Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/2fqbBCrvug4MLFWl92f6h79GmdE.roa
File:                     2fqbBCrvug4MLFWl92f6h79GmdE.roa (raw, json)
Hash identifier:          2I4zOr3og/awvt+WLbxr72Kg9Io6htnYvjtO4RhXVco=
Subject key identifier:   D9:FA:9B:04:2A:EF:BA:0E:0C:2C:55:A5:F7:67:FA:87:BF:46:99:D1
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       01863A9F10B1A0CAD7F9EFF521DF327BF0EC
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/2fqbBCrvug4MLFWl92f6h79GmdE.roa
Signing time:             Fri 10 Feb 2023 09:19:08 +0000
ROA not before:           Fri 10 Feb 2023 09:19:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7155
IP address blocks:        37.9.176.0/21 maxlen: 24
                          185.20.212.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:3a:9f:10:b1:a0:ca:d7:f9:ef:f5:21:df:32:7b:f0:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Feb 10 09:19:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9fa9b042aefba0e0c2c55a5f767fa87bf4699d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fe:16:4d:4d:d6:98:95:55:87:02:8c:45:5a:
                    1e:36:24:2b:f3:bf:ff:63:81:de:bf:70:ad:16:4c:
                    63:b8:13:10:3c:d7:5a:ab:4b:2d:24:f0:4d:49:25:
                    d9:bf:09:16:5c:62:30:ed:62:04:ab:78:d2:16:45:
                    50:a9:6d:d6:09:26:e2:50:6c:d3:e8:d2:07:c3:b3:
                    3e:8a:02:1e:f2:b4:10:61:96:34:b5:99:7e:b4:98:
                    0d:8f:44:73:89:c7:a9:71:83:1d:bf:69:4d:3d:9f:
                    3e:99:dd:93:f4:2f:96:7f:3d:a5:c6:b7:f0:e0:6f:
                    07:30:84:a5:55:82:8b:9c:bb:2e:46:12:3a:c1:4c:
                    bb:41:2f:a9:25:f3:89:64:68:eb:83:77:e2:af:50:
                    aa:0e:24:a5:ff:1e:81:a3:50:dd:f1:53:07:fb:1f:
                    63:61:1f:ce:e9:05:a1:5d:ec:98:ea:74:b5:c6:48:
                    05:eb:f7:72:f7:bb:d3:fa:5b:d8:a3:2c:f8:2b:30:
                    7b:55:a9:f6:ff:53:41:4f:3f:b1:56:74:bf:84:79:
                    cd:2d:5a:b3:f8:f2:12:44:d4:61:1f:a7:7f:e9:5f:
                    03:78:85:f6:c4:2b:ac:d5:56:c9:5a:3b:a6:e2:9d:
                    7c:e6:90:dc:7a:64:a7:b2:2b:bc:b0:e7:0e:c5:79:
                    25:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:FA:9B:04:2A:EF:BA:0E:0C:2C:55:A5:F7:67:FA:87:BF:46:99:D1
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/2fqbBCrvug4MLFWl92f6h79GmdE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/21
                  185.20.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:9b:3e:54:47:58:62:3e:0f:52:10:81:13:4a:f3:1e:27:f5:
         44:1b:02:75:f4:d5:d2:4e:27:58:e5:c8:22:97:8d:ec:cb:e5:
         b2:4b:17:4c:86:d0:32:f7:a8:30:cd:3a:e7:0c:30:22:13:ff:
         a2:d7:9f:7a:49:c1:20:bc:d7:cc:27:34:97:7a:d6:a8:24:fd:
         d9:69:8a:da:16:a6:1f:df:ae:8a:b0:c1:6f:ad:0e:60:8f:71:
         eb:0d:38:b0:45:93:c0:a9:2b:6b:1c:3a:50:a4:e3:90:6a:17:
         d9:b9:63:e3:aa:53:f7:0c:e0:8d:40:22:09:6c:e3:e4:c5:c2:
         2a:45:4a:16:ea:28:c5:4e:16:7e:8a:8d:fc:ca:0c:dc:be:c6:
         c6:df:d5:4f:78:80:b0:51:69:af:50:98:e4:71:4b:4b:c0:b2:
         f2:db:9b:ec:7c:05:27:94:f7:53:13:af:10:ab:6c:0a:f0:ea:
         68:ab:7b:70:0d:ed:b8:5a:e2:9d:9c:35:9a:b6:34:26:64:f4:
         9e:dd:81:6f:18:73:62:2d:77:36:6e:60:de:e3:21:df:a8:68:
         b2:7f:9c:8c:e0:6d:d5:60:2a:91:ec:18:82:fe:e1:07:7a:9d:
         24:07:e7:23:c5:14:de:33:a4:32:78:05:fb:ca:dd:4e:1d:9c:
         2b:04:9f:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY6nxCxoMrX+e/1Id8ye/DsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVk
MTZkYjMwHhcNMjMwMjEwMDkxOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZhOWIwNDJhZWZiYTBlMGMyYzU1YTVmNzY3ZmE4N2JmNDY5OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf4WTU3WmJVVhwKMRVoeNiQr87//
Y4Hev3CtFkxjuBMQPNdaq0stJPBNSSXZvwkWXGIw7WIEq3jSFkVQqW3WCSbiUGzT
6NIHw7M+igIe8rQQYZY0tZl+tJgNj0RzicepcYMdv2lNPZ8+md2T9C+Wfz2lxrfw
4G8HMISlVYKLnLsuRhI6wUy7QS+pJfOJZGjrg3fir1CqDiSl/x6Bo1Dd8VMH+x9j
YR/O6QWhXeyY6nS1xkgF6/dy97vT+lvYoyz4KzB7Van2/1NBTz+xVnS/hHnNLVqz
+PISRNRhH6d/6V8DeIX2xCus1VbJWjum4p185pDcemSnsiu8sOcOxXklIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNn6mwQq77oODCxVpfdn+oe/RpnRMB8GA1UdIwQY
MBaAFA9nH+w48AxALzBm8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTIt
OTc3MzA1YzcwMDUxLzEvMmZxYkJDcnZ1ZzRNTEZXbDkyZjZoNzlHbWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUx
LzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJQmwAwQC
uRTUMA0GCSqGSIb3DQEBCwUAA4IBAQALmz5UR1hiPg9SEIETSvMeJ/VEGwJ19NXS
TidY5cgil43sy+WySxdMhtAy96gwzTrnDDAiE/+i1596ScEgvNfMJzSXetaoJP3Z
aYraFqYf366KsMFvrQ5gj3HrDTiwRZPAqStrHDpQpOOQahfZuWPjqlP3DOCNQCIJ
bOPkxcIqRUoW6ijFThZ+io38ygzcvsbG39VPeICwUWmvUJjkcUtLwLLy25vsfAUn
lPdTE68Qq2wK8Opoq3twDe24WuKdnDWatjQmZPSe3YFvGHNiLXc2bmDe4yHfqGiy
f5yM4G3VYCqR7BiC/uEHep0kB+cjxRTeM6QyeAX7yt1OHZwrBJ9X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:56 2024 by rpki-client on console-ams.rpki-client.org