Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7PCBbFW8YYRKaO5WY7wvB4YjqCo.roa
File:                     7PCBbFW8YYRKaO5WY7wvB4YjqCo.roa (raw, json)
Hash identifier:          K1daF2g5RPgnZ0cmlwmQFTzVhVvw8TyYMdec2shzc1I=
Subject key identifier:   EC:F0:81:6C:55:BC:61:84:4A:68:EE:56:63:BC:2F:07:86:23:A8:2A
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018EE01DB4BB6833311A27C24BD20CA59831
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7PCBbFW8YYRKaO5WY7wvB4YjqCo.roa
Signing time:             Mon 15 Apr 2024 04:57:06 +0000
ROA not before:           Mon 15 Apr 2024 04:57:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213382
IP address blocks:        46.38.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 May 2024 18:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e0:1d:b4:bb:68:33:31:1a:27:c2:4b:d2:0c:a5:98:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Apr 15 04:57:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ecf0816c55bc61844a68ee5663bc2f078623a82a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f7:50:9b:d0:0b:67:e2:fb:6d:b3:48:28:02:
                    b8:a6:69:6a:3f:da:fa:77:83:8b:21:a1:be:87:ea:
                    12:72:59:ee:e9:41:19:d0:94:33:87:14:58:05:9e:
                    1f:a3:58:87:cf:0a:73:9a:b3:b2:f0:f8:8f:e6:3a:
                    d0:dc:d4:71:c7:e0:e7:98:f5:64:2e:55:7e:e3:a3:
                    74:68:0d:b4:5f:6a:3a:de:dc:81:23:20:ca:ae:45:
                    92:1a:8d:fd:54:72:82:e2:c6:02:70:cf:a0:d4:b1:
                    75:38:09:f0:70:48:47:66:fc:03:53:15:d4:45:21:
                    83:fd:34:bd:f8:8c:84:0a:70:ca:d2:85:6c:91:2a:
                    da:b1:94:85:ad:21:76:e1:e6:fb:01:51:a7:63:79:
                    26:9d:4e:27:39:55:a4:89:a4:da:5e:1a:43:61:e8:
                    86:5a:ff:2c:d3:54:0f:fa:ab:ed:33:e4:c2:e0:9a:
                    87:52:a6:6e:b1:bd:97:25:ef:20:d0:7d:ce:79:a6:
                    a7:13:98:df:76:bf:79:19:c9:6e:aa:10:01:7b:14:
                    4b:5d:de:53:f5:66:0b:25:5d:16:50:3a:41:59:67:
                    e9:ec:fb:86:f4:04:91:89:77:d9:c8:5f:8c:dc:f7:
                    37:0c:91:d2:10:01:e7:f0:7b:f5:d2:a8:2c:fd:7f:
                    bc:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F0:81:6C:55:BC:61:84:4A:68:EE:56:63:BC:2F:07:86:23:A8:2A
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7PCBbFW8YYRKaO5WY7wvB4YjqCo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:87:b1:15:59:5a:8c:7f:3d:9b:75:18:cf:76:f0:4c:f7:2a:
         8a:02:49:6a:8e:4d:07:43:8a:f8:06:94:a8:10:c7:36:d4:4f:
         c4:18:5f:89:ab:e1:ee:4f:dd:e6:25:47:16:45:d4:d7:88:1e:
         9e:f8:7e:f0:4e:d2:cf:48:58:fe:a2:2d:e1:30:61:e2:c1:ac:
         9d:13:5b:d4:03:55:52:1a:5d:b2:18:4c:b0:0c:cf:d8:f4:f5:
         67:03:95:67:3e:54:3e:e7:02:d5:f6:f8:bb:73:ae:67:e2:f4:
         98:a4:43:c0:52:1f:29:52:8d:85:b2:03:60:c4:a3:9b:8c:c1:
         8b:64:a2:a8:60:4c:db:e0:93:9c:86:bf:c4:84:ab:e9:37:aa:
         74:1c:3f:60:da:ed:d4:34:5f:e6:a9:eb:6c:73:8c:6b:7f:7b:
         ac:89:0a:43:11:a3:64:c8:0b:f9:73:7e:e8:43:89:2a:04:d7:
         75:61:e7:49:22:81:32:0e:c7:d1:c9:ac:31:a9:b8:b5:7f:2e:
         37:1c:33:f0:08:d8:ab:3a:b3:77:29:31:ad:10:f9:90:06:69:
         98:c0:96:76:c1:02:dc:91:70:51:9b:3f:b6:c2:75:29:27:0d:
         0f:1b:d0:37:ed:c7:e1:1c:8c:af:56:a1:54:ed:fe:4a:58:44:
         57:e4:fc:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7gHbS7aDMxGifCS9IMpZgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNDE1MDQ1NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2YwODE2YzU1YmM2MTg0NGE2OGVlNTY2M2JjMmYwNzg2MjNhODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/dQm9ALZ+L7bbNIKAK4pmlqP9r6
d4OLIaG+h+oSclnu6UEZ0JQzhxRYBZ4fo1iHzwpzmrOy8PiP5jrQ3NRxx+DnmPVk
LlV+46N0aA20X2o63tyBIyDKrkWSGo39VHKC4sYCcM+g1LF1OAnwcEhHZvwDUxXU
RSGD/TS9+IyECnDK0oVskSrasZSFrSF24eb7AVGnY3kmnU4nOVWkiaTaXhpDYeiG
Wv8s01QP+qvtM+TC4JqHUqZusb2XJe8g0H3OeaanE5jfdr95GcluqhABexRLXd5T
9WYLJV0WUDpBWWfp7PuG9ASRiXfZyF+M3Pc3DJHSEAHn8Hv10qgs/X+8qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzwgWxVvGGESmjuVmO8LweGI6gqMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvN1BDQmJGVzhZWVJLYU81V1k3d3ZCNFlqcUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiadMA0G
CSqGSIb3DQEBCwUAA4IBAQBfh7EVWVqMfz2bdRjPdvBM9yqKAklqjk0HQ4r4BpSo
EMc21E/EGF+Jq+HuT93mJUcWRdTXiB6e+H7wTtLPSFj+oi3hMGHiwaydE1vUA1VS
Gl2yGEywDM/Y9PVnA5VnPlQ+5wLV9vi7c65n4vSYpEPAUh8pUo2FsgNgxKObjMGL
ZKKoYEzb4JOchr/EhKvpN6p0HD9g2u3UNF/mqetsc4xrf3usiQpDEaNkyAv5c37o
Q4kqBNd1YedJIoEyDsfRyawxqbi1fy43HDPwCNirOrN3KTGtEPmQBmmYwJZ2wQLc
kXBRmz+2wnUpJw0PG9A37cfhHIyvVqFU7f5KWERX5PzH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org