Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/cMij6n_8Zgp3atA7lxeTY4_omUA.roa
File:                     cMij6n_8Zgp3atA7lxeTY4_omUA.roa (raw, json)
Hash identifier:          +e+n/BpE5Hct9QdEDeRjLxcPuEEEW0NNipEQ/94CZpE=
Subject key identifier:   70:C8:A3:EA:7F:FC:66:0A:77:6A:D0:3B:97:17:93:63:8F:E8:99:40
Certificate issuer:       /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial:       0185724C99A4579C2608BB1C3D57CE4F74E2
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/cMij6n_8Zgp3atA7lxeTY4_omUA.roa
Signing time:             Mon 02 Jan 2023 11:45:00 +0000
ROA not before:           Mon 02 Jan 2023 11:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29286
IP address blocks:        37.72.192.0/19 maxlen: 19
                          37.72.243.0/24 maxlen: 24
                          37.72.242.0/24 maxlen: 24
                          37.72.244.0/22 maxlen: 22
                          37.72.252.0/22 maxlen: 22
                          37.72.248.0/24 maxlen: 24
                          37.72.250.0/23 maxlen: 23
                          37.72.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 13:23:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:4c:99:a4:57:9c:26:08:bb:1c:3d:57:ce:4f:74:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
        Validity
            Not Before: Jan  2 11:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70c8a3ea7ffc660a776ad03b971793638fe89940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:49:cc:c2:55:dc:d2:d7:b5:49:61:d5:59:3c:
                    d9:c9:86:ca:91:07:82:8f:c5:55:21:18:de:1b:ea:
                    04:88:ed:99:ee:78:c2:16:b5:d2:64:dd:cb:8a:cd:
                    43:38:12:6d:c1:8f:9f:1c:d6:6f:e5:cd:9b:66:c6:
                    78:ec:20:be:aa:79:a3:ab:1f:61:8d:bc:0b:8f:45:
                    66:52:ca:e6:64:62:54:1f:76:7c:5f:36:b3:c5:96:
                    a9:74:71:41:d4:2f:a8:c4:ca:1b:34:b6:54:df:fb:
                    51:f5:1d:f6:57:6f:f1:3b:6d:68:ce:e2:0d:b9:a2:
                    a4:3b:39:f3:d8:38:f3:3f:53:a6:be:7a:ec:32:4c:
                    ab:07:03:a4:1f:d5:a8:c0:75:a2:86:d9:c5:ca:75:
                    c2:5b:e1:12:e3:bb:77:df:58:95:61:f6:ac:5e:04:
                    93:f9:43:ee:d4:4f:5c:e1:3c:1a:db:e9:bd:c5:f9:
                    18:72:31:50:7a:85:97:50:21:35:7e:69:6c:dc:61:
                    5c:ec:16:e8:97:04:29:cc:ec:3d:6d:73:41:5a:d5:
                    8a:d3:4b:fe:25:ca:0b:cf:8b:15:2b:d2:8c:b6:21:
                    0f:c0:3b:6c:32:4b:47:84:d3:19:81:f8:5c:0a:e3:
                    77:7d:c4:7c:f1:1b:b7:4e:06:d9:4b:98:18:a0:b2:
                    50:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:C8:A3:EA:7F:FC:66:0A:77:6A:D0:3B:97:17:93:63:8F:E8:99:40
            X509v3 Authority Key Identifier:
                keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/cMij6n_8Zgp3atA7lxeTY4_omUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.72.192.0/19
                  37.72.242.0-37.72.255.255

    Signature Algorithm: sha256WithRSAEncryption
         95:64:dd:5b:5b:59:fd:27:fc:ab:dc:00:cf:42:ea:a6:cb:70:
         6e:66:4b:7c:07:16:58:fa:70:97:56:da:e7:30:9b:48:ba:d0:
         86:be:d4:9b:b5:96:4c:dc:fa:51:16:92:da:66:20:7c:69:97:
         f3:a2:2a:af:bf:6d:24:f2:59:89:f2:f2:93:48:49:7c:15:ab:
         1f:8a:1b:57:3f:20:88:87:44:2d:bf:9e:db:65:c2:89:43:bc:
         63:51:32:c0:f3:db:1a:0c:04:40:12:a0:88:2f:08:19:95:3b:
         c4:65:62:f2:2a:76:2b:ca:3d:ac:d0:9b:24:59:c8:50:26:73:
         e0:e1:ea:e2:d2:3c:e0:8e:c8:e7:62:cf:92:d9:60:e0:d5:89:
         b7:f1:19:44:a3:2f:7e:30:3e:ac:d7:a6:40:b3:46:35:fe:fb:
         1a:9e:26:03:3a:7d:64:c4:a6:9f:20:de:ab:7d:ba:65:9d:9e:
         e0:95:0f:3a:03:9d:c7:7a:fe:0d:76:35:4c:8a:d8:d8:82:51:
         22:31:33:a4:11:04:1a:d8:a2:e3:d6:c4:b4:33:fd:1a:bb:0e:
         a5:f5:a0:a7:5a:4d:a6:ee:6d:2e:2d:de:27:c5:dd:22:8d:cb:
         b3:4c:2e:5c:5c:7c:ae:1b:e7:0c:8c:76:13:21:d0:a4:93:bd:
         ea:25:c2:5d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVyTJmkV5wmCLscPVfOT3TiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjMwMTAyMTE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM4YTNlYTdmZmM2NjBhNzc2YWQwM2I5NzE3OTM2MzhmZTg5OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UnMwlXc0te1SWHVWTzZyYbKkQeC
j8VVIRjeG+oEiO2Z7njCFrXSZN3Lis1DOBJtwY+fHNZv5c2bZsZ47CC+qnmjqx9h
jbwLj0VmUsrmZGJUH3Z8XzazxZapdHFB1C+oxMobNLZU3/tR9R32V2/xO21ozuIN
uaKkOznz2DjzP1OmvnrsMkyrBwOkH9WowHWihtnFynXCW+ES47t331iVYfasXgST
+UPu1E9c4Twa2+m9xfkYcjFQeoWXUCE1fmls3GFc7BbolwQpzOw9bXNBWtWK00v+
JcoLz4sVK9KMtiEPwDtsMktHhNMZgfhcCuN3fcR88Ru3TgbZS5gYoLJQpQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHDIo+p//GYKd2rQO5cXk2OP6JlAMB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvY01pajZuXzhaZ3AzYXRBN2x4ZVRZNF9vbVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQFJUjAMAsD
BAElSPIDAwAlSDANBgkqhkiG9w0BAQsFAAOCAQEAlWTdW1tZ/Sf8q9wAz0Lqpstw
bmZLfAcWWPpwl1ba5zCbSLrQhr7Um7WWTNz6URaS2mYgfGmX86Iqr79tJPJZifLy
k0hJfBWrH4obVz8giIdELb+e22XCiUO8Y1EywPPbGgwEQBKgiC8IGZU7xGVi8ip2
K8o9rNCbJFnIUCZz4OHq4tI84I7I52LPktlg4NWJt/EZRKMvfjA+rNemQLNGNf77
Gp4mAzp9ZMSmnyDeq326ZZ2e4JUPOgOdx3r+DXY1TIrY2IJRIjEzpBEEGtii49bE
tDP9GrsOpfWgp1pNpu5tLi3eJ8XdIo3Ls0wuXFx8rhvnDIx2EyHQpJO96iXCXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:25 2024 by rpki-client on console-ams.rpki-client.org