Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/iSh2FuWnJ8ZIfG_wxafoWf6xl3s.roa
File:                     iSh2FuWnJ8ZIfG_wxafoWf6xl3s.roa (raw, json)
Hash identifier:          QcClSXU1ixBwfmYFilqDYlklsW1ZqeVaNvCAW/ysFj8=
Subject key identifier:   89:28:76:16:E5:A7:27:C6:48:7C:6F:F0:C5:A7:E8:59:FE:B1:97:7B
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       01856B4A255A41C14996D728069C7A6D269B
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/iSh2FuWnJ8ZIfG_wxafoWf6xl3s.roa
Signing time:             Sun 01 Jan 2023 03:04:59 +0000
ROA not before:           Sun 01 Jan 2023 03:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        37.230.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Jan 2023 15:44:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:4a:25:5a:41:c1:49:96:d7:28:06:9c:7a:6d:26:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Jan  1 03:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89287616e5a727c6487c6ff0c5a7e859feb1977b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6a:1d:0e:98:b9:95:c8:9b:b9:d2:ef:82:13:
                    44:78:ee:4a:61:15:37:ef:b2:95:db:72:7f:50:9b:
                    25:10:01:a4:bb:6e:9f:dc:28:13:8b:45:a4:44:2a:
                    9c:5c:e9:de:fb:fb:50:0e:23:11:da:18:ce:7f:ea:
                    1c:3a:08:63:6e:99:aa:de:6d:b1:61:b4:56:03:e8:
                    45:a1:f4:42:67:cc:18:bf:e1:e8:2a:f8:ea:e6:5f:
                    67:99:eb:26:55:e7:51:ed:d3:34:e2:3b:78:21:47:
                    cb:bb:61:cd:d7:70:02:4b:33:eb:d7:75:c6:f2:09:
                    f6:b2:a0:64:0c:5c:ee:c2:ae:59:48:d2:ff:4d:bc:
                    86:78:30:3e:d7:68:49:6f:93:17:ac:19:7d:83:0b:
                    fd:aa:51:7f:37:1d:50:e7:85:01:5a:87:99:c6:c5:
                    04:03:76:43:64:40:16:dd:5e:11:a4:d1:d0:e4:b2:
                    f2:ce:93:cd:45:30:b4:b6:aa:9e:46:54:10:2e:ee:
                    73:4f:ab:71:e0:90:09:49:f4:ba:95:4b:d6:a3:36:
                    33:02:98:b2:48:0e:92:d0:6a:f7:5c:fa:b7:1d:fb:
                    23:0d:2b:f6:7f:90:a6:23:a6:37:4e:6c:b2:0b:29:
                    37:c0:03:5e:97:41:0d:14:90:71:d9:98:ea:cf:b7:
                    3c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:28:76:16:E5:A7:27:C6:48:7C:6F:F0:C5:A7:E8:59:FE:B1:97:7B
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/iSh2FuWnJ8ZIfG_wxafoWf6xl3s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:f2:16:e2:b0:27:38:12:b2:b1:a4:a7:6c:cd:84:01:fa:15:
         35:5c:2d:23:da:7c:80:e4:3d:9b:86:43:1e:df:0a:1b:a0:d1:
         8d:1f:6f:e6:90:4c:d0:fd:fb:07:6d:cd:c8:3b:6d:1e:48:6f:
         ba:db:72:31:0c:f5:f9:80:87:07:5b:c9:61:34:ea:09:e1:46:
         b3:34:8b:ba:15:3a:66:c1:42:2f:b6:a1:ba:ea:3c:ba:40:85:
         7b:fd:79:c5:56:67:70:ba:23:7c:03:2f:c4:12:b3:93:28:7c:
         ac:e0:87:48:b3:e3:3c:38:e7:f2:bd:cc:65:59:d1:05:9a:63:
         46:8f:fe:67:91:43:23:e4:61:a3:60:37:47:1a:7a:5c:71:08:
         d5:4e:35:71:63:c1:80:3b:ba:11:75:1e:4e:16:b1:82:40:7b:
         61:3f:2b:04:0f:bd:fd:0c:9c:e7:d9:d8:18:b8:27:ab:f9:19:
         2d:ae:66:7c:d3:a8:95:81:17:84:51:7f:45:4e:92:8c:9d:dc:
         01:38:ac:98:c7:94:bb:aa:28:2d:6c:32:2d:a3:55:c4:91:9a:
         45:9b:70:98:b5:e6:67:e6:3b:72:a5:b8:f1:3a:ac:98:18:62:
         23:55:3e:83:eb:5a:20:ff:b1:ef:08:a5:14:a6:c7:83:02:2a:
         ca:02:d0:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSiVaQcFJltcoBpx6bSabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI4NzYxNmU1YTcyN2M2NDg3YzZmZjBjNWE3ZTg1OWZlYjE5NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2odDpi5lcibudLvghNEeO5KYRU3
77KV23J/UJslEAGku26f3CgTi0WkRCqcXOne+/tQDiMR2hjOf+ocOghjbpmq3m2x
YbRWA+hFofRCZ8wYv+HoKvjq5l9nmesmVedR7dM04jt4IUfLu2HN13ACSzPr13XG
8gn2sqBkDFzuwq5ZSNL/TbyGeDA+12hJb5MXrBl9gwv9qlF/Nx1Q54UBWoeZxsUE
A3ZDZEAW3V4RpNHQ5LLyzpPNRTC0tqqeRlQQLu5zT6tx4JAJSfS6lUvWozYzApiy
SA6S0Gr3XPq3HfsjDSv2f5CmI6Y3TmyyCyk3wANel0ENFJBx2Zjqz7c8IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkodhblpyfGSHxv8MWn6Fn+sZd7MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvaVNoMkZ1V25KOFpJZkdfd3hhZm9XZjZ4bDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeayMA0G
CSqGSIb3DQEBCwUAA4IBAQC58hbisCc4ErKxpKdszYQB+hU1XC0j2nyA5D2bhkMe
3woboNGNH2/mkEzQ/fsHbc3IO20eSG+623IxDPX5gIcHW8lhNOoJ4UazNIu6FTpm
wUIvtqG66jy6QIV7/XnFVmdwuiN8Ay/EErOTKHys4IdIs+M8OOfyvcxlWdEFmmNG
j/5nkUMj5GGjYDdHGnpccQjVTjVxY8GAO7oRdR5OFrGCQHthPysED739DJzn2dgY
uCer+RktrmZ806iVgReEUX9FTpKMndwBOKyYx5S7qigtbDIto1XEkZpFm3CYteZn
5jtypbjxOqyYGGIjVT6D61og/7HvCKUUpseDAirKAtAf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org