Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/vcYhAUkRUkrBy1SbqYQTbC2KRfw.roa
File:                     vcYhAUkRUkrBy1SbqYQTbC2KRfw.roa (raw, json)
Hash identifier:          2bIA4wCCxhpbSuCMwlChWtTz8rc6q8pwEeggqP/QdXE=
Subject key identifier:   BD:C6:21:01:49:11:52:4A:C1:CB:54:9B:A9:84:13:6C:2D:8A:45:FC
Certificate issuer:       /CN=614e19a2275816a28e5e80c8f9a28cc5a1d9c0d5
Certificate serial:       01856F9DBD2C5ABD040205F10B31B8FEE84E
Authority key identifier: 61:4E:19:A2:27:58:16:A2:8E:5E:80:C8:F9:A2:8C:C5:A1:D9:C0:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YU4ZoidYFqKOXoDI-aKMxaHZwNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/vcYhAUkRUkrBy1SbqYQTbC2KRfw.roa
Signing time:             Sun 01 Jan 2023 23:14:46 +0000
ROA not before:           Sun 01 Jan 2023 23:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200551
IP address blocks:        37.157.31.0/24 maxlen: 24
                          77.73.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:bd:2c:5a:bd:04:02:05:f1:0b:31:b8:fe:e8:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=614e19a2275816a28e5e80c8f9a28cc5a1d9c0d5
        Validity
            Not Before: Jan  1 23:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bdc621014911524ac1cb549ba984136c2d8a45fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:7e:40:ab:00:d3:26:1b:95:81:a2:3b:eb:05:
                    fc:0c:cb:cd:9f:ea:09:54:10:37:4a:bf:ef:f7:0d:
                    d6:cb:ba:7b:cb:54:fd:6e:69:7a:96:5a:09:cd:b2:
                    6a:e0:d2:e9:de:92:41:c5:ee:76:cb:bd:e4:f6:da:
                    0d:04:38:6d:d4:ff:f9:f8:a4:52:dc:d3:4a:2b:92:
                    cf:ea:b9:32:bb:0b:4a:a3:0c:1f:49:67:6d:3b:0d:
                    d0:38:5f:c6:ef:1b:f9:80:22:63:61:a1:be:56:e2:
                    4d:d8:18:76:7e:dd:8d:3f:f5:cc:19:60:58:e5:21:
                    87:53:55:1a:7f:76:56:69:ff:f7:46:18:77:04:86:
                    c9:a6:8e:4e:62:15:ca:a9:c3:3f:2a:c5:03:49:9d:
                    ad:20:7d:a2:8e:26:e7:9c:8a:cd:d6:71:28:01:3a:
                    2d:8c:49:30:db:c7:08:27:36:7a:ff:07:c2:6f:b4:
                    2b:ce:ab:78:3c:2b:fe:d8:f9:dd:65:d4:41:01:f8:
                    77:be:f5:3f:a7:1d:94:0e:f9:6b:8a:f6:d4:02:4f:
                    56:f6:62:ec:28:0d:cb:6a:e5:46:2e:8f:13:0f:15:
                    02:95:ca:68:ad:cb:60:d4:5f:44:5f:c1:d4:5e:18:
                    4a:73:ab:2c:5f:3f:82:05:3c:c2:75:b1:7a:1d:b9:
                    9e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C6:21:01:49:11:52:4A:C1:CB:54:9B:A9:84:13:6C:2D:8A:45:FC
            X509v3 Authority Key Identifier:
                keyid:61:4E:19:A2:27:58:16:A2:8E:5E:80:C8:F9:A2:8C:C5:A1:D9:C0:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YU4ZoidYFqKOXoDI-aKMxaHZwNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/vcYhAUkRUkrBy1SbqYQTbC2KRfw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/YU4ZoidYFqKOXoDI-aKMxaHZwNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.157.31.0/24
