Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/xT4ePKjZnlk2VTumgtMxyWjUkLM.roa
File:                     xT4ePKjZnlk2VTumgtMxyWjUkLM.roa (raw, json)
Hash identifier:          azW8nwFPJcXaOgLF2+JW90f0OAwMa+hZwS7vKnimbQ0=
Subject key identifier:   C5:3E:1E:3C:A8:D9:9E:59:36:55:3B:A6:82:D3:31:C9:68:D4:90:B3
Certificate issuer:       /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial:       018CCA28486E35209FB21E21A2E343AC3027
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/xT4ePKjZnlk2VTumgtMxyWjUkLM.roa
Signing time:             Tue 02 Jan 2024 12:31:26 +0000
ROA not before:           Tue 02 Jan 2024 12:31:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49581
IP address blocks:        37.77.48.0/21 maxlen: 21
                          2a00:c9e0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 20 Jan 2024 09:46:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:28:48:6e:35:20:9f:b2:1e:21:a2:e3:43:ac:30:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
        Validity
            Not Before: Jan  2 12:31:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c53e1e3ca8d99e5936553ba682d331c968d490b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d7:c5:bd:fd:76:d7:90:3c:4d:a7:f2:1e:0d:
                    e1:c0:82:ca:8d:7b:1a:18:cb:38:fd:08:4a:9a:90:
                    c1:4e:7a:98:ab:1a:78:65:5c:7f:4f:8c:67:b8:6b:
                    ee:3f:54:d1:ea:55:c6:c7:57:d1:bf:80:41:af:06:
                    76:bd:8c:bf:de:40:8b:c1:43:59:97:8c:9f:2e:02:
                    f4:05:0c:8d:95:4a:24:9b:85:60:62:d2:6c:bc:e8:
                    fc:f8:55:b2:7e:e1:6b:d5:4f:2d:10:93:88:7b:ec:
                    a2:39:a8:67:2a:e6:93:02:e3:60:87:68:4a:8b:9a:
                    86:40:e0:b1:72:e7:ee:41:7a:2e:fb:fc:d9:b6:26:
                    e9:ce:b8:95:6a:27:78:2c:f2:9a:62:0c:96:12:2b:
                    e5:09:20:b3:9e:09:1b:56:bf:9c:45:24:81:92:94:
                    10:75:13:ca:3e:8a:88:b4:7e:ac:e2:5a:0c:63:aa:
                    ef:8a:16:5e:c2:ce:3f:ff:dc:14:81:83:aa:92:26:
                    d9:75:a5:c1:4e:45:a1:9d:be:8d:72:6a:7b:83:28:
                    81:38:07:f7:ac:d7:3e:35:cb:06:68:31:1f:8a:2f:
                    45:66:e2:9a:db:7a:ad:bc:7a:32:f5:47:dc:4e:70:
                    1a:d1:0c:63:df:b7:d4:1f:27:d2:e6:7d:69:b0:c1:
                    61:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:3E:1E:3C:A8:D9:9E:59:36:55:3B:A6:82:D3:31:C9:68:D4:90:B3
            X509v3 Authority Key Identifier:
                keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/xT4ePKjZnlk2VTumgtMxyWjUkLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.48.0/21
                IPv6:
                  2a00:c9e0::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:7b:c6:62:1b:42:53:8e:93:b7:2a:75:d3:b3:9e:01:f3:86:
         52:82:e9:09:22:2e:b0:93:46:13:0d:cc:67:c2:12:fa:38:27:
         c0:8f:f2:4a:61:2e:d2:8a:aa:3f:87:c7:c8:d0:eb:b4:eb:c1:
         5a:ca:87:52:14:7a:f8:2c:6c:5b:b0:c4:5c:96:85:40:59:f6:
         23:ae:e0:68:a4:f4:c5:20:dc:a4:f9:03:fd:cd:9f:68:6f:c3:
         06:2c:12:72:71:94:6b:a4:9a:1f:b5:59:69:3f:05:54:72:ae:
         71:5e:1e:12:fb:4d:ce:a0:fe:3c:1e:fe:e9:6e:74:a8:e5:6d:
         f1:f1:d6:71:2a:93:09:0a:26:15:c6:43:76:40:27:63:90:63:
         4b:1e:d2:0b:32:f0:77:a4:8c:63:99:ca:5f:22:35:0c:a5:9d:
         ca:58:b7:dd:47:40:da:24:cf:32:ea:91:e0:74:de:94:aa:f8:
         c1:5f:1d:b6:43:b2:6e:f8:a1:75:1d:e4:54:ff:2f:a9:85:02:
         b0:2c:c7:51:b8:7d:7f:35:0a:00:90:cf:62:be:02:12:b3:b1:
         43:fe:8a:31:88:7f:d5:b7:17:4d:ed:7d:52:92:e1:ab:7a:74:
         6c:43:d8:b5:d4:f7:b7:25:3e:8f:c1:08:20:6a:d6:44:26:c4:
         a1:06:d8:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKEhuNSCfsh4houNDrDAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjQwMTAyMTIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNlMWUzY2E4ZDk5ZTU5MzY1NTNiYTY4MmQzMzFjOTY4ZDQ5MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNfFvf1215A8TafyHg3hwILKjXsa
GMs4/QhKmpDBTnqYqxp4ZVx/T4xnuGvuP1TR6lXGx1fRv4BBrwZ2vYy/3kCLwUNZ
l4yfLgL0BQyNlUokm4VgYtJsvOj8+FWyfuFr1U8tEJOIe+yiOahnKuaTAuNgh2hK
i5qGQOCxcufuQXou+/zZtibpzriVaid4LPKaYgyWEivlCSCzngkbVr+cRSSBkpQQ
dRPKPoqItH6s4loMY6rvihZews4//9wUgYOqkibZdaXBTkWhnb6Ncmp7gyiBOAf3
rNc+NcsGaDEfii9FZuKa23qtvHoy9UfcTnAa0Qxj37fUHyfS5n1psMFh7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMU+Hjyo2Z5ZNlU7poLTMclo1JCzMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEveFQ0ZVBLalpubGsyVlR1bWd0TXh5V2pVa0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDJU0wMA0E
AgACMAcDBQMqAMngMA0GCSqGSIb3DQEBCwUAA4IBAQCbe8ZiG0JTjpO3KnXTs54B
84ZSgukJIi6wk0YTDcxnwhL6OCfAj/JKYS7Siqo/h8fI0Ou068FayodSFHr4LGxb
sMRcloVAWfYjruBopPTFINyk+QP9zZ9ob8MGLBJycZRrpJoftVlpPwVUcq5xXh4S
+03OoP48Hv7pbnSo5W3x8dZxKpMJCiYVxkN2QCdjkGNLHtILMvB3pIxjmcpfIjUM
pZ3KWLfdR0DaJM8y6pHgdN6UqvjBXx22Q7Ju+KF1HeRU/y+phQKwLMdRuH1/NQoA
kM9ivgISs7FD/ooxiH/VtxdN7X1SkuGrenRsQ9i11Pe3JT6PwQggatZEJsShBtjP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org