Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/O8B3lG8VAsfX9Mc0uGub05iNjKM.roa
File:                     O8B3lG8VAsfX9Mc0uGub05iNjKM.roa (raw, json)
Hash identifier:          majGAd3FwqsI7tH9xpdJns7Xk3e6Hx4otBFlrn0N640=
Subject key identifier:   3B:C0:77:94:6F:15:02:C7:D7:F4:C7:34:B8:6B:9B:D3:98:8D:8C:A3
Certificate issuer:       /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial:       018CCA286F7D0BD3386634CE62FFD9C83C27
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/O8B3lG8VAsfX9Mc0uGub05iNjKM.roa
Signing time:             Tue 02 Jan 2024 12:31:36 +0000
ROA not before:           Tue 02 Jan 2024 12:31:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3177
IP address blocks:        37.32.44.0/24 maxlen: 24
                          37.32.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 19:35:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:28:6f:7d:0b:d3:38:66:34:ce:62:ff:d9:c8:3c:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
        Validity
            Not Before: Jan  2 12:31:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3bc077946f1502c7d7f4c734b86b9bd3988d8ca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:59:94:3b:c4:b5:5d:0b:cb:2e:64:2a:22:b4:
                    54:c0:ca:ee:b8:d1:c5:8d:e9:ba:66:bd:a7:f2:ca:
                    86:c6:20:cd:b3:3f:b2:5a:04:ff:63:62:a4:50:28:
                    8b:26:02:b2:e3:15:aa:36:e7:77:45:41:21:e3:bd:
                    f0:66:9f:2c:e7:21:eb:f6:1c:ee:ff:2b:a1:2b:61:
                    f7:2f:6a:b2:30:5c:ca:de:78:d7:ff:1e:f2:1a:bf:
                    d5:c3:0c:16:50:8c:e2:d0:91:97:c2:14:cb:cc:12:
                    be:21:c5:b5:1b:5a:7f:4a:12:5b:b0:7b:6a:c1:16:
                    7b:96:67:ba:a6:23:55:ff:a7:e5:ad:36:da:f6:28:
                    86:ba:3e:b5:f7:b9:c4:0a:05:7d:ec:a3:8d:53:ae:
                    85:b1:1e:38:66:9f:1b:25:eb:ce:a1:a1:cf:62:59:
                    3e:65:fb:40:24:af:ea:cd:8f:4c:c5:e2:43:e1:64:
                    15:8e:f5:c4:eb:83:1f:91:53:b7:13:fb:a1:7f:15:
                    09:5b:6e:94:29:83:e4:b3:3e:ec:64:65:c8:6b:ec:
                    ae:b1:b8:33:9f:ac:fc:eb:5c:89:8a:e5:4e:37:27:
                    7c:43:bd:5e:77:ed:a7:62:d3:21:61:a4:fb:f4:31:
                    01:f8:f4:2e:04:84:ef:7a:ae:46:3e:6b:6f:85:38:
                    3a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C0:77:94:6F:15:02:C7:D7:F4:C7:34:B8:6B:9B:D3:98:8D:8C:A3
            X509v3 Authority Key Identifier:
                keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/O8B3lG8VAsfX9Mc0uGub05iNjKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:1c:cd:0f:0c:52:40:2c:9c:af:a8:a5:25:1f:b7:cb:f2:c8:
         9d:3f:cf:d9:2a:cc:a0:e9:23:e8:f4:80:32:6a:ca:c7:5a:32:
         a0:7e:4f:51:15:86:cd:4a:b8:6c:25:c5:98:84:18:91:39:59:
         54:da:07:88:6a:6b:1b:58:19:86:09:08:af:a5:52:b6:ad:2e:
         e9:f5:48:52:26:0d:9a:9d:ff:ef:fe:84:8a:35:62:7d:ab:f0:
         8f:90:c2:b7:f0:06:f2:ea:74:c2:fa:17:c5:04:23:88:c4:36:
         28:7e:63:bf:6a:3c:9f:69:34:f6:dc:c7:f6:8f:14:5c:65:1c:
         d8:af:e8:56:6f:ef:71:32:5c:ce:ce:e8:6d:1e:f3:80:99:8e:
         d0:d5:45:91:5b:be:1f:e6:62:97:91:76:e0:03:64:4f:a1:fa:
         d1:03:8b:de:74:08:80:e8:8e:1a:5b:08:a9:1c:07:26:0a:b8:
         3f:25:fc:8d:b6:02:09:b8:fa:d1:76:ef:d8:f1:82:02:5d:f9:
         4f:d0:33:fd:b3:3b:9e:c3:28:3d:17:43:e0:ff:f5:1d:80:7d:
         5d:41:cf:2d:38:62:15:a6:f0:c3:d0:9e:94:75:82:a4:ef:72:
         fe:ab:06:6e:ee:27:cf:98:1c:11:af:6e:c2:46:03:cd:7e:8d:
         04:07:a5:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKG99C9M4ZjTOYv/ZyDwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAyMTIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmMwNzc5NDZmMTUwMmM3ZDdmNGM3MzRiODZiOWJkMzk4OGQ4Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1mUO8S1XQvLLmQqIrRUwMruuNHF
jem6Zr2n8sqGxiDNsz+yWgT/Y2KkUCiLJgKy4xWqNud3RUEh473wZp8s5yHr9hzu
/yuhK2H3L2qyMFzK3njX/x7yGr/VwwwWUIzi0JGXwhTLzBK+IcW1G1p/ShJbsHtq
wRZ7lme6piNV/6flrTba9iiGuj6197nECgV97KONU66FsR44Zp8bJevOoaHPYlk+
ZftAJK/qzY9MxeJD4WQVjvXE64MfkVO3E/uhfxUJW26UKYPksz7sZGXIa+yusbgz
n6z861yJiuVONyd8Q71ed+2nYtMhYaT79DEB+PQuBITveq5GPmtvhTg6cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvAd5RvFQLH1/THNLhrm9OYjYyjMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTzhCM2xHOFZBc2ZYOU1jMHVHdWIwNWlOaktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJSAsMA0G
CSqGSIb3DQEBCwUAA4IBAQAFHM0PDFJALJyvqKUlH7fL8sidP8/ZKsyg6SPo9IAy
asrHWjKgfk9RFYbNSrhsJcWYhBiROVlU2geIamsbWBmGCQivpVK2rS7p9UhSJg2a
nf/v/oSKNWJ9q/CPkMK38Aby6nTC+hfFBCOIxDYofmO/ajyfaTT23Mf2jxRcZRzY
r+hWb+9xMlzOzuhtHvOAmY7Q1UWRW74f5mKXkXbgA2RPofrRA4vedAiA6I4aWwip
HAcmCrg/JfyNtgIJuPrRdu/Y8YICXflP0DP9szuewyg9F0Pg//UdgH1dQc8tOGIV
pvDD0J6UdYKk73L+qwZu7ifPmBwRr27CRgPNfo0EB6W+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:09 2024 by rpki-client on console-ams.rpki-client.org