Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa
File:                     Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa (raw, json)
Hash identifier:          7tenFVgQg127sPgJWl0tLSet7Ggs/jXOBxEe507pzMo=
Subject key identifier:   2A:BD:CE:0F:F8:7B:7B:C8:04:9E:BA:F4:13:A5:75:CF:9E:EB:52:D7
Certificate issuer:       /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial:       018CCA2A37F469D1EEEB9DB97DED6926CA62
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa
Signing time:             Tue 02 Jan 2024 12:33:33 +0000
ROA not before:           Tue 02 Jan 2024 12:33:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51788
IP address blocks:        46.148.32.0/24 maxlen: 24
                          46.148.37.0/24 maxlen: 24
                          46.148.33.0/24 maxlen: 24
                          46.148.34.0/24 maxlen: 24
                          46.148.42.0/24 maxlen: 24
                          46.148.40.0/24 maxlen: 24
                          46.148.41.0/24 maxlen: 24
                          46.148.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jul 2024 11:54:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:37:f4:69:d1:ee:eb:9d:b9:7d:ed:69:26:ca:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
        Validity
            Not Before: Jan  2 12:33:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2abdce0ff87b7bc8049ebaf413a575cf9eeb52d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:6f:91:57:c8:3e:f6:09:42:7a:5e:41:90:32:
                    74:6a:b6:0d:c1:3c:c8:68:84:54:66:2f:ee:2b:cc:
                    72:ac:71:fa:da:d2:1a:a2:7e:b7:47:b9:b5:cb:81:
                    5e:37:f2:bc:45:f8:da:58:f0:f0:bc:ad:1f:d4:27:
                    22:b8:13:97:05:3a:cf:da:3a:55:f7:59:75:3d:4a:
                    f8:05:22:34:1b:6a:12:75:61:43:95:78:f4:a4:4c:
                    f8:d4:0b:15:b8:09:71:d6:8e:c4:a6:e9:2e:37:15:
                    af:48:b3:7e:82:77:02:38:b1:25:8f:37:cd:89:60:
                    ce:f9:9a:45:48:3b:25:9a:37:ec:65:40:99:62:7c:
                    e1:67:fa:fc:45:c9:66:45:bb:7a:cf:22:ac:cf:48:
                    2d:d5:43:8b:3e:b9:55:89:37:2b:69:2e:4b:bc:60:
                    43:cd:23:05:6e:ed:09:0a:04:37:aa:47:b8:43:22:
                    41:f8:20:22:2e:e7:bf:80:89:93:e3:72:6c:4e:2d:
                    8a:aa:0b:4e:b7:df:fc:04:28:12:00:57:40:f7:fa:
                    68:d7:4f:c4:00:44:64:0d:6d:58:03:bc:0f:cf:63:
                    e2:87:56:a9:56:b2:b3:4d:ef:74:ea:3e:89:4e:f4:
                    f1:a5:49:49:fb:5a:81:f3:d3:08:62:36:41:66:40:
                    11:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:BD:CE:0F:F8:7B:7B:C8:04:9E:BA:F4:13:A5:75:CF:9E:EB:52:D7
            X509v3 Authority Key Identifier:
                keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.148.32.0-46.148.34.255
                  46.148.37.0/24
                  46.148.40.0-46.148.42.255
                  46.148.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:dc:1c:48:8a:de:82:e6:d4:8e:5a:47:7b:d2:cd:2a:b2:79:
         b0:eb:2d:2c:e4:29:b8:60:c2:3c:b4:40:cd:5c:b9:5f:89:4f:
         b7:4c:9a:6a:4a:2c:d6:e8:88:57:26:fb:28:e1:5b:90:a8:e8:
         5c:02:dc:fe:a8:4d:3a:23:85:d1:06:a2:af:74:0b:6f:a2:c8:
         10:40:57:14:25:10:3a:92:95:54:10:bf:17:47:de:86:8f:58:
         e5:bd:a8:82:43:2b:7c:ba:45:64:c0:ac:33:f6:45:8c:e9:e6:
         74:a1:a2:80:b5:ea:bd:a4:88:cb:2b:64:29:fb:ea:9a:d7:21:
         2b:33:26:bb:1a:bd:c3:8f:5e:ca:48:96:8d:bf:88:7a:1f:24:
         18:ff:39:ba:1c:3a:79:60:73:59:28:8d:00:b6:fb:e6:e8:60:
         76:c4:aa:65:10:82:15:72:9c:21:f1:d6:9f:2f:c3:95:cf:1d:
         c4:23:a2:3f:94:82:47:51:d3:24:82:f2:3f:a5:ea:bb:98:bc:
         70:85:2a:64:71:b9:21:bf:09:95:21:56:e4:c7:48:fd:de:71:
         55:96:25:42:37:9d:ea:d0:94:d9:eb:90:a1:53:55:a9:b6:d2:
         b7:78:b2:64:e4:54:ee:85:94:ad:ca:89:6e:6f:65:07:10:3c:
         40:70:15:d3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzKKjf0adHu6525fe1pJspiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJkY2UwZmY4N2I3YmM4MDQ5ZWJhZjQxM2E1NzVjZjllZWI1MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm+RV8g+9glCel5BkDJ0arYNwTzI
aIRUZi/uK8xyrHH62tIaon63R7m1y4FeN/K8RfjaWPDwvK0f1CciuBOXBTrP2jpV
91l1PUr4BSI0G2oSdWFDlXj0pEz41AsVuAlx1o7EpukuNxWvSLN+gncCOLEljzfN
iWDO+ZpFSDslmjfsZUCZYnzhZ/r8RclmRbt6zyKsz0gt1UOLPrlViTcraS5LvGBD
zSMFbu0JCgQ3qke4QyJB+CAiLue/gImT43JsTi2KqgtOt9/8BCgSAFdA9/po10/E
AERkDW1YA7wPz2Pih1apVrKzTe906j6JTvTxpUlJ+1qB89MIYjZBZkAR/wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCq9zg/4e3vIBJ669BOldc+e61LXMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvS3IzT0RfaDdlOGdFbnJyMEU2VjF6NTdyVXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUulCAD
BAAulCIDBAAulCUwDAMEAy6UKAMEAC6UKgMEAC6ULzANBgkqhkiG9w0BAQsFAAOC
AQEAPNwcSIregubUjlpHe9LNKrJ5sOstLOQpuGDCPLRAzVy5X4lPt0yaakos1uiI
Vyb7KOFbkKjoXALc/qhNOiOF0Qair3QLb6LIEEBXFCUQOpKVVBC/F0feho9Y5b2o
gkMrfLpFZMCsM/ZFjOnmdKGigLXqvaSIyytkKfvqmtchKzMmuxq9w49eykiWjb+I
eh8kGP85uhw6eWBzWSiNALb75uhgdsSqZRCCFXKcIfHWny/Dlc8dxCOiP5SCR1HT
JILyP6Xqu5i8cIUqZHG5Ib8JlSFW5MdI/d5xVZYlQjed6tCU2euQoVNVqbbSt3iy
ZORU7oWUrcqJbm9lBxA8QHAV0w==
-----END CERTIFICATE-----
Generated at Tue Jul 30 13:39:24 2024 by rpki-client on console-fra.rpki-client.org