                  77.73.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:ef:f4:82:3b:5b:af:4d:17:39:2d:22:5a:d6:a5:c0:cb:00:
         c1:47:9e:94:e0:e4:e2:3d:6e:7b:2d:92:88:bd:70:ce:91:ad:
         9e:51:a9:ab:e5:3b:f4:74:be:07:1a:a8:28:9d:9f:c1:48:02:
         02:24:2a:99:43:9b:d1:f2:3b:c7:0e:22:51:74:6c:be:03:27:
         1f:41:e2:d5:28:94:27:84:5c:f4:86:bb:9d:0a:2d:40:0f:e9:
         44:6f:92:e9:f0:70:06:39:d5:4a:8b:bf:6a:7a:b9:bc:ef:06:
         3a:76:6c:7d:83:bd:87:17:0b:e9:32:02:a5:d2:b9:4d:fb:4a:
         7f:39:03:e0:0f:97:bc:15:95:43:70:78:62:2e:de:07:1e:48:
         ba:85:88:c9:39:b4:15:96:06:54:18:a1:d3:25:12:aa:3c:90:
         39:25:85:95:fa:d4:21:4c:07:90:10:91:77:9f:61:ec:18:83:
         cf:cb:e7:24:09:4c:f5:f7:33:dd:23:d2:55:c8:6e:ad:ad:49:
         1c:87:43:9c:40:7a:e9:1e:1b:fb:bb:3a:fc:0f:21:c4:ff:31:
         7d:b4:dc:2b:37:ce:de:54:42:d3:bc:d1:7d:33:97:90:a9:18:
         28:a0:6b:58:3f:87:34:52:7a:ca:de:9d:ca:72:59:7b:38:3e:
         c2:dd:d5:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvnb0sWr0EAgXxCzG4/uhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGUxOWEyMjc1ODE2YTI4ZTVlODBjOGY5YTI4Y2M1YTFk
OWMwZDUwHhcNMjMwMTAxMjMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGM2MjEwMTQ5MTE1MjRhYzFjYjU0OWJhOTg0MTM2YzJkOGE0NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH5AqwDTJhuVgaI76wX8DMvNn+oJ
VBA3Sr/v9w3Wy7p7y1T9bml6lloJzbJq4NLp3pJBxe52y73k9toNBDht1P/5+KRS
3NNKK5LP6rkyuwtKowwfSWdtOw3QOF/G7xv5gCJjYaG+VuJN2Bh2ft2NP/XMGWBY
5SGHU1Uaf3ZWaf/3Rhh3BIbJpo5OYhXKqcM/KsUDSZ2tIH2ijibnnIrN1nEoATot
jEkw28cIJzZ6/wfCb7Qrzqt4PCv+2PndZdRBAfh3vvU/px2UDvlrivbUAk9W9mLs
KA3LauVGLo8TDxUClcporctg1F9EX8HUXhhKc6ssXz+CBTzCdbF6HbmeNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3GIQFJEVJKwctUm6mEE2wtikX8MB8GA1UdIwQY
MBaAFGFOGaInWBaijl6AyPmijMWh2cDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVU0Wm9pZFlGcUtPWG9ESS1hS014YUhad05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lNThlMjctY2FmZC00MTdjLTk1ZDAt
ODcwNTQ0Y2FhZmFiLzEvdmNZaEFVa1JVa3JCeTFTYnFZUVRiQzJLUmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lNThlMjctY2FmZC00MTdjLTk1ZDAtODcwNTQ0Y2FhZmFi
LzEvWVU0Wm9pZFlGcUtPWG9ESS1hS014YUhad05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJZ0fAwQA
TUlfMA0GCSqGSIb3DQEBCwUAA4IBAQC87/SCO1uvTRc5LSJa1qXAywDBR56U4OTi
PW57LZKIvXDOka2eUamr5Tv0dL4HGqgonZ/BSAICJCqZQ5vR8jvHDiJRdGy+Aycf
QeLVKJQnhFz0hrudCi1AD+lEb5Lp8HAGOdVKi79qerm87wY6dmx9g72HFwvpMgKl
0rlN+0p/OQPgD5e8FZVDcHhiLt4HHki6hYjJObQVlgZUGKHTJRKqPJA5JYWV+tQh
TAeQEJF3n2HsGIPPy+ckCUz19zPdI9JVyG6trUkch0OcQHrpHhv7uzr8DyHE/zF9
tNwrN87eVELTvNF9M5eQqRgooGtYP4c0UnrK3p3Kcll7OD7C3dUj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:43 2024 by rpki-client on console-fra.rpki-client.org