Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa
File:                     S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa (raw, json)
Hash identifier:          UPyq4IZGou/j7cbMTTrVns4GRDTxzTGLItzp8qUvkx8=
Subject key identifier:   4B:73:59:49:46:38:17:77:40:0F:04:70:59:06:7D:02:5E:A1:C7:78
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018DA6FB46CA64EB2569529A53437FBE75A1
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa
Signing time:             Wed 14 Feb 2024 09:38:21 +0000
ROA not before:           Wed 14 Feb 2024 09:38:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        46.38.132.0/22 maxlen: 22
                          46.38.136.0/22 maxlen: 22
                          46.38.142.0/23 maxlen: 23
                          46.38.144.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Wed 14 Feb 2024 12:44:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a6:fb:46:ca:64:eb:25:69:52:9a:53:43:7f:be:75:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Feb 14 09:38:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b73594946381777400f047059067d025ea1c778
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:1d:73:5f:f5:4f:29:84:de:bd:fa:6e:b2:57:
                    20:8d:e7:a9:06:4a:77:5b:b4:99:eb:d9:bd:92:e0:
                    59:b6:bd:86:01:d1:10:c7:e6:de:c9:2f:a4:6a:96:
                    57:fd:87:8f:b1:d5:21:76:7f:c4:af:ac:8e:b6:0c:
                    29:42:0f:e1:95:8a:57:51:4b:df:87:a1:73:9c:a0:
                    f0:48:c4:16:00:dc:bf:81:c2:60:70:7e:42:89:bb:
                    c6:75:24:e0:cf:20:cd:39:f2:a3:b5:01:52:1f:0d:
                    f2:76:33:cb:7d:78:ed:01:a7:ff:d1:61:83:c0:9a:
                    97:8f:96:9e:db:84:0e:47:55:93:13:0d:95:a1:31:
                    89:bc:83:7d:ea:00:0c:9d:9b:d7:07:14:13:e7:47:
                    34:56:c5:af:9c:5a:a6:10:68:dd:be:95:cc:2a:3f:
                    8f:cb:c5:c9:33:4f:f9:06:d6:8d:6e:a1:10:a5:84:
                    19:71:86:41:45:58:6c:fc:52:04:71:44:7b:40:2e:
                    f6:60:f2:63:41:a5:0f:bc:38:bf:e2:f3:c3:08:8c:
                    41:a1:0a:e8:49:6e:b1:89:04:1a:de:51:62:44:4c:
                    c1:3b:7b:12:6b:c1:ad:93:76:06:be:d7:5f:33:0e:
                    40:97:0e:47:72:87:f8:53:4b:1c:c4:49:ae:d3:e6:
                    7d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:73:59:49:46:38:17:77:40:0F:04:70:59:06:7D:02:5E:A1:C7:78
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.132.0-46.38.139.255
                  46.38.142.0-46.38.151.255

    Signature Algorithm: sha256WithRSAEncryption
         02:ef:f4:d3:de:2f:f1:29:d1:87:a2:44:4d:7c:2c:7b:c7:93:
         f6:7c:34:28:13:48:89:88:9e:cc:6e:d1:c1:1c:22:c0:cf:a4:
         81:26:e4:8d:0c:68:82:5b:fc:21:ab:09:40:f1:e6:a8:02:0a:
         ee:5a:ba:37:68:d2:d1:5b:81:cd:cb:8d:5d:15:21:dc:cf:6a:
         b4:b2:26:e6:17:73:84:d5:db:3c:6d:7d:98:ad:74:80:94:38:
         5e:33:38:9d:54:81:dd:5b:80:2a:1c:56:84:65:56:bd:61:f3:
         11:11:54:17:e8:48:20:74:e6:92:c0:58:36:a5:60:61:d9:19:
         8e:75:f3:28:ec:f3:75:0d:d8:51:99:43:13:0a:f3:3d:a7:96:
         78:38:4a:7a:83:73:9c:9b:b8:71:72:11:4e:cb:71:f9:f0:ef:
         07:cb:42:01:c6:2f:96:3d:4d:35:f5:82:45:9d:49:fc:64:13:
         27:16:8b:25:8e:4e:1e:e6:06:4e:c7:54:73:ba:7f:b4:14:e0:
         2f:c8:10:52:e6:d5:88:6f:46:e6:4f:c2:2e:b8:aa:61:48:e4:
         cc:e6:e4:61:37:6b:27:34:a1:81:9d:fe:90:4c:5a:86:7d:e6:
         0a:e0:e1:a1:e4:5d:9e:96:d8:01:75:09:ee:f7:62:75:51:7b:
         8a:db:f9:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY2m+0bKZOslaVKaU0N/vnWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjE0MDkzODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjczNTk0OTQ2MzgxNzc3NDAwZjA0NzA1OTA2N2QwMjVlYTFjNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh1zX/VPKYTevfpuslcgjeepBkp3
W7SZ69m9kuBZtr2GAdEQx+beyS+kapZX/YePsdUhdn/Er6yOtgwpQg/hlYpXUUvf
h6FznKDwSMQWANy/gcJgcH5CibvGdSTgzyDNOfKjtQFSHw3ydjPLfXjtAaf/0WGD
wJqXj5ae24QOR1WTEw2VoTGJvIN96gAMnZvXBxQT50c0VsWvnFqmEGjdvpXMKj+P
y8XJM0/5BtaNbqEQpYQZcYZBRVhs/FIEcUR7QC72YPJjQaUPvDi/4vPDCIxBoQro
SW6xiQQa3lFiREzBO3sSa8Gtk3YGvtdfMw5Alw5Hcof4U0scxEmu0+Z9EwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEtzWUlGOBd3QA8EcFkGfQJeocd4MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUzNOWlNVWTRGM2RBRHdSd1dRWjlBbDZoeDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAIuJoQD
BAIuJogwDAMEAS4mjgMEAy4mkDANBgkqhkiG9w0BAQsFAAOCAQEAAu/0094v8SnR
h6JETXwse8eT9nw0KBNIiYiezG7RwRwiwM+kgSbkjQxoglv8IasJQPHmqAIK7lq6
N2jS0VuBzcuNXRUh3M9qtLIm5hdzhNXbPG19mK10gJQ4XjM4nVSB3VuAKhxWhGVW
vWHzERFUF+hIIHTmksBYNqVgYdkZjnXzKOzzdQ3YUZlDEwrzPaeWeDhKeoNznJu4
cXIRTstx+fDvB8tCAcYvlj1NNfWCRZ1J/GQTJxaLJY5OHuYGTsdUc7p/tBTgL8gQ
UubViG9G5k/CLriqYUjkzObkYTdrJzShgZ3+kExahn3mCuDhoeRdnpbYAXUJ7vdi
dVF7itv5ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org