Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/YeSFLemLGFK5t0_e10w3wsHB2qQ.roa
File:                     YeSFLemLGFK5t0_e10w3wsHB2qQ.roa (raw, json)
Hash identifier:          2E4EBKjN8XEtfXFVS0y4IaQ6Sq6r97eEDDMHZhoKKxo=
Subject key identifier:   61:E4:85:2D:E9:8B:18:52:B9:B7:4F:DE:D7:4C:37:C2:C1:C1:DA:A4
Certificate issuer:       /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial:       018746EEB1F3F2FD1EDFB608ACAB5A5E7CF4
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/YeSFLemLGFK5t0_e10w3wsHB2qQ.roa
Signing time:             Mon 03 Apr 2023 11:44:20 +0000
ROA not before:           Mon 03 Apr 2023 11:44:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28787
IP address blocks:        37.32.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:46:ee:b1:f3:f2:fd:1e:df:b6:08:ac:ab:5a:5e:7c:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
        Validity
            Not Before: Apr  3 11:44:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61e4852de98b1852b9b74fded74c37c2c1c1daa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:05:eb:b9:cf:a1:d4:2d:87:d6:d2:95:ae:48:
                    5a:fd:9e:bd:a9:ce:89:d3:2a:cc:aa:0b:b9:ee:78:
                    5c:b9:5b:00:9f:a7:fc:0c:53:0d:cf:22:16:06:71:
                    f7:ce:5e:78:de:60:02:a2:20:76:47:52:c3:86:d4:
                    c8:88:4d:e1:c3:25:19:cd:16:8a:d7:9c:a8:8b:8a:
                    f6:9f:22:84:05:03:f5:a7:f7:28:0f:a6:7b:34:64:
                    ba:14:a9:af:8a:e8:7d:2e:f3:60:fa:98:4b:1e:92:
                    66:79:f1:a8:d7:0b:16:e2:ed:87:8c:db:a5:ac:34:
                    c1:c7:41:f4:93:6b:55:a8:94:78:ec:ef:0e:90:b3:
                    30:fd:1c:09:a9:b7:f9:d8:3b:c7:05:d6:6a:57:a6:
                    4d:a2:2e:65:f2:ce:0b:d5:3a:cf:5c:85:92:d7:58:
                    47:d1:e9:1c:66:30:21:9e:28:bb:d2:93:bd:2e:fa:
                    eb:74:c8:a1:fe:41:e0:07:1c:62:d9:c7:eb:c3:f0:
                    4c:59:8e:91:28:fc:ce:b5:df:26:01:7a:db:9d:c6:
                    04:8d:fd:e0:74:f3:51:03:4d:f0:a8:9d:e7:5f:bd:
                    02:69:bb:26:c5:14:ae:b6:65:d7:f1:4f:33:7c:61:
                    df:ff:fb:19:05:2f:a3:20:c1:2d:82:e5:ba:08:14:
                    73:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E4:85:2D:E9:8B:18:52:B9:B7:4F:DE:D7:4C:37:C2:C1:C1:DA:A4
            X509v3 Authority Key Identifier:
                keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/YeSFLemLGFK5t0_e10w3wsHB2qQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:36:97:e0:21:26:2b:7e:d8:09:12:30:1f:53:ea:9d:05:53:
         69:be:b4:86:51:d1:a5:b1:5a:e0:4c:9c:ff:10:69:7c:d5:a5:
         c6:ba:55:37:20:5a:aa:3d:7f:7a:4a:5b:56:da:a8:80:1d:9e:
         5f:0d:af:32:d1:0d:fc:33:cb:10:9c:c4:4e:27:a7:d6:38:45:
         df:a1:12:7c:16:a3:01:02:65:9e:ea:bc:03:65:d8:39:d0:92:
         41:48:af:4a:c8:5f:59:d0:bb:81:3f:d2:2c:e6:d3:ee:11:79:
         c3:cd:a2:62:ad:dc:e9:c0:0b:a5:ed:64:b3:72:42:da:f2:87:
         e7:96:9b:05:5e:c3:ae:3a:55:8e:59:be:13:7c:3f:95:0d:d1:
         c7:6c:39:01:51:48:67:b2:30:69:a2:e6:1e:3e:39:f4:f7:d4:
         ce:de:c3:f4:d3:56:ba:0c:73:e4:ab:c3:33:93:af:02:5f:2a:
         24:18:67:a4:f1:77:d2:51:b2:04:68:67:95:f0:86:ca:9d:f3:
         d3:c2:bb:52:16:d5:09:a3:5e:e8:45:09:d1:e5:99:bf:39:d6:
         e2:14:20:82:1e:fd:e8:e5:c3:5c:72:86:be:68:35:fd:02:bd:
         cc:e0:d8:fb:50:c7:fd:65:a7:48:4c:b4:bc:98:8a:0e:c3:d8:
         29:20:7f:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdG7rHz8v0e37YIrKtaXnz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjMwNDAzMTE0NDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU0ODUyZGU5OGIxODUyYjliNzRmZGVkNzRjMzdjMmMxYzFkYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQXruc+h1C2H1tKVrkha/Z69qc6J
0yrMqgu57nhcuVsAn6f8DFMNzyIWBnH3zl543mACoiB2R1LDhtTIiE3hwyUZzRaK
15yoi4r2nyKEBQP1p/coD6Z7NGS6FKmviuh9LvNg+phLHpJmefGo1wsW4u2HjNul
rDTBx0H0k2tVqJR47O8OkLMw/RwJqbf52DvHBdZqV6ZNoi5l8s4L1TrPXIWS11hH
0ekcZjAhnii70pO9LvrrdMih/kHgBxxi2cfrw/BMWY6RKPzOtd8mAXrbncYEjf3g
dPNRA03wqJ3nX70CabsmxRSutmXX8U8zfGHf//sZBS+jIMEtguW6CBRzLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHkhS3pixhSubdP3tdMN8LBwdqkMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvWWVTRkxlbUxHRks1dDBfZTEwdzN3c0hCMnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSBLMA0G
CSqGSIb3DQEBCwUAA4IBAQBmNpfgISYrftgJEjAfU+qdBVNpvrSGUdGlsVrgTJz/
EGl81aXGulU3IFqqPX96SltW2qiAHZ5fDa8y0Q38M8sQnMROJ6fWOEXfoRJ8FqMB
AmWe6rwDZdg50JJBSK9KyF9Z0LuBP9Is5tPuEXnDzaJirdzpwAul7WSzckLa8ofn
lpsFXsOuOlWOWb4TfD+VDdHHbDkBUUhnsjBpouYePjn099TO3sP001a6DHPkq8Mz
k68CXyokGGek8XfSUbIEaGeV8IbKnfPTwrtSFtUJo17oRQnR5Zm/OdbiFCCCHv3o
5cNccoa+aDX9Ar3M4Nj7UMf9ZadITLS8mIoOw9gpIH8d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:02 2024 by rpki-client on console-ams.rpki-client.org