Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/4JEqzZTRtqA4ulyE9v8YI_4124Q.roa
File:                     4JEqzZTRtqA4ulyE9v8YI_4124Q.roa (raw, json)
Hash identifier:          b9Tn1zefmdi3UQq127VOu1Tu+19WUTfvS4FMpbfUdgY=
Subject key identifier:   E0:91:2A:CD:94:D1:B6:A0:38:BA:5C:84:F6:FF:18:23:FE:35:DB:84
Certificate issuer:       /CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2
Certificate serial:       01865FEC2669B0108831DD861A5F0AF5BEC7
Authority key identifier: BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/4JEqzZTRtqA4ulyE9v8YI_4124Q.roa
Signing time:             Fri 17 Feb 2023 15:09:17 +0000
ROA not before:           Fri 17 Feb 2023 15:09:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57913
IP address blocks:        37.61.228.0/24 maxlen: 24
                          2a13:f600::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5f:ec:26:69:b0:10:88:31:dd:86:1a:5f:0a:f5:be:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2
        Validity
            Not Before: Feb 17 15:09:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0912acd94d1b6a038ba5c84f6ff1823fe35db84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0e:5d:8a:e5:f7:f2:e3:0f:d5:42:aa:84:f3:
                    14:1c:f1:4c:b9:3d:d6:50:3f:78:64:e1:1a:bb:e7:
                    66:44:4b:d5:5c:85:56:5a:06:66:16:d4:11:a5:04:
                    2b:6c:b9:bb:6e:a3:4d:f5:95:2d:01:62:cb:92:13:
                    13:94:d7:8d:18:f6:3b:59:f3:fd:40:23:97:e6:d4:
                    00:07:28:7b:3c:63:64:91:3d:c2:d1:cd:8c:d2:97:
                    e5:60:2f:02:1f:65:ed:e0:2a:eb:f8:0f:48:6a:c6:
                    57:b6:0b:44:e3:f5:84:78:87:b0:b7:24:25:1f:84:
                    6d:f6:26:32:44:49:89:ec:37:c5:c0:9b:09:ac:7c:
                    99:57:b0:32:32:c0:96:3a:b9:f8:9d:4d:18:59:12:
                    ed:9c:6d:cd:65:54:87:8a:71:82:02:5d:9e:e3:f0:
                    92:2f:38:db:20:b0:59:87:e0:37:cc:7a:27:1e:af:
                    6c:1c:7a:95:72:22:8e:58:38:61:f5:83:bf:f5:20:
                    9c:33:cb:2d:ff:0e:52:5f:41:75:96:e7:99:72:77:
                    13:34:86:4b:06:4f:42:d0:be:4d:a1:fa:8e:88:70:
                    bc:0f:83:b7:81:12:b8:87:ba:52:21:d2:3a:eb:af:
                    0d:7a:06:cf:77:02:9d:f3:82:66:f6:62:3e:9e:fc:
                    6d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:91:2A:CD:94:D1:B6:A0:38:BA:5C:84:F6:FF:18:23:FE:35:DB:84
            X509v3 Authority Key Identifier:
                keyid:BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/4JEqzZTRtqA4ulyE9v8YI_4124Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.61.228.0/24
                IPv6:
                  2a13:f600::/29

    Signature Algorithm: sha256WithRSAEncryption
         36:f1:bb:01:99:b7:93:b7:eb:c6:ed:b1:51:ad:4c:f0:72:d9:
         2f:e2:e5:ba:42:85:48:af:0c:cf:da:8f:e8:a6:81:c5:39:95:
         c9:a2:e3:8e:1f:79:31:42:42:3d:49:8f:6d:8d:94:4d:4c:d5:
         30:41:c5:db:fb:b4:25:f7:22:68:a1:f2:81:f8:f7:c8:a2:9d:
         9b:de:9d:93:94:db:5a:13:85:0e:f9:da:15:a1:32:d8:7a:60:
         6d:1d:1f:1f:d3:e0:ab:a8:48:bd:83:45:66:a9:d7:0d:74:a0:
         bd:c0:5c:eb:9f:67:37:c6:17:d1:d4:b5:c8:aa:ab:20:d5:84:
         27:c3:2c:5d:65:a4:e3:4a:90:ca:27:fe:92:fd:27:a3:45:fb:
         29:9b:6f:d6:17:c5:55:fd:bf:a3:36:46:b4:58:92:6a:5f:1d:
         b9:93:55:b1:34:f3:34:95:2b:b1:65:b7:84:fe:96:06:93:7d:
         44:05:13:df:c3:27:06:a9:24:c5:4b:21:6d:bc:64:97:e8:be:
         59:1f:55:83:0c:5d:0b:31:63:36:cb:84:76:4d:e1:52:98:91:
         a8:fd:d0:d9:d3:a5:43:23:4a:14:86:c3:b5:84:14:ef:3d:36:
         81:bb:db:f4:d4:5d:47:78:ee:2d:8e:aa:52:64:96:18:d7:fb:
         d1:99:24:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZf7CZpsBCIMd2GGl8K9b7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTcwZGUxMjZiM2EwYjU0OGRhZDc2ZjVlZmE4ODg1NWM2
ZjFmZjIwHhcNMjMwMjE3MTUwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDkxMmFjZDk0ZDFiNmEwMzhiYTVjODRmNmZmMTgyM2ZlMzVkYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg5diuX38uMP1UKqhPMUHPFMuT3W
UD94ZOEau+dmREvVXIVWWgZmFtQRpQQrbLm7bqNN9ZUtAWLLkhMTlNeNGPY7WfP9
QCOX5tQAByh7PGNkkT3C0c2M0pflYC8CH2Xt4Crr+A9IasZXtgtE4/WEeIewtyQl
H4Rt9iYyREmJ7DfFwJsJrHyZV7AyMsCWOrn4nU0YWRLtnG3NZVSHinGCAl2e4/CS
LzjbILBZh+A3zHonHq9sHHqVciKOWDhh9YO/9SCcM8st/w5SX0F1lueZcncTNIZL
Bk9C0L5NofqOiHC8D4O3gRK4h7pSIdI6668NegbPdwKd84Jm9mI+nvxtSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOCRKs2U0bagOLpchPb/GCP+NduEMB8GA1UdIwQY
MBaAFLqXDeEms6C1SNrXb176iIVcbx/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAt
M2FiYTU5NWI1OGE4LzEvNEpFcXpaVFJ0cUE0dWx5RTl2OFlJXzQxMjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAtM2FiYTU5NWI1OGE4
LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJT3kMA0E
AgACMAcDBQMqE/YAMA0GCSqGSIb3DQEBCwUAA4IBAQA28bsBmbeTt+vG7bFRrUzw
ctkv4uW6QoVIrwzP2o/opoHFOZXJouOOH3kxQkI9SY9tjZRNTNUwQcXb+7Ql9yJo
ofKB+PfIop2b3p2TlNtaE4UO+doVoTLYemBtHR8f0+CrqEi9g0VmqdcNdKC9wFzr
n2c3xhfR1LXIqqsg1YQnwyxdZaTjSpDKJ/6S/SejRfspm2/WF8VV/b+jNka0WJJq
Xx25k1WxNPM0lSuxZbeE/pYGk31EBRPfwycGqSTFSyFtvGSX6L5ZH1WDDF0LMWM2
y4R2TeFSmJGo/dDZ06VDI0oUhsO1hBTvPTaBu9v01F1HeO4tjqpSZJYY1/vRmSQX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:50 2024 by rpki-client on console-ams.rpki-client.org