Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/33OyoqnwvjHmASUthGqwdeGe2Z8.roa
File:                     33OyoqnwvjHmASUthGqwdeGe2Z8.roa (raw, json)
Hash identifier:          AVP6LkHFTQD1K7QnFSsswPvq/KD2/me4MgBW5LDZmMM=
Subject key identifier:   DF:73:B2:A2:A9:F0:BE:31:E6:01:25:2D:84:6A:B0:75:E1:9E:D9:9F
Certificate issuer:       /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial:       01856F94B691E931EDD7C6F72B184945B8FF
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/33OyoqnwvjHmASUthGqwdeGe2Z8.roa
Signing time:             Sun 01 Jan 2023 23:04:54 +0000
ROA not before:           Sun 01 Jan 2023 23:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29049
IP address blocks:        46.32.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 14:16:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:b6:91:e9:31:ed:d7:c6:f7:2b:18:49:45:b8:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
        Validity
            Not Before: Jan  1 23:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df73b2a2a9f0be31e601252d846ab075e19ed99f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3a:dc:4a:64:9e:c0:d9:9a:5b:b7:5b:4e:f0:
                    f1:e6:85:b3:5c:71:83:0a:83:c5:d0:69:cb:e5:83:
                    a6:ea:e9:7d:cc:cf:4b:a6:ae:66:a8:f9:50:f0:3f:
                    74:10:fa:59:16:1b:95:9b:d4:8e:0c:23:36:2a:df:
                    7f:c0:44:51:b1:12:e0:ab:c4:3c:72:f1:55:72:2f:
                    1c:a9:2a:2d:d4:a9:89:14:17:77:64:e3:64:6b:5f:
                    2c:d0:a9:bf:02:9c:ac:39:2e:7e:fe:e0:cf:c2:2e:
                    a5:47:9b:29:ef:6f:69:f1:c4:d1:18:f6:47:94:12:
                    0a:79:84:69:25:27:40:a0:70:ac:cb:05:f6:3b:c8:
                    76:db:6a:0e:3b:9a:0b:86:80:5f:8a:1e:ce:27:fb:
                    f1:67:ec:da:78:6e:3e:47:25:70:11:cd:1e:b5:5f:
                    d8:b4:89:5d:97:2c:4f:f5:22:aa:5b:89:3b:ed:16:
                    de:05:e1:e8:92:d0:43:5d:07:54:58:57:b2:7c:be:
                    90:86:c9:94:9a:84:44:36:5a:a4:02:d7:d7:64:fc:
                    78:d4:08:08:bf:ad:31:75:61:ee:29:58:a8:5c:4d:
                    a3:11:42:19:79:dc:1d:ab:4f:36:88:b8:49:56:a8:
                    f2:3f:68:25:83:7d:ae:7f:fb:84:da:84:fe:8e:8c:
                    b1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:73:B2:A2:A9:F0:BE:31:E6:01:25:2D:84:6A:B0:75:E1:9E:D9:9F
            X509v3 Authority Key Identifier:
                keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/33OyoqnwvjHmASUthGqwdeGe2Z8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.32.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:da:af:e2:22:e2:a0:c1:4c:d3:54:d9:cc:08:fb:70:3d:53:
         6c:4e:0b:4e:03:3c:f7:50:75:79:42:d5:85:13:c7:82:9b:c3:
         14:7a:ba:7d:78:e5:df:a7:e5:65:b2:2a:3d:62:b8:64:69:da:
         79:ca:fd:c7:a2:a1:b1:77:25:d1:b2:5d:22:bd:32:7e:1a:07:
         17:4f:13:7c:7a:e7:6b:d5:4d:7d:48:36:48:39:ff:08:65:61:
         d7:f6:bf:f2:f7:ad:fe:d7:94:a7:7f:9b:53:9e:ad:7d:de:ac:
         13:3e:61:fe:e2:4e:b5:7c:eb:13:e9:77:6b:91:1c:eb:da:8b:
         5f:10:af:d1:83:5f:bb:79:1b:cf:67:9f:13:07:47:4e:c8:05:
         36:af:29:58:d4:3e:61:a0:d6:96:2a:4e:b4:c4:49:8e:a0:4a:
         d2:1b:aa:5e:b5:83:f1:d6:bb:65:e6:15:dd:8d:eb:38:77:d9:
         d2:03:71:18:63:8f:b1:df:14:88:34:65:a9:8c:d0:a7:94:4c:
         71:0b:9b:25:b2:11:45:0c:ba:0b:ad:cd:6c:bb:e7:53:21:16:
         f8:ac:e0:8a:0c:35:3e:8b:cb:dd:d7:30:8e:e6:8d:85:a4:0d:
         c2:0b:d7:84:9c:81:68:2d:33:ae:97:d9:d2:6c:ba:0d:71:11:
         74:c2:cf:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlLaR6THt18b3KxhJRbj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjMwMTAxMjMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjczYjJhMmE5ZjBiZTMxZTYwMTI1MmQ4NDZhYjA3NWUxOWVkOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDrcSmSewNmaW7dbTvDx5oWzXHGD
CoPF0GnL5YOm6ul9zM9Lpq5mqPlQ8D90EPpZFhuVm9SODCM2Kt9/wERRsRLgq8Q8
cvFVci8cqSot1KmJFBd3ZONka18s0Km/ApysOS5+/uDPwi6lR5sp729p8cTRGPZH
lBIKeYRpJSdAoHCsywX2O8h222oOO5oLhoBfih7OJ/vxZ+zaeG4+RyVwEc0etV/Y
tIldlyxP9SKqW4k77RbeBeHoktBDXQdUWFeyfL6QhsmUmoRENlqkAtfXZPx41AgI
v60xdWHuKVioXE2jEUIZedwdq082iLhJVqjyP2glg32uf/uE2oT+joyx0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9zsqKp8L4x5gElLYRqsHXhntmfMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvMzNPeW9xbnd2akhtQVNVdGhHcXdkZUdlMlo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiCvMA0G
CSqGSIb3DQEBCwUAA4IBAQB42q/iIuKgwUzTVNnMCPtwPVNsTgtOAzz3UHV5QtWF
E8eCm8MUerp9eOXfp+Vlsio9Yrhkadp5yv3HoqGxdyXRsl0ivTJ+GgcXTxN8eudr
1U19SDZIOf8IZWHX9r/y963+15Snf5tTnq193qwTPmH+4k61fOsT6XdrkRzr2otf
EK/Rg1+7eRvPZ58TB0dOyAU2rylY1D5hoNaWKk60xEmOoErSG6petYPx1rtl5hXd
jes4d9nSA3EYY4+x3xSINGWpjNCnlExxC5slshFFDLoLrc1su+dTIRb4rOCKDDU+
i8vd1zCO5o2FpA3CC9eEnIFoLTOul9nSbLoNcRF0ws8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:22 2024 by rpki-client on console-ams.rpki-client.org