Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/xv9b87LSedanAV3ThdvSF0g4pbM.roa
File:                     xv9b87LSedanAV3ThdvSF0g4pbM.roa (raw, json)
Hash identifier:          h2BXndWCyVC2/bsa1EhXvReYgWsiBLnd+HC7c59nhzQ=
Subject key identifier:   C6:FF:5B:F3:B2:D2:79:D6:A7:01:5D:D3:85:DB:D2:17:48:38:A5:B3
Certificate issuer:       /CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Certificate serial:       01856F301807270FC95377DDE2DC648FC06D
Authority key identifier: E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/xv9b87LSedanAV3ThdvSF0g4pbM.roa
Signing time:             Sun 01 Jan 2023 21:15:00 +0000
ROA not before:           Sun 01 Jan 2023 21:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31198
IP address blocks:        46.18.152.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 13:19:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:18:07:27:0f:c9:53:77:dd:e2:dc:64:8f:c0:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
        Validity
            Not Before: Jan  1 21:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6ff5bf3b2d279d6a7015dd385dbd2174838a5b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:64:ab:a8:e3:0d:9b:35:0e:b7:2e:c2:fb:3d:
                    4e:1e:e2:f9:3d:a3:04:6d:0d:cc:87:94:b7:8f:ce:
                    63:d0:fc:08:c9:08:da:e2:1e:ae:56:85:e8:1f:4e:
                    f7:5c:03:3f:56:50:60:7b:2f:f1:d7:8b:40:f9:e5:
                    90:b7:26:7a:8d:83:e4:a8:4a:f8:c7:e2:9e:2b:85:
                    86:ca:c4:8d:dc:d0:6a:d4:41:65:1c:fb:f3:e5:4b:
                    85:3f:f9:94:f5:8b:a0:19:d0:27:e3:19:c9:55:7c:
                    bf:bd:4c:a9:65:5a:d0:76:14:26:04:14:91:25:92:
                    5e:c6:2a:43:6f:c1:35:9a:bb:98:49:27:6b:90:58:
                    56:fa:5f:f4:fc:a7:a2:95:eb:ea:f5:e9:7f:f5:4f:
                    f5:52:91:53:90:52:9b:f5:00:8e:24:ac:47:25:e6:
                    cf:7d:39:61:b7:29:41:5b:9a:70:30:e0:c4:6e:9d:
                    60:23:ad:71:8e:ce:51:ac:0d:a5:98:cc:ea:0d:ed:
                    12:ce:e3:54:89:d1:ec:38:c1:83:5e:d1:be:cb:4c:
                    a4:85:95:1f:ba:4b:1a:ec:0d:87:89:fc:f5:fa:ff:
                    2d:1d:82:66:e7:e4:e7:1f:14:03:f2:c3:2e:b6:eb:
                    bc:3a:ec:c2:a3:37:a2:bd:66:92:47:30:0f:81:5b:
                    c6:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:FF:5B:F3:B2:D2:79:D6:A7:01:5D:D3:85:DB:D2:17:48:38:A5:B3
            X509v3 Authority Key Identifier:
                keyid:E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/xv9b87LSedanAV3ThdvSF0g4pbM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.18.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         36:41:c4:e8:33:2e:bb:92:86:1b:b8:8a:b3:5b:f1:3a:42:d4:
         d5:14:68:1f:b3:c6:fa:92:3e:13:d4:ba:8a:e1:1a:1a:89:14:
         1b:0e:f1:0a:d5:f4:ee:53:0e:23:f6:be:cc:64:bc:93:39:04:
         76:cc:1a:92:d5:a1:4d:28:66:a0:c8:95:54:e4:bf:1f:dd:9e:
         e8:56:8b:6e:fb:78:81:a3:f4:83:08:f0:b9:00:43:15:f6:1c:
         0a:08:d6:3c:58:b1:4a:ac:ee:7c:21:bb:67:b7:c8:30:d8:6a:
         4f:00:fc:5f:1c:24:77:1c:b1:a3:7b:6b:f6:04:98:ec:44:35:
         ce:bd:4a:8b:19:e2:d1:7e:8a:58:cf:55:e4:bb:7d:e9:46:ac:
         92:7c:54:2c:fe:19:83:e5:b5:94:6c:b6:10:f8:bc:58:3f:e6:
         72:8e:80:ad:4b:61:e0:25:cf:45:71:9b:8a:05:43:98:57:3f:
         06:0e:3f:df:66:7b:68:41:0b:67:5d:f0:c8:92:f4:f9:56:e1:
         99:df:ab:88:78:ab:ff:22:ce:dc:c5:13:c2:93:45:d8:e2:76:
         12:43:51:a5:1f:23:14:8e:4c:ce:d9:99:25:29:75:46:38:6e:
         3c:e2:3a:6b:2d:05:6f:2b:65:33:3e:45:39:08:bb:fd:71:b6:
         a5:c9:70:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMBgHJw/JU3fd4txkj8BtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYjFlMmU0YzUwOGM2YzdhOThiNjU5ODUyODc0NWM4MTNm
YWQzMWQwHhcNMjMwMTAxMjExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZmNWJmM2IyZDI3OWQ2YTcwMTVkZDM4NWRiZDIxNzQ4MzhhNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGSrqOMNmzUOty7C+z1OHuL5PaME
bQ3Mh5S3j85j0PwIyQja4h6uVoXoH073XAM/VlBgey/x14tA+eWQtyZ6jYPkqEr4
x+KeK4WGysSN3NBq1EFlHPvz5UuFP/mU9YugGdAn4xnJVXy/vUypZVrQdhQmBBSR
JZJexipDb8E1mruYSSdrkFhW+l/0/Keilevq9el/9U/1UpFTkFKb9QCOJKxHJebP
fTlhtylBW5pwMODEbp1gI61xjs5RrA2lmMzqDe0SzuNUidHsOMGDXtG+y0ykhZUf
uksa7A2Hifz1+v8tHYJm5+TnHxQD8sMutuu8OuzCozeivWaSRzAPgVvGxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMb/W/Oy0nnWpwFd04Xb0hdIOKWzMB8GA1UdIwQY
MBaAFOKx4uTFCMbHqYtlmFKHRcgT+tMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2Et
NTQzZDYxODJlMjk0LzEveHY5Yjg3TFNlZGFuQVYzVGhkdlNGMGc0cGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2EtNTQzZDYxODJlMjk0
LzEvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhKYMA0G
CSqGSIb3DQEBCwUAA4IBAQA2QcToMy67koYbuIqzW/E6QtTVFGgfs8b6kj4T1LqK
4RoaiRQbDvEK1fTuUw4j9r7MZLyTOQR2zBqS1aFNKGagyJVU5L8f3Z7oVotu+3iB
o/SDCPC5AEMV9hwKCNY8WLFKrO58Ibtnt8gw2GpPAPxfHCR3HLGje2v2BJjsRDXO
vUqLGeLRfopYz1Xku33pRqySfFQs/hmD5bWUbLYQ+LxYP+ZyjoCtS2HgJc9FcZuK
BUOYVz8GDj/fZntoQQtnXfDIkvT5VuGZ36uIeKv/Is7cxRPCk0XY4nYSQ1GlHyMU
jkzO2ZklKXVGOG484jprLQVvK2UzPkU5CLv9cbalyXD3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:53 2024 by rpki-client on console-ams.rpki-client.org