Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Rwj0MFsxqXd8w8ENnlLyoUn4SDc.roa
File:                     Rwj0MFsxqXd8w8ENnlLyoUn4SDc.roa (raw, json)
Hash identifier:          wRVpPlUrxaY2QUmve0LrkY8HL6l9Qp7eNRIvRtgN7JY=
Subject key identifier:   47:08:F4:30:5B:31:A9:77:7C:C3:C1:0D:9E:52:F2:A1:49:F8:48:37
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EE0C7169E835B668B682852751965DC8B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Rwj0MFsxqXd8w8ENnlLyoUn4SDc.roa
Signing time:             Mon 15 Apr 2024 08:02:07 +0000
ROA not before:           Mon 15 Apr 2024 08:02:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        37.252.27.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          212.38.74.0/24 maxlen: 24
                          212.38.79.0/24 maxlen: 24
                          212.38.84.0/24 maxlen: 24
                          213.130.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 07:43:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e0:c7:16:9e:83:5b:66:8b:68:28:52:75:19:65:dc:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 15 08:02:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4708f4305b31a9777cc3c10d9e52f2a149f84837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:37:a6:a0:aa:c5:f8:89:b0:39:76:fe:ad:24:
                    66:23:88:6c:92:fe:f2:d8:69:9b:6e:7c:46:61:c2:
                    47:84:80:7a:53:28:9a:d1:3e:0f:e2:87:a8:a4:6d:
                    de:65:05:35:74:8e:46:c2:24:1f:e8:c1:d5:6f:4a:
                    55:f9:88:a7:bf:e2:a8:f9:24:1c:29:a7:80:33:f5:
                    4a:15:30:3e:40:ca:22:39:7a:48:e1:72:e2:7b:eb:
                    5e:59:8d:fa:c9:2e:96:bb:de:ef:4c:b3:10:dd:74:
                    01:bc:c2:14:33:c0:bb:50:34:fe:1e:db:51:c7:be:
                    f8:83:76:74:10:5e:c5:52:de:e4:4a:a6:d2:de:bf:
                    df:87:80:ed:95:b2:08:66:30:93:72:9d:ec:40:c5:
                    8b:d0:38:73:29:f3:d5:33:a5:a4:72:f7:4e:34:8e:
                    26:b0:b3:3e:f2:f5:f7:da:a6:37:87:d5:24:76:07:
                    01:5a:ad:b1:8a:1c:85:3f:c4:94:dd:36:76:fc:00:
                    55:74:ff:c0:e5:66:59:b4:13:56:a4:64:6f:db:0d:
                    2b:4e:d0:ba:5c:93:c6:e0:cc:64:73:3a:1f:7f:f2:
                    c8:35:a3:70:ae:1e:65:48:8b:0c:47:cd:12:95:a6:
                    41:61:c8:44:d0:71:30:d2:dd:07:22:42:dc:ef:62:
                    1d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:08:F4:30:5B:31:A9:77:7C:C3:C1:0D:9E:52:F2:A1:49:F8:48:37
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Rwj0MFsxqXd8w8ENnlLyoUn4SDc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.252.27.0/24
                  81.5.189.0/24
                  89.213.152.0/24
                  89.213.176.0/24
                  89.213.183.0/24
                  212.38.74.0/24
                  212.38.79.0/24
                  212.38.84.0/24
                  213.130.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:d7:e8:02:ef:ea:44:c6:fb:3e:0f:1a:aa:7c:80:38:79:f7:
         f3:b5:ff:cb:51:b4:76:c1:90:ca:da:b6:42:c9:7e:30:0c:04:
         73:5c:fe:64:e6:a3:00:93:bf:04:85:b7:79:d5:af:3f:af:05:
         5b:a1:52:bf:bb:09:fb:3c:90:0a:a7:61:0a:3e:f7:7f:61:23:
         37:c4:e6:ba:24:e9:54:53:57:19:31:5d:a6:db:db:be:b0:23:
         8e:18:af:01:5c:21:e4:47:5c:a4:b2:40:58:2b:79:ff:a5:1c:
         58:93:c5:33:83:0a:56:3c:7b:e5:57:0e:30:00:ff:8e:61:83:
         5f:97:11:93:f9:ec:f1:2f:ab:98:96:37:fd:a4:1a:1d:e9:55:
         cd:5e:4b:f3:e1:37:40:a5:6e:52:0d:85:45:bf:e5:dd:9c:61:
         17:52:73:98:a4:ef:c9:50:c4:64:73:28:bb:af:88:5a:92:cb:
         60:4e:9c:b3:f3:be:71:58:62:c4:a8:3e:a9:f8:ce:08:ca:cd:
         00:a9:ea:0c:3d:78:40:fe:81:0a:91:8e:ed:3e:1c:ad:3f:3f:
         3c:86:a2:55:2c:a9:26:c1:87:70:e0:72:ac:f2:12:bd:5a:f6:
         89:14:ac:5e:ad:b4:b1:92:14:49:d4:7d:19:8f:84:8d:f4:af:
         6a:f8:82:d9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY7gxxaeg1tmi2goUnUZZdyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDE1MDgwMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA4ZjQzMDViMzFhOTc3N2NjM2MxMGQ5ZTUyZjJhMTQ5Zjg0ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDemoKrF+ImwOXb+rSRmI4hskv7y
2GmbbnxGYcJHhIB6Uyia0T4P4oeopG3eZQU1dI5GwiQf6MHVb0pV+Yinv+Ko+SQc
KaeAM/VKFTA+QMoiOXpI4XLie+teWY36yS6Wu97vTLMQ3XQBvMIUM8C7UDT+HttR
x774g3Z0EF7FUt7kSqbS3r/fh4DtlbIIZjCTcp3sQMWL0DhzKfPVM6WkcvdONI4m
sLM+8vX32qY3h9UkdgcBWq2xihyFP8SU3TZ2/ABVdP/A5WZZtBNWpGRv2w0rTtC6
XJPG4Mxkczoff/LINaNwrh5lSIsMR80SlaZBYchE0HEw0t0HIkLc72IdwQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEcI9DBbMal3fMPBDZ5S8qFJ+Eg3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUndqME1Gc3hxWGQ4dzhFTm5sTHlvVW40U0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJfwbAwQA
UQW9AwQAWdWYAwQAWdWwAwQAWdW3AwQA1CZKAwQA1CZPAwQA1CZUAwQA1YKKMA0G
CSqGSIb3DQEBCwUAA4IBAQAO1+gC7+pExvs+DxqqfIA4effztf/LUbR2wZDK2rZC
yX4wDARzXP5k5qMAk78Ehbd51a8/rwVboVK/uwn7PJAKp2EKPvd/YSM3xOa6JOlU
U1cZMV2m29u+sCOOGK8BXCHkR1ykskBYK3n/pRxYk8UzgwpWPHvlVw4wAP+OYYNf
lxGT+ezxL6uYljf9pBod6VXNXkvz4TdApW5SDYVFv+XdnGEXUnOYpO/JUMRkcyi7
r4hakstgTpyz875xWGLEqD6p+M4Iys0AqeoMPXhA/oEKkY7tPhytPz88hqJVLKkm
wYdw4HKs8hK9WvaJFKxerbSxkhRJ1H0Zj4SN9K9q+ILZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org