Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1xGKtNwxd7yEhIQBNqBCMwA7xwk.roa
File:                     1xGKtNwxd7yEhIQBNqBCMwA7xwk.roa (raw, json)
Hash identifier:          Sqa1xm4TC/bklbsDihqtkDeo+39wbmbwX5flp9DbIJo=
Subject key identifier:   D7:11:8A:B4:DC:31:77:BC:84:84:84:01:36:A0:42:33:00:3B:C7:09
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       01856E01BD071D4438A13F976C023A51BF17
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1xGKtNwxd7yEhIQBNqBCMwA7xwk.roa
Signing time:             Sun 01 Jan 2023 15:44:45 +0000
ROA not before:           Sun 01 Jan 2023 15:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24961
IP address blocks:        37.114.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:bd:07:1d:44:38:a1:3f:97:6c:02:3a:51:bf:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Jan  1 15:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7118ab4dc3177bc8484840136a04233003bc709
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:df:cc:0b:e7:8e:6e:d1:30:7b:d2:01:03:7e:
                    43:56:4d:ca:d6:69:dd:ab:af:d5:98:a3:0a:46:79:
                    f4:ca:e0:61:6c:c8:25:b3:29:d2:18:cb:98:98:16:
                    ec:2c:ae:a7:b6:4b:ee:a6:48:36:c0:85:8d:a8:eb:
                    19:b8:3b:b7:8e:a1:a7:fa:d8:0b:ea:07:06:f3:c3:
                    19:9c:cd:50:4c:30:89:56:34:91:d1:3a:27:ee:11:
                    02:42:7c:d6:05:be:f0:06:59:ba:44:e6:14:27:a8:
                    ac:27:52:b9:e3:0f:c3:2e:08:5d:e4:30:a2:6d:e9:
                    34:f3:09:ff:03:97:40:4c:ae:f8:68:37:bf:50:56:
                    c5:8e:cc:fb:89:5e:0c:22:f9:6e:4e:b0:37:bb:76:
                    8e:eb:c0:0d:84:06:ec:e4:af:fd:41:61:eb:df:61:
                    1a:57:7d:11:00:62:e2:26:09:4e:31:9e:91:bb:70:
                    75:20:ec:7f:a7:57:27:55:4f:63:a7:ec:62:e4:ba:
                    97:2a:da:91:4c:c7:70:d1:b0:53:c9:f9:79:0f:fc:
                    b6:3a:b0:5e:ce:fc:ff:f7:7c:b4:f7:61:d2:16:15:
                    71:da:4d:e9:9f:57:ba:61:13:af:2a:ef:37:6c:3a:
                    b9:66:e5:f8:75:2d:4c:68:16:8c:5f:b1:bd:26:d1:
                    fb:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:11:8A:B4:DC:31:77:BC:84:84:84:01:36:A0:42:33:00:3B:C7:09
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1xGKtNwxd7yEhIQBNqBCMwA7xwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:a1:94:30:9e:3e:15:0c:37:6d:92:c4:33:91:20:bb:23:af:
         98:a7:96:24:4a:01:8c:a8:9a:42:b0:fe:e3:aa:bf:ae:54:1f:
         66:8f:92:53:7f:d5:ed:1e:5a:7e:79:72:34:53:4b:d9:82:e5:
         ee:cd:d3:2f:38:26:75:49:dc:6d:34:7b:7b:75:a8:67:ec:9f:
         dc:c7:67:dd:fb:e4:b7:a1:30:c6:c2:b0:7f:12:bd:11:54:a6:
         61:9f:ee:84:e1:29:f1:6c:7f:3d:3d:9d:c5:d1:e5:d6:29:7c:
         1a:65:a2:c1:3b:47:11:11:6b:fc:9e:c8:a7:33:91:ef:fa:60:
         39:3c:8f:bb:9c:b8:ec:ab:5b:57:9e:d1:c7:02:03:46:8a:db:
         89:2c:c8:da:8f:27:de:f6:5b:7b:64:b8:b6:d1:c9:28:1c:7a:
         c1:23:08:61:bc:f4:8a:45:ee:61:99:6f:3a:92:61:0c:14:98:
         60:a9:b0:64:05:31:c7:7e:6d:7a:70:33:f4:4d:6d:d2:37:4e:
         9c:ca:3c:fb:75:15:44:fb:2f:2f:bf:0e:73:17:d3:6c:82:79:
         ec:97:13:5a:b3:49:e2:8a:6f:51:ef:14:49:0d:d5:2a:dc:04:
         12:b6:1b:b8:2a:38:7c:40:16:72:cb:f5:86:78:38:9d:d3:d4:
         57:47:2c:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAb0HHUQ4oT+XbAI6Ub8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMTAxMTU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzExOGFiNGRjMzE3N2JjODQ4NDg0MDEzNmEwNDIzMzAwM2JjNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd/MC+eObtEwe9IBA35DVk3K1mnd
q6/VmKMKRnn0yuBhbMglsynSGMuYmBbsLK6ntkvupkg2wIWNqOsZuDu3jqGn+tgL
6gcG88MZnM1QTDCJVjSR0Ton7hECQnzWBb7wBlm6ROYUJ6isJ1K54w/DLghd5DCi
bek08wn/A5dATK74aDe/UFbFjsz7iV4MIvluTrA3u3aO68ANhAbs5K/9QWHr32Ea
V30RAGLiJglOMZ6Ru3B1IOx/p1cnVU9jp+xi5LqXKtqRTMdw0bBTyfl5D/y2OrBe
zvz/93y092HSFhVx2k3pn1e6YROvKu83bDq5ZuX4dS1MaBaMX7G9JtH7twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcRirTcMXe8hISEATagQjMAO8cJMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvMXhHS3ROd3hkN3lFaElRQk5xQkNNd0E3eHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJXIoMA0G
CSqGSIb3DQEBCwUAA4IBAQC6oZQwnj4VDDdtksQzkSC7I6+Yp5YkSgGMqJpCsP7j
qr+uVB9mj5JTf9XtHlp+eXI0U0vZguXuzdMvOCZ1SdxtNHt7dahn7J/cx2fd++S3
oTDGwrB/Er0RVKZhn+6E4SnxbH89PZ3F0eXWKXwaZaLBO0cREWv8nsinM5Hv+mA5
PI+7nLjsq1tXntHHAgNGituJLMjajyfe9lt7ZLi20ckoHHrBIwhhvPSKRe5hmW86
kmEMFJhgqbBkBTHHfm16cDP0TW3SN06cyjz7dRVE+y8vvw5zF9NsgnnslxNas0ni
im9R7xRJDdUq3AQSthu4Kjh8QBZyy/WGeDid09RXRyzj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:17 2024 by rpki-client on console-ams.rpki-client.org