Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/ksRqOFqlecJ_pTK_6HYGwiqjGok.roa
File:                     ksRqOFqlecJ_pTK_6HYGwiqjGok.roa (raw, json)
Hash identifier:          JHF6E4wPaJag6Nw91xF0hI2+UdjfcNmxHIObxUVJHUA=
Subject key identifier:   92:C4:6A:38:5A:A5:79:C2:7F:A5:32:BF:E8:76:06:C2:2A:A3:1A:89
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018CC4938B0339489F7525B7782F788D4BC4
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/ksRqOFqlecJ_pTK_6HYGwiqjGok.roa
Signing time:             Mon 01 Jan 2024 10:30:52 +0000
ROA not before:           Mon 01 Jan 2024 10:30:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     396356
IP address blocks:        104.232.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 00:36:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:8b:03:39:48:9f:75:25:b7:78:2f:78:8d:4b:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  1 10:30:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=92c46a385aa579c27fa532bfe87606c22aa31a89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:56:66:18:49:23:b0:bb:c3:85:23:27:05:3b:
                    d0:ad:55:44:80:92:e2:b0:73:c3:bf:fc:55:e3:4b:
                    99:fa:a2:0e:3d:71:b8:8e:24:4a:c6:67:35:7e:1a:
                    7e:7f:5d:85:ad:e3:7f:d4:e3:a7:8e:b9:06:ca:9a:
                    90:cc:8c:8a:01:31:5c:9e:27:ac:82:9d:6c:54:a6:
                    df:1c:2f:9b:bf:05:f7:b1:e7:4c:c7:98:08:24:63:
                    01:f8:c2:53:1e:a1:75:60:80:03:ea:b3:ab:e3:e3:
                    88:ab:fb:4f:8a:a3:17:b3:17:2c:07:32:04:dc:43:
                    92:23:6a:cc:2e:f0:89:1c:27:70:e0:d8:7b:ae:87:
                    9f:12:5e:4f:08:b4:52:7e:ba:88:36:0c:cd:a7:29:
                    80:7c:0c:5e:88:ae:6c:e3:26:85:0c:52:45:be:1a:
                    6e:6f:4b:72:70:d7:8e:75:81:57:09:f3:f3:f7:2f:
                    71:cf:94:9b:58:8a:c6:4e:e3:57:e9:27:9a:60:35:
                    9f:03:23:72:d3:da:3d:b3:90:8c:12:cf:43:26:86:
                    13:f7:c7:7d:98:f7:dc:3f:33:64:98:0a:b4:86:ba:
                    9d:6e:58:e7:39:f5:db:25:2a:81:78:27:32:f2:b5:
                    9f:f2:18:78:75:52:f1:ef:fd:d1:9d:31:e8:a1:87:
                    1c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:C4:6A:38:5A:A5:79:C2:7F:A5:32:BF:E8:76:06:C2:2A:A3:1A:89
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/ksRqOFqlecJ_pTK_6HYGwiqjGok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.232.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:a4:6e:17:56:b5:34:57:89:84:0e:14:92:be:ba:63:2e:91:
         d5:00:46:db:ca:07:de:ed:27:fb:db:eb:8c:96:0f:60:f2:cb:
         8b:99:3b:37:06:28:2f:a4:c5:1f:11:92:8d:ff:f9:e3:78:64:
         4c:1b:bf:53:e6:f3:da:48:95:b0:b6:9b:2d:70:5c:8b:33:a3:
         40:87:6c:77:2e:8f:86:30:98:72:b0:50:ca:fc:f8:50:2e:87:
         03:eb:4f:7b:0f:cc:19:cb:80:45:88:7a:04:46:ab:31:7e:43:
         54:b9:c0:a8:70:46:8b:89:53:6c:88:ed:44:d9:c6:9f:41:3c:
         fe:15:16:8a:ef:1e:a1:ec:a2:c6:49:99:cf:52:21:52:35:5a:
         fd:e9:24:88:20:81:31:dc:09:3d:a5:81:54:97:01:41:5c:f8:
         24:a7:a0:d1:da:d3:d6:2e:eb:54:3f:09:b1:97:5b:c5:38:58:
         8f:4a:72:28:22:1c:2f:f8:d3:58:91:98:9d:c0:41:0b:95:c1:
         54:64:a6:a5:6d:fe:13:07:3d:f5:b8:4b:46:54:64:7b:69:e5:
         0b:79:c8:87:59:99:71:ae:14:a7:41:fa:80:57:e9:d5:56:64:
         35:4e:7b:93:46:61:d0:66:21:00:c6:a9:8c:7a:55:ba:e2:06:
         f5:2a:48:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk4sDOUifdSW3eC94jUvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM0NmEzODVhYTU3OWMyN2ZhNTMyYmZlODc2MDZjMjJhYTMxYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01ZmGEkjsLvDhSMnBTvQrVVEgJLi
sHPDv/xV40uZ+qIOPXG4jiRKxmc1fhp+f12FreN/1OOnjrkGypqQzIyKATFcnies
gp1sVKbfHC+bvwX3sedMx5gIJGMB+MJTHqF1YIAD6rOr4+OIq/tPiqMXsxcsBzIE
3EOSI2rMLvCJHCdw4Nh7roefEl5PCLRSfrqINgzNpymAfAxeiK5s4yaFDFJFvhpu
b0tycNeOdYFXCfPz9y9xz5SbWIrGTuNX6SeaYDWfAyNy09o9s5CMEs9DJoYT98d9
mPfcPzNkmAq0hrqdbljnOfXbJSqBeCcy8rWf8hh4dVLx7/3RnTHooYcciQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLEajhapXnCf6Uyv+h2BsIqoxqJMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEva3NScU9GcWxlY0pfcFRLXzZIWUd3aXFqR29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaOglMA0G
CSqGSIb3DQEBCwUAA4IBAQBlpG4XVrU0V4mEDhSSvrpjLpHVAEbbygfe7Sf72+uM
lg9g8suLmTs3BigvpMUfEZKN//njeGRMG79T5vPaSJWwtpstcFyLM6NAh2x3Lo+G
MJhysFDK/PhQLocD6097D8wZy4BFiHoERqsxfkNUucCocEaLiVNsiO1E2cafQTz+
FRaK7x6h7KLGSZnPUiFSNVr96SSIIIEx3Ak9pYFUlwFBXPgkp6DR2tPWLutUPwmx
l1vFOFiPSnIoIhwv+NNYkZidwEELlcFUZKalbf4TBz31uEtGVGR7aeULeciHWZlx
rhSnQfqAV+nVVmQ1TnuTRmHQZiEAxqmMelW64gb1Kkip
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:17 2024 by rpki-client on console-ams.rpki-client.org