Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/dKiKJrykRggdmstd3pclHw9Cb0w.roa
File:                     dKiKJrykRggdmstd3pclHw9Cb0w.roa (raw, json)
Hash identifier:          Ya7JMYHvBW/tRaaWuJdr0Ubk3G/DewhGJlFbcxpv1pc=
Subject key identifier:   74:A8:8A:26:BC:A4:46:08:1D:9A:CB:5D:DE:97:25:1F:0F:42:6F:4C
Certificate issuer:       /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial:       018B6FFE905E1AA710BBDC7F6D20A9193F52
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/dKiKJrykRggdmstd3pclHw9Cb0w.roa
Signing time:             Fri 27 Oct 2023 07:17:15 +0000
ROA not before:           Fri 27 Oct 2023 07:17:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205220
IP address blocks:        46.32.184.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6f:fe:90:5e:1a:a7:10:bb:dc:7f:6d:20:a9:19:3f:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
        Validity
            Not Before: Oct 27 07:17:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=74a88a26bca446081d9acb5dde97251f0f426f4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e9:f1:c9:07:f3:92:13:7c:aa:b3:30:21:de:
                    f0:aa:59:fc:3b:84:9c:8f:52:1b:0e:e3:d5:43:71:
                    9e:9d:85:46:39:f9:4f:b8:91:11:d6:b0:a3:86:f9:
                    f4:e8:ca:69:5c:d0:d1:6e:11:ab:3e:3d:5e:6d:18:
                    22:ea:7b:aa:1f:c8:11:a0:93:60:ed:84:42:88:68:
                    e1:b5:92:4a:7b:86:68:84:66:a0:65:50:4f:4b:6d:
                    82:00:70:f9:ae:dd:7c:c4:87:fb:f7:bb:9c:a7:88:
                    27:41:40:79:68:9f:59:00:a4:d3:ed:58:7a:dc:15:
                    37:f2:56:3e:e2:db:c7:81:c2:2e:62:fc:c3:30:90:
                    24:65:1f:f0:94:59:69:65:cf:99:11:ea:0d:1c:22:
                    b8:b4:a5:4b:80:f0:3e:2f:20:bd:d6:2a:8d:9f:83:
                    c9:c2:02:e1:a6:81:b2:83:ae:7a:19:70:82:f9:52:
                    e9:9d:50:08:da:67:f4:f4:3d:db:3b:ad:f6:9e:f6:
                    96:43:78:4f:c7:5d:e5:06:4d:87:c6:a4:a5:49:e2:
                    8c:76:2e:b9:45:a9:85:b8:5d:b1:d8:b5:3d:3d:e3:
                    5e:bb:13:04:6b:ca:34:0c:95:88:da:0d:38:e3:b2:
                    f0:50:6e:9e:f6:0d:00:77:1d:25:50:73:5b:48:cc:
                    27:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A8:8A:26:BC:A4:46:08:1D:9A:CB:5D:DE:97:25:1F:0F:42:6F:4C
            X509v3 Authority Key Identifier:
                keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/dKiKJrykRggdmstd3pclHw9Cb0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.32.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:6a:a3:02:89:6c:88:70:81:32:43:f1:56:96:75:e6:e6:a5:
         dd:99:c0:c6:c0:14:b1:88:8b:4d:f2:7e:88:af:25:db:c7:b1:
         89:a3:a7:5b:15:46:ea:92:13:38:79:7a:2b:ee:fc:36:a5:b7:
         18:a3:59:a3:e7:f6:12:73:13:0c:09:ec:89:b5:23:68:af:9e:
         de:9b:99:b4:06:ae:32:51:ab:55:b1:11:cb:37:b4:26:b0:65:
         18:08:38:70:59:49:76:18:d0:10:a2:89:87:7d:6b:ea:d2:ad:
         a0:ae:66:00:97:f0:d2:8c:41:1f:72:da:2e:96:52:9e:4c:6c:
         87:a2:69:81:aa:0e:be:0b:92:6f:2a:06:cd:49:59:7f:7f:bf:
         0c:f2:6c:af:37:1f:38:26:7e:3c:9b:33:59:53:96:11:97:c9:
         9c:30:f4:09:2f:a9:0a:1b:71:96:fb:f6:e6:38:ca:52:7e:fe:
         35:3a:e5:25:1c:3a:8e:e1:01:9a:25:3d:7b:b4:d0:d1:7d:e6:
         50:8d:30:b8:db:2d:4e:bd:17:c9:bc:a2:5c:8a:6b:a3:d0:87:
         be:f7:40:7b:d0:e4:85:1e:db:70:30:9d:94:2b:30:7a:20:e9:
         b2:9c:eb:1e:e6:c2:83:dc:d6:25:48:1e:a3:08:55:8f:90:c3:
         a3:6c:c6:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtv/pBeGqcQu9x/bSCpGT9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjMxMDI3MDcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGE4OGEyNmJjYTQ0NjA4MWQ5YWNiNWRkZTk3MjUxZjBmNDI2ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOnxyQfzkhN8qrMwId7wqln8O4Sc
j1IbDuPVQ3GenYVGOflPuJER1rCjhvn06MppXNDRbhGrPj1ebRgi6nuqH8gRoJNg
7YRCiGjhtZJKe4ZohGagZVBPS22CAHD5rt18xIf797ucp4gnQUB5aJ9ZAKTT7Vh6
3BU38lY+4tvHgcIuYvzDMJAkZR/wlFlpZc+ZEeoNHCK4tKVLgPA+LyC91iqNn4PJ
wgLhpoGyg656GXCC+VLpnVAI2mf09D3bO632nvaWQ3hPx13lBk2HxqSlSeKMdi65
RamFuF2x2LU9PeNeuxMEa8o0DJWI2g0447LwUG6e9g0Adx0lUHNbSMwnRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSoiia8pEYIHZrLXd6XJR8PQm9MMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvZEtpS0pyeWtSZ2dkbXN0ZDNwY2xIdzlDYjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLiC4MA0G
CSqGSIb3DQEBCwUAA4IBAQADaqMCiWyIcIEyQ/FWlnXm5qXdmcDGwBSxiItN8n6I
ryXbx7GJo6dbFUbqkhM4eXor7vw2pbcYo1mj5/YScxMMCeyJtSNor57em5m0Bq4y
UatVsRHLN7QmsGUYCDhwWUl2GNAQoomHfWvq0q2grmYAl/DSjEEfctoullKeTGyH
ommBqg6+C5JvKgbNSVl/f78M8myvNx84Jn48mzNZU5YRl8mcMPQJL6kKG3GW+/bm
OMpSfv41OuUlHDqO4QGaJT17tNDRfeZQjTC42y1OvRfJvKJcimuj0Ie+90B70OSF
HttwMJ2UKzB6IOmynOse5sKD3NYlSB6jCFWPkMOjbMYy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:22 2024 by rpki-client on console-ams.rpki-client.org