Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/UCtqYgtCcF9ZKvy-TUdJiWZ4gCg.roa
File:                     UCtqYgtCcF9ZKvy-TUdJiWZ4gCg.roa (raw, json)
Hash identifier:          DPuH08QfgvyUzN0yVWjzHkFBpnFBV3S7dBxPBhdyjKc=
Subject key identifier:   50:2B:6A:62:0B:42:70:5F:59:2A:FC:BE:4D:47:49:89:66:78:80:28
Certificate issuer:       /CN=c7e8d959f1c9564a33f28fe44ab614b8f62b001b
Certificate serial:       0185719E97DE22AA66AEDC8D0B6243DB9D97
Authority key identifier: C7:E8:D9:59:F1:C9:56:4A:33:F2:8F:E4:4A:B6:14:B8:F6:2B:00:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x-jZWfHJVkoz8o_kSrYUuPYrABs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/UCtqYgtCcF9ZKvy-TUdJiWZ4gCg.roa
Signing time:             Mon 02 Jan 2023 08:34:56 +0000
ROA not before:           Mon 02 Jan 2023 08:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198594
IP address blocks:        37.60.24.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:9e:97:de:22:aa:66:ae:dc:8d:0b:62:43:db:9d:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7e8d959f1c9564a33f28fe44ab614b8f62b001b
        Validity
            Not Before: Jan  2 08:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=502b6a620b42705f592afcbe4d47498966788028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b2:a2:29:55:f8:65:aa:94:a2:46:70:48:66:
                    1e:01:a7:71:ba:b7:ed:56:19:a5:9c:ab:37:69:80:
                    30:32:62:b6:7c:2a:06:51:ba:1f:06:69:4e:66:99:
                    9c:8d:8a:29:eb:84:4f:56:da:6a:81:dc:6e:3f:79:
                    52:f7:04:0d:b0:25:ce:33:be:b2:f4:28:0b:90:19:
                    2a:d2:60:fb:2c:b3:1b:8a:5c:c7:9b:87:2d:a9:cf:
                    10:c5:95:df:cb:ab:98:0e:12:81:aa:62:f5:c4:84:
                    99:e1:76:e5:7c:e7:a1:20:4f:22:41:6f:1f:c1:e0:
                    f5:94:25:cd:bb:7e:30:03:a5:7e:0d:ac:c3:dc:25:
                    a2:52:6a:e3:49:57:06:04:75:00:fb:87:b6:e6:77:
                    62:77:3a:f3:25:57:b7:57:3c:e1:76:3b:de:c8:6e:
                    b8:12:9d:c1:ff:9a:be:9e:b7:8b:b7:b9:6e:c2:09:
                    79:2c:a6:e9:c5:d9:e8:18:d9:c5:7a:07:18:77:d3:
                    f2:11:13:8e:86:b4:00:8c:48:10:b5:71:d3:ab:45:
                    45:f6:71:a4:a4:77:c8:ea:20:dc:d7:0c:41:4d:b7:
                    1e:02:af:73:93:30:cb:00:c5:f6:02:10:e7:de:f6:
                    94:2f:d2:7f:db:fc:c6:7b:73:4f:a7:89:f6:5e:15:
                    08:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:2B:6A:62:0B:42:70:5F:59:2A:FC:BE:4D:47:49:89:66:78:80:28
            X509v3 Authority Key Identifier:
                keyid:C7:E8:D9:59:F1:C9:56:4A:33:F2:8F:E4:4A:B6:14:B8:F6:2B:00:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-jZWfHJVkoz8o_kSrYUuPYrABs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/UCtqYgtCcF9ZKvy-TUdJiWZ4gCg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/x-jZWfHJVkoz8o_kSrYUuPYrABs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.60.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         87:4c:20:78:96:da:ee:b5:a9:65:4d:0c:2a:a4:bf:2e:a8:62:
