Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/EfSZ0WDQlDbGZQnUySE0Un1FInM.roa
File:                     EfSZ0WDQlDbGZQnUySE0Un1FInM.roa (raw, json)
Hash identifier:          eXnI0qbmQxD2Z2Hpy8/DSPl5Bp2AfA+52NQnTd06Hac=
Subject key identifier:   11:F4:99:D1:60:D0:94:36:C6:65:09:D4:C9:21:34:52:7D:45:22:73
Certificate issuer:       /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial:       01887057D756CB17A4FD9A9EA4E8672D8A65
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/EfSZ0WDQlDbGZQnUySE0Un1FInM.roa
Signing time:             Wed 31 May 2023 05:46:24 +0000
ROA not before:           Wed 31 May 2023 05:46:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201671
IP address blocks:        193.37.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 05:11:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:70:57:d7:56:cb:17:a4:fd:9a:9e:a4:e8:67:2d:8a:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
        Validity
            Not Before: May 31 05:46:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11f499d160d09436c66509d4c92134527d452273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6f:26:ea:5b:dd:3e:c1:65:b0:32:f0:c8:fc:
                    91:a0:97:1c:8b:ba:19:1e:b6:cf:cb:7d:4f:f5:1a:
                    4a:04:c2:af:4c:ba:68:49:69:6b:09:22:e4:35:53:
                    4f:69:0b:da:2f:7d:f3:df:3d:56:4f:00:2c:7d:92:
                    4b:30:d4:8c:2e:84:12:24:48:7c:1e:2b:b7:cf:2b:
                    5d:42:60:18:cf:64:ca:82:89:41:fd:6d:7d:ca:1f:
                    1e:37:d2:aa:73:bc:7b:a3:bc:02:c4:8a:68:e5:c3:
                    45:1c:da:37:8e:83:d1:bb:a9:9c:f6:43:b6:6c:ba:
                    37:31:f4:e9:d4:bf:0b:f2:9f:cf:82:c5:a3:02:dc:
                    e0:2a:7e:8e:39:cd:0c:9d:d5:2f:21:49:32:26:5e:
                    41:de:c9:df:ac:a7:5b:ea:dd:d6:a6:8f:79:ec:93:
                    b5:0e:f8:a9:06:57:4c:10:ea:f3:28:04:85:14:9b:
                    2a:fd:0c:e0:ee:b2:c4:47:a0:70:24:94:46:4c:fe:
                    75:30:85:be:9b:1f:6f:eb:63:54:6b:9c:cb:8d:30:
                    63:34:fd:cd:91:0d:f7:ed:d1:9c:8d:d4:82:0e:d9:
                    63:32:77:11:f4:aa:d0:11:e4:70:6a:3b:23:91:79:
                    42:c0:42:3a:f8:b5:d0:7e:33:84:4f:f3:24:c5:4a:
                    15:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:F4:99:D1:60:D0:94:36:C6:65:09:D4:C9:21:34:52:7D:45:22:73
            X509v3 Authority Key Identifier:
                keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/EfSZ0WDQlDbGZQnUySE0Un1FInM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:16:88:b0:60:a3:44:f7:df:71:07:43:04:da:8f:a4:db:57:
         ad:71:5f:b3:94:80:54:b9:81:d2:53:f8:2c:c2:4f:28:0c:57:
         cb:56:f4:24:71:93:02:a2:04:2c:1b:25:4d:a9:0c:56:5d:66:
         02:16:1b:b0:0e:21:25:bb:44:24:d0:1b:3a:90:a6:5e:a6:35:
         1f:ba:cd:a8:72:bd:6e:c7:c4:ca:97:05:07:cb:5c:1d:e1:3d:
         b0:5a:2e:5a:8c:e1:57:02:0c:81:f3:53:d2:67:47:9e:a8:57:
         cf:dd:c7:39:4f:0b:e0:bb:78:eb:35:52:58:a8:04:c1:af:4b:
         bc:38:61:2a:8c:8e:e7:45:56:9f:de:1a:31:e4:f9:72:18:17:
         f0:81:56:d8:e0:c4:d5:8c:ca:1f:b6:22:a8:f1:b6:6d:0f:d9:
         a5:85:9e:0c:dd:f6:77:e6:dc:31:94:11:80:8d:9c:5c:bb:eb:
         ec:16:8e:64:1a:bc:c6:00:9e:e7:95:2f:80:39:1d:55:f7:25:
         55:85:4a:38:a1:ac:48:ff:46:db:9f:15:6a:ee:bc:20:e9:47:
         b2:b0:b2:3f:6f:b6:ab:ec:1e:d2:fb:c4:e9:bd:c1:cc:e8:b5:
         13:b9:05:a2:eb:1e:cb:84:4a:33:78:84:d0:03:91:43:0c:44:
         5e:53:94:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhwV9dWyxek/ZqepOhnLYplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwNTMxMDU0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWY0OTlkMTYwZDA5NDM2YzY2NTA5ZDRjOTIxMzQ1MjdkNDUyMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx28m6lvdPsFlsDLwyPyRoJcci7oZ
HrbPy31P9RpKBMKvTLpoSWlrCSLkNVNPaQvaL33z3z1WTwAsfZJLMNSMLoQSJEh8
Hiu3zytdQmAYz2TKgolB/W19yh8eN9Kqc7x7o7wCxIpo5cNFHNo3joPRu6mc9kO2
bLo3MfTp1L8L8p/PgsWjAtzgKn6OOc0MndUvIUkyJl5B3snfrKdb6t3Wpo957JO1
DvipBldMEOrzKASFFJsq/Qzg7rLER6BwJJRGTP51MIW+mx9v62NUa5zLjTBjNP3N
kQ337dGcjdSCDtljMncR9KrQEeRwajsjkXlCwEI6+LXQfjOET/MkxUoVRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBH0mdFg0JQ2xmUJ1MkhNFJ9RSJzMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvRWZTWjBXRFFsRGJHWlFuVXlTRTBVbjFGSW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSVHMA0G
CSqGSIb3DQEBCwUAA4IBAQCXFoiwYKNE999xB0ME2o+k21etcV+zlIBUuYHSU/gs
wk8oDFfLVvQkcZMCogQsGyVNqQxWXWYCFhuwDiElu0Qk0Bs6kKZepjUfus2ocr1u
x8TKlwUHy1wd4T2wWi5ajOFXAgyB81PSZ0eeqFfP3cc5Twvgu3jrNVJYqATBr0u8
OGEqjI7nRVaf3hox5PlyGBfwgVbY4MTVjMoftiKo8bZtD9mlhZ4M3fZ35twxlBGA
jZxcu+vsFo5kGrzGAJ7nlS+AOR1V9yVVhUo4oaxI/0bbnxVq7rwg6UeysLI/b7ar
7B7S+8TpvcHM6LUTuQWi6x7LhEozeITQA5FDDEReU5TT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:50 2024 by rpki-client on console-ams.rpki-client.org