4:40:19:77:0e:84:2b:27:
                    87:ee:e1:e1:22:f0:02:ab:68:5a:ed:62:dd:34:4b:
                    c2:2a:ed:47:50:24:26:bb:2d:77:64:e4:a6:1a:5c:
                    1d:4b:cc:80:ec:6c:49:b1:f5:37:48:c6:07:03:51:
                    8e:f4:50:24:6d:eb:26:ee:82:d7:45:c2:4e:92:22:
                    e2:85:c1:3e:0b:42:f1:5b:17:8c:c9:ac:d0:02:71:
                    11:54:9d:7a:cc:5f:6a:c3:50:2c:be:6f:e4:82:78:
                    0a:18:55:7e:45:1c:73:7b:92:61:89:20:e0:c9:3f:
                    20:bf:6a:34:00:60:98:80:ef:19:49:13:d7:7f:05:
                    be:39:96:12:ab:d9:b8:b2:fe:c7:b5:22:f3:17:64:
                    12:39:8e:a1:6f:60:4f:79:bf:fe:74:dd:39:b7:2c:
                    03:4e:66:7f:cb:1f:50:d9:92:64:1a:3d:d9:5e:37:
                    8e:78:fa:24:46:dc:16:13:97:f6:f5:e0:60:22:e0:
                    e1:7d:ae:07:73:f2:90:55:89:86:73:96:04:62:34:
                    26:3e:41:8a:33:98:a9:8a:b3:0c:52:f4:47:3d:d3:
                    a6:f9:45:b3:d8:ae:04:c0:6e:f2:41:70:b6:30:74:
                    cd:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A3:11:F6:78:D7:A4:8A:9B:A8:71:F7:C1:64:4D:31:FE:7B:78:79
            X509v3 Authority Key Identifier:
                keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/36MR9njXpIqbqHH3wWRNMf57eHk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.32.0/20
                IPv6:
                  2a02:e5c::/32

    Signature Algorithm: sha256WithRSAEncryption
         76:8c:92:af:59:0f:4a:ac:d6:e0:f9:ce:f3:12:bb:16:93:b2:
         3a:18:ad:f4:41:e8:80:50:5b:c1:10:d1:05:f7:42:88:f9:18:
         06:c4:ed:5c:46:be:fb:49:63:7a:88:f5:92:8f:2d:b5:bf:14:
         55:3f:cb:3e:ef:3d:48:ac:23:d4:d4:f4:b3:7a:47:67:15:e6:
         48:1c:20:f9:8d:ed:4e:a7:b4:0b:3e:36:97:a8:7f:f1:fa:0a:
         1a:7d:3d:48:36:56:33:f7:5b:1d:e4:91:2e:05:fe:ca:9d:8b:
         7b:ec:b5:eb:8a:37:4a:ba:48:98:c5:91:c1:f7:61:82:60:86:
         4a:7a:31:23:69:36:3a:b0:87:a0:7f:07:ba:ea:8d:32:a7:fd:
         24:87:fa:88:f8:6c:f0:69:bb:21:06:48:62:02:5a:63:d2:8f:
         f3:b9:d6:2c:dd:88:17:86:b6:ef:85:c7:c2:18:b2:af:60:04:
         50:88:52:31:11:5e:86:a1:97:a9:e2:c9:4a:17:a6:36:4e:77:
         05:36:12:d9:6f:2d:32:0b:75:3a:8d:86:20:9a:13:48:e3:83:
         94:7c:bc:03:c3:9c:10:62:16:3c:4b:ce:71:da:15:e6:ec:ca:
         e6:44:2b:73:5f:6a:e4:61:c7:90:d0:a3:93:55:15:37:ed:29:
         0f:b8:5a:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcFjzQNckbTzd2+aczP9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWUzMWM5MDI5ZWU0NGJkNjgxYjUxNTMzMDMzNWM2YTFj
ZmRlZWUwHhcNMjQwMTAyMDQzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEzMTFmNjc4ZDdhNDhhOWJhODcxZjdjMTY0NGQzMWZlN2I3ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzU08r55GbDFZWFeJUHeb0adsEpu
tEAZdw6EKyeH7uHhIvACq2ha7WLdNEvCKu1HUCQmuy13ZOSmGlwdS8yA7GxJsfU3
SMYHA1GO9FAkbesm7oLXRcJOkiLihcE+C0LxWxeMyazQAnERVJ16zF9qw1Asvm/k
gngKGFV+RRxze5JhiSDgyT8gv2o0AGCYgO8ZSRPXfwW+OZYSq9m4sv7HtSLzF2QS
OY6hb2BPeb/+dN05tywDTmZ/yx9Q2ZJkGj3ZXjeOePokRtwWE5f29eBgIuDhfa4H
c/KQVYmGc5YEYjQmPkGKM5ipirMMUvRHPdOm+UWz2K4EwG7yQXC2MHTNHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN+jEfZ416SKm6hx98FkTTH+e3h5MB8GA1UdIwQY
MBaAFC2eMckCnuRL1oG1FTMDNcahz97uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMt
MDhkYTY2NTJhODY3LzEvMzZNUjlualhwSXFicUhIM3dXUk5NZjU3ZUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMtMDhkYTY2NTJhODY3
LzEvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEJU0gMA0E
AgACMAcDBQAqAg5cMA0GCSqGSIb3DQEBCwUAA4IBAQB2jJKvWQ9KrNbg+c7zErsW
k7I6GK30QeiAUFvBENEF90KI+RgGxO1cRr77SWN6iPWSjy21vxRVP8s+7z1IrCPU
1PSzekdnFeZIHCD5je1Op7QLPjaXqH/x+goafT1INlYz91sd5JEuBf7KnYt77LXr
ijdKukiYxZHB92GCYIZKejEjaTY6sIegfwe66o0yp/0kh/qI+GzwabshBkhiAlpj
0o/zudYs3YgXhrbvhcfCGLKvYARQiFIxEV6GoZep4slKF6Y2TncFNhLZby0yC3U6
jYYgmhNI44OUfLwDw5wQYhY8S85x2hXm7MrmRCtzX2rkYceQ0KOTVRU37SkPuFrj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:40 2024 by rpki-client on console-fra.rpki-client.org