Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/xy0YRoaUYpuKRS10tIa-uBUQrQM.roa
File:                     xy0YRoaUYpuKRS10tIa-uBUQrQM.roa (raw, json)
Hash identifier:          rAmH0HHeXiNFg7DvcwuVClPyWa1uxz0YNONBmdEOuzo=
Subject key identifier:   C7:2D:18:46:86:94:62:9B:8A:45:2D:74:B4:86:BE:B8:15:10:AD:03
Certificate issuer:       /CN=08d493078812d09e1a1e0eb2a380fc6574983f5c
Certificate serial:       01856EAFB8214227457B008E197E7B39A906
Authority key identifier: 08:D4:93:07:88:12:D0:9E:1A:1E:0E:B2:A3:80:FC:65:74:98:3F:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNSTB4gS0J4aHg6yo4D8ZXSYP1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/xy0YRoaUYpuKRS10tIa-uBUQrQM.roa
Signing time:             Sun 01 Jan 2023 18:54:47 +0000
ROA not before:           Sun 01 Jan 2023 18:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2850
IP address blocks:        137.43.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:af:b8:21:42:27:45:7b:00:8e:19:7e:7b:39:a9:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d493078812d09e1a1e0eb2a380fc6574983f5c
        Validity
            Not Before: Jan  1 18:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c72d18468694629b8a452d74b486beb81510ad03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:ca:87:55:96:36:16:05:ae:3f:7d:fa:a2:41:
                    9d:0c:0f:cb:c9:f0:28:12:eb:6d:c8:3b:0e:fe:10:
                    05:24:19:7f:b5:b3:93:98:4f:0a:d4:b4:37:fb:f0:
                    56:f9:91:8b:e5:fa:ba:95:a2:8f:86:4e:b5:16:3b:
                    96:80:a3:b9:ff:a5:b5:aa:61:1c:ec:57:10:63:96:
                    53:16:be:8d:79:7b:96:a3:7b:f6:be:4d:84:20:3c:
                    4d:19:b3:c7:d2:70:37:70:05:b9:14:6d:a8:61:20:
                    94:8b:14:ac:0a:ba:7f:95:03:41:36:a7:73:fe:0c:
                    ea:7c:b7:2d:20:92:b1:1f:55:44:25:e6:d6:8e:f2:
                    72:cd:25:85:0e:22:57:18:05:f7:3a:a6:53:99:89:
                    42:4b:49:00:7e:6f:b6:02:a4:91:c5:56:97:63:dc:
                    df:20:3a:4b:ec:9e:ca:e8:5b:75:ad:a1:4f:2f:1d:
                    c3:66:cc:bf:74:08:56:c3:62:30:c0:ca:53:82:bb:
                    3a:3e:1e:55:fa:4a:78:43:0f:0f:15:dc:23:2e:fd:
                    90:5c:e3:7d:aa:47:25:f8:cf:dd:bc:f9:b8:79:d7:
                    02:8c:34:4a:ba:4b:9b:a3:69:4d:32:c9:c9:ae:30:
                    f7:f9:9b:8b:9c:0c:00:20:ba:a2:3c:df:1c:ff:6c:
                    66:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:2D:18:46:86:94:62:9B:8A:45:2D:74:B4:86:BE:B8:15:10:AD:03
            X509v3 Authority Key Identifier:
                keyid:08:D4:93:07:88:12:D0:9E:1A:1E:0E:B2:A3:80:FC:65:74:98:3F:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNSTB4gS0J4aHg6yo4D8ZXSYP1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/xy0YRoaUYpuKRS10tIa-uBUQrQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/CNSTB4gS0J4aHg6yo4D8ZXSYP1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.43.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         64:cd:7c:0d:7d:0e:c9:7b:b2:41:45:5e:bf:36:45:33:d7:36:
