Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/trWLJ97NAmj8A6MY7SdHtss4DYg.roa
File:                     trWLJ97NAmj8A6MY7SdHtss4DYg.roa (raw, json)
Hash identifier:          YPeqfvcT0R5b8T3JRj25sgDa1RRRRES2kmOfGL3uYHk=
Subject key identifier:   B6:B5:8B:27:DE:CD:02:68:FC:03:A3:18:ED:27:47:B6:CB:38:0D:88
Certificate issuer:       /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial:       018C79114E5628B1A3D73472937864702228
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/trWLJ97NAmj8A6MY7SdHtss4DYg.roa
Signing time:             Sun 17 Dec 2023 18:37:06 +0000
ROA not before:           Sun 17 Dec 2023 18:37:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9087
IP address blocks:        37.143.4.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:79:11:4e:56:28:b1:a3:d7:34:72:93:78:64:70:22:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
        Validity
            Not Before: Dec 17 18:37:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6b58b27decd0268fc03a318ed2747b6cb380d88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:43:ff:ba:fe:8a:83:dd:1f:56:c1:19:2f:00:
                    26:b4:ba:a3:aa:0b:d3:81:d7:d2:51:02:94:bd:da:
                    f1:cf:78:23:92:c1:db:eb:4e:99:9b:ae:d6:22:71:
                    05:cd:68:56:dd:ba:26:f1:b5:0a:4c:4e:89:a7:90:
                    ef:44:36:da:7a:74:5f:1e:e5:61:93:21:55:1c:39:
                    44:ce:d7:c4:bb:1c:ab:5e:76:a3:b5:27:79:66:c6:
                    c3:5c:c3:69:17:47:56:1d:14:61:b1:0c:88:1b:e4:
                    08:19:2c:a9:24:69:ec:75:d4:a2:b9:0a:aa:1d:a7:
                    03:fd:3c:ce:bb:b1:11:3f:76:26:44:7c:cb:e6:60:
                    0a:64:29:a4:51:b6:64:b6:f4:b7:40:a0:07:9f:56:
                    41:1e:94:07:68:27:f9:99:bd:ce:b4:3e:37:2f:a7:
                    01:c4:ea:db:3f:5a:e9:89:c5:51:8f:d3:92:20:01:
                    3d:30:22:d0:68:13:b8:d7:5d:b8:e5:97:f6:cb:3a:
                    cf:d1:8a:58:19:a9:fb:58:67:f0:a0:20:b2:74:04:
                    7a:38:7f:b5:4c:ea:27:5a:51:cc:ca:f1:89:8f:14:
                    1f:e0:8d:81:ed:57:be:dc:1a:7a:b3:87:ad:4d:1b:
                    26:d0:20:aa:0c:38:54:cf:cc:e1:e6:95:06:f2:0c:
                    f4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B5:8B:27:DE:CD:02:68:FC:03:A3:18:ED:27:47:B6:CB:38:0D:88
            X509v3 Authority Key Identifier:
                keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/trWLJ97NAmj8A6MY7SdHtss4DYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.143.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c7:8c:ea:bb:d4:72:2d:61:06:65:4f:2f:2f:0d:3f:fe:73:25:
         52:3f:ac:c3:fa:c9:a4:d8:34:4b:b7:26:ad:39:28:c1:c3:68:
         b5:60:bf:81:5f:1b:ce:7a:2a:a5:7f:31:91:42:51:71:04:a1:
         f8:fa:04:fb:9d:32:44:19:dd:c2:1f:42:5c:f2:2c:f1:51:49:
         63:86:54:51:a1:17:08:3b:3d:69:8a:37:73:8d:8b:1d:73:46:
         92:94:bc:d8:9b:12:44:80:ef:6d:ea:fb:80:4f:93:54:8d:dd:
         58:ce:5b:6a:d8:49:30:95:c8:cf:ba:45:48:27:d0:b2:ae:18:
         05:b4:75:ae:47:6c:ed:25:15:78:12:0a:4a:eb:1a:6d:b2:f3:
         89:c6:ae:9b:22:97:87:1b:a4:06:6c:43:da:a4:75:51:46:14:
         e7:48:14:d9:40:30:c7:1c:09:96:d4:5a:e9:bd:70:32:89:c3:
         bc:32:78:a4:10:6b:cd:9e:6d:15:d8:e8:eb:ee:6e:f7:0d:20:
         f9:aa:13:81:98:56:23:e6:a3:75:bd:15:56:44:dd:e5:ff:ec:
         07:34:2b:7b:e4:1f:93:c1:e3:c4:34:0b:4d:d7:b3:ec:05:0c:
         f5:01:29:5f:e9:2c:25:90:cb:82:80:90:50:15:42:e1:51:eb:
         0a:e3:db:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx5EU5WKLGj1zRyk3hkcCIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjMxMjE3MTgzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI1OGIyN2RlY2QwMjY4ZmMwM2EzMThlZDI3NDdiNmNiMzgwZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEP/uv6Kg90fVsEZLwAmtLqjqgvT
gdfSUQKUvdrxz3gjksHb606Zm67WInEFzWhW3bom8bUKTE6Jp5DvRDbaenRfHuVh
kyFVHDlEztfEuxyrXnajtSd5ZsbDXMNpF0dWHRRhsQyIG+QIGSypJGnsddSiuQqq
HacD/TzOu7ERP3YmRHzL5mAKZCmkUbZktvS3QKAHn1ZBHpQHaCf5mb3OtD43L6cB
xOrbP1rpicVRj9OSIAE9MCLQaBO411245Zf2yzrP0YpYGan7WGfwoCCydAR6OH+1
TOonWlHMyvGJjxQf4I2B7Ve+3Bp6s4etTRsm0CCqDDhUz8zh5pUG8gz07QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLa1iyfezQJo/AOjGO0nR7bLOA2IMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvdHJXTEo5N05BbWo4QTZNWTdTZEh0c3M0RFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJY8EMA0G
CSqGSIb3DQEBCwUAA4IBAQDHjOq71HItYQZlTy8vDT/+cyVSP6zD+smk2DRLtyat
OSjBw2i1YL+BXxvOeiqlfzGRQlFxBKH4+gT7nTJEGd3CH0Jc8izxUUljhlRRoRcI
Oz1pijdzjYsdc0aSlLzYmxJEgO9t6vuAT5NUjd1Yzltq2EkwlcjPukVIJ9CyrhgF
tHWuR2ztJRV4EgpK6xptsvOJxq6bIpeHG6QGbEPapHVRRhTnSBTZQDDHHAmW1Frp
vXAyicO8MnikEGvNnm0V2Ojr7m73DSD5qhOBmFYj5qN1vRVWRN3l/+wHNCt75B+T
wePENAtN17PsBQz1ASlf6SwlkMuCgJBQFULhUesK49tQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:50 2024 by rpki-client on console-ams.rpki-client.org