Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/62y7UXaohbr42UFB2H0y9_cVWKU.roa
File:                     62y7UXaohbr42UFB2H0y9_cVWKU.roa (raw, json)
Hash identifier:          J3IKFIc92x9y2MoOrQs2zyQmBE9ha14Zjv+9eilCLLE=
Subject key identifier:   EB:6C:BB:51:76:A8:85:BA:F8:D9:41:41:D8:7D:32:F7:F7:15:58:A5
Certificate issuer:       /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial:       01856E141C7CF3810FE3245933DC355A200C
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/62y7UXaohbr42UFB2H0y9_cVWKU.roa
Signing time:             Sun 01 Jan 2023 16:04:49 +0000
ROA not before:           Sun 01 Jan 2023 16:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57872
IP address blocks:        37.140.232.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:14:1c:7c:f3:81:0f:e3:24:59:33:dc:35:5a:20:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
        Validity
            Not Before: Jan  1 16:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb6cbb5176a885baf8d94141d87d32f7f71558a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d5:6d:cd:f1:b6:f8:d2:65:f2:88:ef:57:88:
                    85:8c:43:74:bd:46:fc:17:56:1d:11:ac:38:ea:fa:
                    96:10:e9:6d:58:e9:93:38:a2:06:0f:9c:e3:eb:0b:
                    3d:40:5e:c0:e2:04:7e:d1:72:c9:74:7f:70:7f:9b:
                    bc:81:95:cf:f8:e8:4a:f6:a4:c7:4a:27:96:3a:cb:
                    c7:a7:64:b6:41:0b:af:d2:20:4b:e7:fc:3e:85:2b:
                    6c:b1:a6:f7:87:1c:16:25:df:97:d6:c9:80:35:82:
                    b5:c2:94:e1:47:a3:ef:44:2f:11:a8:f0:c0:7d:e2:
                    07:66:8c:ff:f0:5b:97:ab:15:66:07:99:25:d6:1a:
                    2f:84:46:cb:77:63:c3:f8:36:c7:02:d9:da:2e:e2:
                    56:8c:02:5b:59:ac:b0:39:c5:90:56:2c:e8:48:f7:
                    a6:f2:af:e6:dd:d0:5a:2d:1c:40:4a:d8:99:72:6d:
                    d3:76:a9:c6:95:92:90:cf:51:43:41:8d:b1:73:a9:
                    9b:2c:75:f5:44:12:1d:04:3c:af:10:f4:7a:5c:40:
                    0a:2f:99:ef:3d:cf:69:e6:57:cb:ef:ff:77:07:36:
                    91:82:6e:25:2b:f2:d2:97:e5:28:ca:30:17:ae:c4:
                    4b:7a:c7:ec:48:5e:4b:c7:d3:b7:e3:19:e0:2e:45:
                    a5:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:6C:BB:51:76:A8:85:BA:F8:D9:41:41:D8:7D:32:F7:F7:15:58:A5
            X509v3 Authority Key Identifier:
                keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/62y7UXaohbr42UFB2H0y9_cVWKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         08:2b:94:fd:c0:9a:a2:2f:25:0c:b2:4c:63:2c:76:aa:cc:e0:
         b1:6c:32:b7:e8:f0:b1:4c:45:16:c7:96:47:f0:63:87:60:b4:
         10:25:1f:19:b7:b2:56:fe:73:f4:6d:6f:ad:74:22:08:a4:01:
         be:29:09:70:2e:1e:15:ff:2e:38:fc:14:62:06:c0:a0:03:71:
         6c:4c:36:7e:52:8a:df:d3:ec:03:e7:f6:43:28:bb:a7:6a:1c:
         2c:ec:4e:89:ba:d2:2f:de:64:a0:05:c3:6c:8a:27:89:78:e9:
         93:8d:37:78:29:65:84:46:29:5c:8a:36:24:a2:1d:c5:d7:25:
         89:3f:47:0d:90:7a:eb:36:ae:bd:34:a0:a1:f5:b3:f7:a3:af:
         20:a2:bd:0c:9e:3a:8b:0d:18:90:95:c7:67:b8:63:b2:1f:4d:
         7a:f8:32:f7:8e:ed:6a:3b:fa:ad:3c:06:3d:d7:a6:21:90:03:
         58:64:57:0c:fd:14:f1:8d:34:ee:93:42:4d:a3:46:85:46:1e:
         a7:31:44:2c:46:4f:fe:03:6a:03:08:77:00:03:3a:66:f4:b3:
         99:75:d9:bc:a1:a2:4c:8e:67:48:b4:51:7e:12:63:5e:b7:8b:
         61:86:b5:06:c6:c3:06:fb:af:76:20:44:c6:99:bc:63:cb:52:
         8f:d1:8d:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFBx884EP4yRZM9w1WiAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZjYmI1MTc2YTg4NWJhZjhkOTQxNDFkODdkMzJmN2Y3MTU1OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdVtzfG2+NJl8ojvV4iFjEN0vUb8
F1YdEaw46vqWEOltWOmTOKIGD5zj6ws9QF7A4gR+0XLJdH9wf5u8gZXP+OhK9qTH
SieWOsvHp2S2QQuv0iBL5/w+hStssab3hxwWJd+X1smANYK1wpThR6PvRC8RqPDA
feIHZoz/8FuXqxVmB5kl1hovhEbLd2PD+DbHAtnaLuJWjAJbWaywOcWQVizoSPem
8q/m3dBaLRxAStiZcm3TdqnGlZKQz1FDQY2xc6mbLHX1RBIdBDyvEPR6XEAKL5nv
Pc9p5lfL7/93BzaRgm4lK/LSl+UoyjAXrsRLesfsSF5Lx9O34xngLkWlVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtsu1F2qIW6+NlBQdh9Mvf3FVilMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvNjJ5N1VYYW9oYnI0MlVGQjJIMHk5X2NWV0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJYzoMA0G
CSqGSIb3DQEBCwUAA4IBAQAIK5T9wJqiLyUMskxjLHaqzOCxbDK36PCxTEUWx5ZH
8GOHYLQQJR8Zt7JW/nP0bW+tdCIIpAG+KQlwLh4V/y44/BRiBsCgA3FsTDZ+Uorf
0+wD5/ZDKLunahws7E6JutIv3mSgBcNsiieJeOmTjTd4KWWERilcijYkoh3F1yWJ
P0cNkHrrNq69NKCh9bP3o68gor0MnjqLDRiQlcdnuGOyH016+DL3ju1qO/qtPAY9
16YhkANYZFcM/RTxjTTuk0JNo0aFRh6nMUQsRk/+A2oDCHcAAzpm9LOZddm8oaJM
jmdItFF+EmNet4thhrUGxsMG+692IETGmbxjy1KP0Y1p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:07 2024 by rpki-client on console-ams.rpki-client.org