Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/k7i98dYx1qwHR1Xklq6G8igR7is.roa
File:                     k7i98dYx1qwHR1Xklq6G8igR7is.roa (raw, json)
Hash identifier:          a31LZ51BlXoNv7yD53ZuffUWqEXAOvxJiWKPEzO+qyc=
Subject key identifier:   93:B8:BD:F1:D6:31:D6:AC:07:47:55:E4:96:AE:86:F2:28:11:EE:2B
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       018C492EEAEB2DBC88D6FB5545778A322BF2
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/k7i98dYx1qwHR1Xklq6G8igR7is.roa
Signing time:             Fri 08 Dec 2023 11:27:40 +0000
ROA not before:           Fri 08 Dec 2023 11:27:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213250
IP address blocks:        37.114.37.0/24 maxlen: 24
                          37.114.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:49:2e:ea:eb:2d:bc:88:d6:fb:55:45:77:8a:32:2b:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Dec  8 11:27:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=93b8bdf1d631d6ac074755e496ae86f22811ee2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:84:09:75:ca:89:97:0c:8a:1b:6b:35:49:99:
                    91:96:0b:d8:6e:12:e6:34:ba:67:4b:e7:3e:ba:70:
                    46:e0:70:c9:f3:ff:cb:08:49:14:9e:0c:ac:1c:08:
                    6b:5d:ac:81:c6:17:c6:0a:36:20:57:8c:6d:25:65:
                    16:ee:48:11:f1:fd:2d:66:1b:29:85:ea:f1:21:6a:
                    d4:5e:25:2c:47:14:6e:e0:e5:bc:6f:6c:3a:8e:d8:
                    7d:1c:87:8c:cc:05:7b:d2:cd:dd:40:c3:8e:15:61:
                    fc:64:2b:fa:e1:a2:5a:4a:e6:79:6f:b5:1b:64:4b:
                    99:08:ea:e2:f2:e4:a8:d7:82:09:6b:f8:66:30:44:
                    5d:86:e4:15:a2:4a:b3:4f:15:ea:63:d8:6a:99:01:
                    ce:0d:a9:e1:32:a5:d1:48:77:bb:ad:18:99:73:e3:
                    d6:89:14:53:40:13:45:48:1f:3c:b6:de:40:fa:1d:
                    82:a4:3f:e0:4a:59:70:d2:1d:49:19:84:5c:2a:84:
                    79:44:e4:5b:13:75:f5:38:dd:f8:7d:6d:13:08:75:
                    8b:ba:59:45:c9:b2:f8:43:ef:95:c4:0a:51:d7:88:
                    15:e1:ff:6d:fa:42:c5:74:1c:85:10:ed:0a:b9:f6:
                    99:de:8b:1b:00:aa:fc:88:c8:53:0b:06:18:f0:b5:
                    64:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:B8:BD:F1:D6:31:D6:AC:07:47:55:E4:96:AE:86:F2:28:11:EE:2B
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/k7i98dYx1qwHR1Xklq6G8igR7is.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.37.0/24
                  37.114.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:62:ee:89:81:19:56:95:83:de:32:75:6f:86:34:7e:f0:28:
         38:0a:a5:07:c4:1b:44:a9:6a:ba:42:f1:da:9c:2f:c9:fe:cd:
         75:f3:fc:7e:dd:6e:1a:72:d9:2e:4a:be:4a:c1:42:96:f7:0f:
         46:8f:d7:e4:50:f8:7c:26:be:70:ec:d6:f5:5d:03:52:a9:02:
         90:ac:43:49:78:e3:a5:75:93:12:dd:4a:2a:8b:df:7c:ad:34:
         f4:80:28:dd:b2:0b:16:2e:82:fd:71:7e:97:90:2d:98:7a:a2:
         9f:37:a3:a9:72:12:f7:21:48:9f:40:b3:67:16:00:38:8c:a3:
         0b:c5:76:33:51:76:c4:2c:ea:c0:ab:91:e2:05:18:f5:26:87:
         da:dc:5e:67:d9:95:7d:38:64:50:06:27:05:1d:c0:bd:2c:5d:
         c8:4e:f3:95:d6:4a:9d:29:70:c2:5a:54:96:d4:10:3a:fc:3d:
         e5:ab:6b:7c:cc:20:f1:a9:e4:89:d6:d9:52:5a:bc:fb:53:aa:
         0c:fc:9d:5d:b9:ee:8a:e4:13:ea:38:58:71:89:e1:c1:ed:a6:
         e9:c9:02:6f:90:73:55:87:73:60:1e:b2:af:f7:41:a6:51:01:
         a3:f6:7f:63:98:58:38:8b:e7:8a:6e:0f:87:9c:90:62:4d:ab:
         95:f3:29:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxJLurrLbyI1vtVRXeKMivyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMxMjA4MTEyNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I4YmRmMWQ2MzFkNmFjMDc0NzU1ZTQ5NmFlODZmMjI4MTFlZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloQJdcqJlwyKG2s1SZmRlgvYbhLm
NLpnS+c+unBG4HDJ8//LCEkUngysHAhrXayBxhfGCjYgV4xtJWUW7kgR8f0tZhsp
herxIWrUXiUsRxRu4OW8b2w6jth9HIeMzAV70s3dQMOOFWH8ZCv64aJaSuZ5b7Ub
ZEuZCOri8uSo14IJa/hmMERdhuQVokqzTxXqY9hqmQHODanhMqXRSHe7rRiZc+PW
iRRTQBNFSB88tt5A+h2CpD/gSllw0h1JGYRcKoR5RORbE3X1ON34fW0TCHWLullF
ybL4Q++VxApR14gV4f9t+kLFdByFEO0KufaZ3osbAKr8iMhTCwYY8LVkiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJO4vfHWMdasB0dV5JauhvIoEe4rMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvazdpOThkWXgxcXdIUjFYa2xxNkc4aWdSN2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJXIlAwQA
JXI/MA0GCSqGSIb3DQEBCwUAA4IBAQCRYu6JgRlWlYPeMnVvhjR+8Cg4CqUHxBtE
qWq6QvHanC/J/s118/x+3W4actkuSr5KwUKW9w9Gj9fkUPh8Jr5w7Nb1XQNSqQKQ
rENJeOOldZMS3Uoqi998rTT0gCjdsgsWLoL9cX6XkC2YeqKfN6OpchL3IUifQLNn
FgA4jKMLxXYzUXbELOrAq5HiBRj1Jofa3F5n2ZV9OGRQBicFHcC9LF3ITvOV1kqd
KXDCWlSW1BA6/D3lq2t8zCDxqeSJ1tlSWrz7U6oM/J1due6K5BPqOFhxieHB7abp
yQJvkHNVh3NgHrKv90GmUQGj9n9jmFg4i+eKbg+HnJBiTauV8ynf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org