Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa
File:                     6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa (raw, json)
Hash identifier:          2chN2jJy5b0xyIaRhIJIVzVAt/BOlZX5vDZoz18tIkY=
Subject key identifier:   E8:EB:66:11:59:CA:5F:01:A5:2D:34:18:49:66:2D:0F:E9:F4:11:A7
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       01856F8B6A106A155DB091C08D352AE7CB1D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa
Signing time:             Sun 01 Jan 2023 22:54:45 +0000
ROA not before:           Sun 01 Jan 2023 22:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7155
IP address blocks:        37.9.176.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Fri 10 Feb 2023 09:18:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:6a:10:6a:15:5d:b0:91:c0:8d:35:2a:e7:cb:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Jan  1 22:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e8eb661159ca5f01a52d341849662d0fe9f411a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a4:fa:91:ac:2f:d5:bd:bf:5e:f8:71:99:12:
                    27:a8:72:a6:ac:f9:d2:fa:84:30:38:09:3e:8c:13:
                    b9:0a:cc:1b:e2:e6:77:6e:6e:67:6a:2e:8f:d8:fe:
                    20:ad:43:34:8b:35:e0:d7:a3:b3:c4:de:d3:85:23:
                    10:f4:dc:53:ab:51:b6:5f:aa:3b:68:66:52:73:31:
                    ad:0a:5f:68:cc:09:b4:80:63:74:16:06:71:cb:e6:
                    a0:33:73:74:e5:d1:64:89:6c:4f:6a:e9:0e:93:d2:
                    35:f3:08:37:d6:36:e2:31:59:e5:0f:e5:f4:3f:6e:
                    39:3a:4d:15:9a:46:05:ba:1d:52:7c:7b:e3:2f:5c:
                    91:55:b2:83:34:3e:55:b1:9f:ef:5c:b3:71:7d:ef:
                    2d:a5:71:ff:52:f5:bb:30:1d:6c:e8:88:a1:8e:d0:
                    57:37:a9:01:88:2b:21:4e:29:c9:1e:89:f4:07:63:
                    39:08:06:37:7c:16:a6:77:c0:0b:91:76:c0:b2:d2:
                    7f:88:a6:58:b3:91:ba:02:b2:4a:a0:53:c8:96:da:
                    1f:63:47:e9:35:91:b0:2f:6d:6e:6e:1f:03:d5:8d:
                    36:e6:af:97:64:71:b8:14:ca:9e:f1:25:1f:9f:83:
                    ca:8d:e1:de:fb:3d:85:6b:9a:90:0b:ad:ee:3b:1a:
                    de:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:EB:66:11:59:CA:5F:01:A5:2D:34:18:49:66:2D:0F:E9:F4:11:A7
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         10:87:3d:6e:c1:eb:4a:30:95:a8:95:6e:24:bf:f4:46:c7:8f:
         c4:14:45:f0:02:b0:c0:bf:9c:66:0b:1a:78:ba:b0:fa:2f:9d:
         03:6c:f5:a1:a3:87:3c:0b:ad:07:fb:61:d7:b3:5d:62:3c:53:
         e7:c2:47:33:ab:a9:92:59:69:e3:17:04:7e:1e:c4:08:79:ae:
         b4:94:92:48:c9:36:5c:29:00:b7:71:d2:a5:b5:80:6c:67:14:
         c9:35:b6:b2:ee:d4:e3:3c:4d:b2:14:e5:f7:e5:a8:21:91:04:
         87:6c:2d:1d:f8:0f:29:6e:68:b6:52:1c:1d:80:1b:44:71:4a:
         23:3e:e2:32:6f:c7:2b:b7:57:6c:4d:39:68:4a:39:10:95:6a:
         bb:70:8d:3e:6b:32:9f:7f:5d:a1:4a:f3:ab:1f:88:03:29:bb:
         0f:95:e9:d7:ef:93:f4:39:7c:ee:b1:89:5f:0e:c3:c7:36:a7:
         24:ec:a5:90:00:73:e6:9d:64:0c:25:af:7a:bf:60:dc:1f:e1:
         60:b4:0b:da:4b:46:26:21:20:a4:82:4a:23:f2:c4:e2:be:99:
         cd:c3:d3:1d:09:77:c8:96:c4:ab:a2:75:47:6a:bc:b6:68:35:
         de:d8:83:f3:fe:36:32:3d:d6:eb:c3:5e:20:ed:99:a5:9d:71:
         d9:2c:34:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi2oQahVdsJHAjTUq58sdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVk
MTZkYjMwHhcNMjMwMTAxMjI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGViNjYxMTU5Y2E1ZjAxYTUyZDM0MTg0OTY2MmQwZmU5ZjQxMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqT6kawv1b2/XvhxmRInqHKmrPnS
+oQwOAk+jBO5Cswb4uZ3bm5nai6P2P4grUM0izXg16OzxN7ThSMQ9NxTq1G2X6o7
aGZSczGtCl9ozAm0gGN0FgZxy+agM3N05dFkiWxPaukOk9I18wg31jbiMVnlD+X0
P245Ok0VmkYFuh1SfHvjL1yRVbKDND5VsZ/vXLNxfe8tpXH/UvW7MB1s6IihjtBX
N6kBiCshTinJHon0B2M5CAY3fBamd8ALkXbAstJ/iKZYs5G6ArJKoFPIltofY0fp
NZGwL21ubh8D1Y025q+XZHG4FMqe8SUfn4PKjeHe+z2Fa5qQC63uOxreoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjrZhFZyl8BpS00GElmLQ/p9BGnMB8GA1UdIwQY
MBaAFA9nH+w48AxALzBm8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTIt
OTc3MzA1YzcwMDUxLzEvNk90bUVWbktYd0dsTFRRWVNXWXRELW4wRWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUx
LzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJQmwMA0G
CSqGSIb3DQEBCwUAA4IBAQAQhz1uwetKMJWolW4kv/RGx4/EFEXwArDAv5xmCxp4
urD6L50DbPWho4c8C60H+2HXs11iPFPnwkczq6mSWWnjFwR+HsQIea60lJJIyTZc
KQC3cdKltYBsZxTJNbay7tTjPE2yFOX35aghkQSHbC0d+A8pbmi2UhwdgBtEcUoj
PuIyb8crt1dsTTloSjkQlWq7cI0+azKff12hSvOrH4gDKbsPlenX75P0OXzusYlf
DsPHNqck7KWQAHPmnWQMJa96v2DcH+FgtAvaS0YmISCkgkoj8sTivpnNw9MdCXfI
lsSronVHary2aDXe2IPz/jYyPdbrw14g7ZmlnXHZLDTn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:45 2024 by rpki-client on console-fra.rpki-client.org