Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3W4Y-XEy1Smk4kbnqOlALRLXJA4.roa
File:                     3W4Y-XEy1Smk4kbnqOlALRLXJA4.roa (raw, json)
Hash identifier:          JoaqYjU7xMwBudpO3ba8n0Q3yxoZRBqGWG6MYuQc4a4=
Subject key identifier:   DD:6E:18:F9:71:32:D5:29:A4:E2:46:E7:A8:E9:40:2D:12:D7:24:0E
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       01856B4A26E6F912B9F206D81B56C032DFB6
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3W4Y-XEy1Smk4kbnqOlALRLXJA4.roa
Signing time:             Sun 01 Jan 2023 03:04:59 +0000
ROA not before:           Sun 01 Jan 2023 03:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42938
IP address blocks:        37.230.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:4a:26:e6:f9:12:b9:f2:06:d8:1b:56:c0:32:df:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Jan  1 03:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd6e18f97132d529a4e246e7a8e9402d12d7240e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:32:10:c9:60:ae:27:ed:b6:6a:51:0c:8e:9f:
                    ae:ad:72:e4:69:92:46:b0:fb:6d:92:cc:b6:bf:d9:
                    e0:f7:07:1b:f6:4d:b1:f7:ab:d2:63:a7:75:ea:7b:
                    d6:49:ed:07:fd:0b:c6:e0:84:57:74:36:ad:08:a7:
                    dd:f9:6d:db:cc:f2:e6:04:97:37:ec:f6:b4:a1:5a:
                    b3:17:92:b6:d8:b7:f4:66:33:2e:28:5b:00:51:de:
                    a9:be:f2:6d:3a:c6:f8:7e:6d:f8:86:39:8c:c5:e7:
                    6e:6c:f3:8a:bb:30:a1:70:ee:cc:0a:41:6a:9b:61:
                    81:d2:e9:ca:e3:34:71:28:af:c3:76:6d:a5:ff:8b:
                    25:6b:59:98:d6:20:6b:37:cf:79:e3:7b:e4:b7:0d:
                    3a:e6:d0:b4:02:5d:50:14:22:c2:5b:26:81:d3:c7:
                    02:4b:02:0b:72:a1:d4:8a:7e:bf:7d:38:6f:5a:ba:
                    be:dd:76:62:30:65:90:b5:2e:50:5d:d7:08:51:7c:
                    dc:0a:e1:50:6e:f6:15:6d:51:fd:f3:f9:f4:5f:49:
                    3a:a7:ea:53:c8:a4:e5:a5:70:28:64:a4:d8:4f:ca:
                    42:22:82:00:b1:c0:08:6f:d6:d0:df:47:dc:f4:bc:
                    8d:22:26:36:e3:74:98:d8:b2:ce:af:cf:8d:08:07:
                    e3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:6E:18:F9:71:32:D5:29:A4:E2:46:E7:A8:E9:40:2D:12:D7:24:0E
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3W4Y-XEy1Smk4kbnqOlALRLXJA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:dc:f6:20:76:84:40:f7:99:a4:34:c7:76:f1:1c:8f:9c:eb:
         67:80:11:09:ae:2f:7a:63:72:81:fb:fe:ba:ea:0d:8c:14:21:
         17:b4:a4:fd:ae:d6:21:e3:e8:f1:6f:42:2c:f6:d0:dd:e8:80:
         c9:64:37:ea:b7:7f:d5:d9:c7:81:c8:41:33:c5:97:a2:a7:4d:
         39:dc:2c:78:57:1e:fb:c3:9f:3f:8e:93:da:a7:3e:3f:70:52:
         91:c7:6f:93:ce:11:29:2c:f0:e8:0a:7c:e9:9c:20:fd:dc:dd:
         50:36:dd:f1:e2:71:ef:8c:58:b4:f2:a5:14:ab:91:1a:fb:5e:
         77:f5:8a:08:02:3a:39:5a:ce:5f:9a:56:ca:71:a2:91:93:6b:
         fd:56:cf:77:88:f4:0d:cc:90:22:80:65:b1:2c:49:b9:fd:cd:
         04:61:a9:85:74:d6:9e:39:78:86:92:c0:b1:5f:ac:af:b7:56:
         8e:37:72:78:4b:cc:f3:9b:d3:4b:a2:50:56:78:30:fb:4c:fe:
         9c:10:f0:75:01:6b:5b:0f:94:0d:66:e1:0c:34:94:8a:30:e7:
         a0:4f:24:c6:50:6a:a6:5c:af:52:4e:bf:76:50:f0:68:ba:7b:
         48:65:b9:3c:f9:2a:13:1f:83:44:0b:71:5f:6a:c3:2a:d1:b1:
         37:09:57:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSibm+RK58gbYG1bAMt+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDZlMThmOTcxMzJkNTI5YTRlMjQ2ZTdhOGU5NDAyZDEyZDcyNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DIQyWCuJ+22alEMjp+urXLkaZJG
sPttksy2v9ng9wcb9k2x96vSY6d16nvWSe0H/QvG4IRXdDatCKfd+W3bzPLmBJc3
7Pa0oVqzF5K22Lf0ZjMuKFsAUd6pvvJtOsb4fm34hjmMxedubPOKuzChcO7MCkFq
m2GB0unK4zRxKK/Ddm2l/4sla1mY1iBrN89543vktw065tC0Al1QFCLCWyaB08cC
SwILcqHUin6/fThvWrq+3XZiMGWQtS5QXdcIUXzcCuFQbvYVbVH98/n0X0k6p+pT
yKTlpXAoZKTYT8pCIoIAscAIb9bQ30fc9LyNIiY243SY2LLOr8+NCAfjcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1uGPlxMtUppOJG56jpQC0S1yQOMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvM1c0WS1YRXkxU21rNGtibnFPbEFMUkxYSkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeb3MA0G
CSqGSIb3DQEBCwUAA4IBAQA03PYgdoRA95mkNMd28RyPnOtngBEJri96Y3KB+/66
6g2MFCEXtKT9rtYh4+jxb0Is9tDd6IDJZDfqt3/V2ceByEEzxZeip0053Cx4Vx77
w58/jpPapz4/cFKRx2+TzhEpLPDoCnzpnCD93N1QNt3x4nHvjFi08qUUq5Ea+153
9YoIAjo5Ws5fmlbKcaKRk2v9Vs93iPQNzJAigGWxLEm5/c0EYamFdNaeOXiGksCx
X6yvt1aON3J4S8zzm9NLolBWeDD7TP6cEPB1AWtbD5QNZuEMNJSKMOegTyTGUGqm
XK9STr92UPBountIZbk8+SoTH4NEC3FfasMq0bE3CVcl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org