         39:a1:86:b4:f5:8c:a9:5a:9f:18:80:44:12:8e:e8:f4:bc:08:
         7f:75:71:f2:14:4d:79:ee:09:04:25:25:85:54:5c:7b:f6:5e:
         2a:d1:a6:9e:b1:2e:d5:6d:eb:d8:b5:56:e0:17:cc:25:cc:48:
         a2:5f:d9:ae:49:64:22:b7:e5:5d:6d:37:12:03:94:45:b4:cb:
         88:10:58:75:a7:7d:5e:ff:d7:1f:a8:a7:2f:4d:e8:48:8c:33:
         7d:07:21:db:b3:e1:fc:7f:67:98:ff:26:75:69:2d:f1:fb:2b:
         2a:06:83:b3:9f:6d:e7:7c:e2:c3:0e:03:24:9b:13:0f:db:ae:
         11:13:ff:14:9f:93:c4:9e:af:29:7c:2e:aa:4d:99:f3:1b:6c:
         24:ab:4d:c2:2d:fb:ed:74:a6:c3:2a:33:91:98:1c:cc:fa:8e:
         2f:82:24:cb:ac:d2:5c:1c:3c:87:d1:88:14:0d:a9:93:68:d3:
         44:19:23:1e:fb:b2:85:bb:df:8e:e5:1a:22:3b:10:6f:ab:be:
         68:4d:7a:8b:01:9c:c0:10:b2:13:1e:31:27:0e:f1:cc:18:a6:
         a8:b4:a8:6b:1c:27:3c:f1:d7:59:c4:e2:d9:87:9f:dc:9c:67:
         e9:f5:8f:c1
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVur7ghQidFewCOGX57OakGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDQ5MzA3ODgxMmQwOWUxYTFlMGViMmEzODBmYzY1NzQ5
ODNmNWMwHhcNMjMwMTAxMTg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJkMTg0Njg2OTQ2MjliOGE0NTJkNzRiNDg2YmViODE1MTBhZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9sqHVZY2FgWuP336okGdDA/LyfAo
EuttyDsO/hAFJBl/tbOTmE8K1LQ3+/BW+ZGL5fq6laKPhk61FjuWgKO5/6W1qmEc
7FcQY5ZTFr6NeXuWo3v2vk2EIDxNGbPH0nA3cAW5FG2oYSCUixSsCrp/lQNBNqdz
/gzqfLctIJKxH1VEJebWjvJyzSWFDiJXGAX3OqZTmYlCS0kAfm+2AqSRxVaXY9zf
IDpL7J7K6Ft1raFPLx3DZsy/dAhWw2IwwMpTgrs6Ph5V+kp4Qw8PFdwjLv2QXON9
qkcl+M/dvPm4edcCjDRKukubo2lNMsnJrjD3+ZuLnAwAILqiPN8c/2xmXwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMctGEaGlGKbikUtdLSGvrgVEK0DMB8GA1UdIwQY
MBaAFAjUkweIEtCeGh4OsqOA/GV0mD9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05TVEI0Z1MwSjRhSGc2eW80RDhaWFNZUDF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lOWEzMWYtMTUzNy00MGMxLWI2MmQt
MzFhZGY2NDM5NjQzLzEveHkwWVJvYVVZcHVLUlMxMHRJYS11QlVRclFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9lOWEzMWYtMTUzNy00MGMxLWI2MmQtMzFhZGY2NDM5NjQz
LzEvQ05TVEI0Z1MwSjRhSGc2eW80RDhaWFNZUDF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAiSswDQYJ
KoZIhvcNAQELBQADggEBAGTNfA19Dsl7skFFXr82RTPXNjmhhrT1jKlanxiARBKO
6PS8CH91cfIUTXnuCQQlJYVUXHv2XirRpp6xLtVt69i1VuAXzCXMSKJf2a5JZCK3
5V1tNxIDlEW0y4gQWHWnfV7/1x+opy9N6EiMM30HIduz4fx/Z5j/JnVpLfH7KyoG
g7Ofbed84sMOAySbEw/brhET/xSfk8Seryl8LqpNmfMbbCSrTcIt++10psMqM5GY
HMz6ji+CJMus0lwcPIfRiBQNqZNo00QZIx77soW7347lGiI7EG+rvmhNeosBnMAQ
shMeMScO8cwYpqi0qGscJzzx11nE4tmHn9ycZ+n1j8E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:32 2024 by rpki-client on console-fra.rpki-client.org