         dd:bb:04:13:8f:6f:b8:72:3d:7f:02:59:4d:51:ba:9c:40:0b:
         ff:33:a8:f9:27:48:72:ae:c2:e1:f1:81:fa:53:0e:cc:67:8e:
         fb:09:4b:f5:69:9e:9b:9b:92:1c:13:4c:b3:59:5d:74:75:e2:
         10:fd:da:4e:61:50:66:03:5a:64:90:4b:60:e4:06:23:81:4c:
         e8:0d:00:98:a2:da:37:04:fd:57:7b:aa:50:c1:84:7e:b8:65:
         e2:6e:3d:10:1a:7f:48:15:de:d1:13:55:34:8b:17:e1:ca:4f:
         e1:f9:df:d6:03:a0:f2:79:59:9a:bf:7b:96:14:50:a5:c0:56:
         5b:0c:90:7d:0a:09:3a:0d:1f:02:c5:94:71:52:d0:91:04:fd:
         87:10:bb:f7:f5:25:cf:3f:b3:1e:bf:73:e9:fb:a3:7a:9c:3d:
         db:28:ee:12:bc:d2:43:90:3f:96:7b:af:93:e0:92:cc:7e:68:
         54:bf:fa:ee:b7:cb:0a:4c:7f:27:e6:1e:17:64:6a:d3:5b:cc:
         eb:35:ee:5e:1b:25:9b:35:b5:66:b1:96:49:1f:49:a9:bc:87:
         4e:95:22:ea:d1:0a:e2:68:41:0c:4a:00:5d:15:3d:2e:51:b6:
         4a:a1:01:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnpfeIqpmrtyNC2JD252XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZThkOTU5ZjFjOTU2NGEzM2YyOGZlNDRhYjYxNGI4ZjYy
YjAwMWIwHhcNMjMwMTAyMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDJiNmE2MjBiNDI3MDVmNTkyYWZjYmU0ZDQ3NDk4OTY2Nzg4MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrKiKVX4ZaqUokZwSGYeAadxurft
VhmlnKs3aYAwMmK2fCoGUbofBmlOZpmcjYop64RPVtpqgdxuP3lS9wQNsCXOM76y
9CgLkBkq0mD7LLMbilzHm4ctqc8QxZXfy6uYDhKBqmL1xISZ4XblfOehIE8iQW8f
weD1lCXNu34wA6V+DazD3CWiUmrjSVcGBHUA+4e25ndidzrzJVe3VzzhdjveyG64
Ep3B/5q+nreLt7luwgl5LKbpxdnoGNnFegcYd9PyEROOhrQAjEgQtXHTq0VF9nGk
pHfI6iDc1wxBTbceAq9zkzDLAMX2AhDn3vaUL9J/2/zGe3NPp4n2XhUITwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAramILQnBfWSr8vk1HSYlmeIAoMB8GA1UdIwQY
MBaAFMfo2VnxyVZKM/KP5Eq2FLj2KwAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1qWldmSEpWa296OG9fa1NyWVV1UFlyQUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNGUzMjctNzY1OC00NjNjLTg5OTAt
YjFjOWI3ODlhYWE5LzEvVUN0cVlndENjRjlaS3Z5LVRVZEppV1o0Z0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNGUzMjctNzY1OC00NjNjLTg5OTAtYjFjOWI3ODlhYWE5
LzEveC1qWldmSEpWa296OG9fa1NyWVV1UFlyQUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTwYMA0G
CSqGSIb3DQEBCwUAA4IBAQCHTCB4ltrutallTQwqpL8uqGLduwQTj2+4cj1/AllN
UbqcQAv/M6j5J0hyrsLh8YH6Uw7MZ477CUv1aZ6bm5IcE0yzWV10deIQ/dpOYVBm
A1pkkEtg5AYjgUzoDQCYoto3BP1Xe6pQwYR+uGXibj0QGn9IFd7RE1U0ixfhyk/h
+d/WA6DyeVmav3uWFFClwFZbDJB9Cgk6DR8CxZRxUtCRBP2HELv39SXPP7Mev3Pp
+6N6nD3bKO4SvNJDkD+We6+T4JLMfmhUv/rut8sKTH8n5h4XZGrTW8zrNe5eGyWb
NbVmsZZJH0mpvIdOlSLq0QriaEEMSgBdFT0uUbZKoQFh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:37 2024 by rpki-client on console-fra.rpki-client.org