Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa
File:                     mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa (raw, json)
Hash identifier:          1KO/kIGF/T2RhUWkoUWcpX8wTkQUMe4M5mFjwJwasVY=
Subject key identifier:   99:3E:06:2A:3E:2E:45:A7:8C:C0:60:43:15:EE:DA:ED:E7:77:A1:05
Certificate issuer:       /CN=29db7ca4eee1e453d26fab99c8201adf894612be
Certificate serial:       018572CCC1A7EDB7EF42176116F7E8B6F094
Authority key identifier: 29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa
Signing time:             Mon 02 Jan 2023 14:04:59 +0000
ROA not before:           Mon 02 Jan 2023 14:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207339
IP address blocks:        37.123.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:c1:a7:ed:b7:ef:42:17:61:16:f7:e8:b6:f0:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29db7ca4eee1e453d26fab99c8201adf894612be
        Validity
            Not Before: Jan  2 14:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=993e062a3e2e45a78cc0604315eedaede777a105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:24:51:69:7e:ca:5d:9a:85:d8:83:c6:55:c3:
                    c7:34:dc:88:0f:a8:dc:85:4f:0e:c8:ab:03:db:09:
                    df:4d:13:8b:80:73:12:9e:b9:b0:1d:5e:2d:03:8b:
                    ca:27:a7:d4:29:3e:ec:55:3a:fd:05:64:cb:2a:e0:
                    5a:23:93:0e:6c:70:0e:2e:8c:3b:e0:3c:c6:29:26:
                    ec:f4:bd:26:ca:59:d0:04:c8:9f:5b:51:5e:c4:c6:
                    a8:1e:fb:32:63:d0:96:d4:2e:c6:2a:17:a2:d2:3e:
                    7b:78:94:b8:b5:50:aa:c6:97:66:7a:d3:ef:da:30:
                    5f:4b:e2:69:c5:9c:86:c4:be:3c:8e:0f:ed:48:51:
                    50:9a:06:ed:75:88:a8:47:a6:1d:e5:e7:bc:14:d3:
                    06:1c:dc:8b:fd:13:f1:0f:e7:88:f0:57:c5:3f:92:
                    3c:22:6d:64:74:49:92:1f:fa:07:e9:fb:e1:b6:aa:
                    d0:c8:bd:af:ae:8b:d1:6c:10:ba:31:c7:59:78:22:
                    80:ff:d3:6c:32:8c:d3:e9:b0:6d:42:57:05:91:76:
                    6c:f7:9d:17:84:ad:16:20:fa:c9:26:8e:01:58:d2:
                    3c:f0:80:c4:7f:c0:9c:6e:5f:dd:9a:80:e7:37:d8:
                    ee:c6:3c:01:6a:4b:07:4f:45:2d:28:ab:eb:38:cf:
                    a5:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:3E:06:2A:3E:2E:45:A7:8C:C0:60:43:15:EE:DA:ED:E7:77:A1:05
            X509v3 Authority Key Identifier:
                keyid:29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/mT4GKj4uRaeMwGBDFe7a7ed3oQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/Kdt8pO7h5FPSb6uZyCAa34lGEr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.123.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:50:79:fe:20:2f:c6:c2:3c:8d:0d:15:7c:fc:08:1b:06:da:
         a3:dc:a0:08:97:12:38:57:34:5b:cb:62:ae:5e:f8:5d:4e:a1:
         95:7c:b9:8d:a0:5f:45:ff:14:9b:54:a7:94:84:8b:e6:c7:84:
         89:fd:b0:ea:c2:9e:cf:35:6c:89:c0:e8:c3:45:0a:4b:61:d4:
         0b:b6:37:ca:5f:9e:b7:fb:a4:22:fc:63:8a:ca:8d:f1:32:5c:
         64:92:7b:ef:e0:60:b9:b4:7e:cb:2e:4e:56:81:db:cb:7a:3a:
         50:76:17:c1:47:e2:64:50:ca:a8:a3:90:0a:28:ce:0a:f6:0a:
         c4:00:8b:41:d1:1b:cf:a7:12:4e:c7:8d:78:22:d7:44:ea:18:
         88:5d:3f:a8:dc:98:37:a8:a0:5f:b6:59:a0:b4:e1:94:3c:98:
         ea:55:96:ed:e5:cc:ed:53:6d:ae:36:e8:43:58:f3:03:bc:49:
         8b:fd:5b:a4:0f:cf:8d:27:77:30:dd:93:08:f8:a6:24:03:b0:
         4e:b7:d2:38:48:65:5c:b7:14:2e:0f:07:d2:b7:2f:ed:63:ca:
         41:e5:5a:e9:04:95:ef:84:5a:55:b7:41:76:4a:00:93:8f:96:
         68:e9:78:c6:01:c1:1c:3c:9d:a9:c8:1c:a1:ab:a4:61:ca:d4:
         8c:8b:10:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzMGn7bfvQhdhFvfotvCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZGI3Y2E0ZWVlMWU0NTNkMjZmYWI5OWM4MjAxYWRmODk0
NjEyYmUwHhcNMjMwMTAyMTQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNlMDYyYTNlMmU0NWE3OGNjMDYwNDMxNWVlZGFlZGU3NzdhMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRRaX7KXZqF2IPGVcPHNNyID6jc
hU8OyKsD2wnfTROLgHMSnrmwHV4tA4vKJ6fUKT7sVTr9BWTLKuBaI5MObHAOLow7
4DzGKSbs9L0mylnQBMifW1FexMaoHvsyY9CW1C7GKhei0j57eJS4tVCqxpdmetPv
2jBfS+JpxZyGxL48jg/tSFFQmgbtdYioR6Yd5ee8FNMGHNyL/RPxD+eI8FfFP5I8
Im1kdEmSH/oH6fvhtqrQyL2vrovRbBC6McdZeCKA/9NsMozT6bBtQlcFkXZs950X
hK0WIPrJJo4BWNI88IDEf8Ccbl/dmoDnN9juxjwBaksHT0UtKKvrOM+l3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJk+Bio+LkWnjMBgQxXu2u3nd6EFMB8GA1UdIwQY
MBaAFCnbfKTu4eRT0m+rmcggGt+JRhK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2Yt
ZDMzZmExNjA1YWUxLzEvbVQ0R0tqNHVSYWVNd0dCREZlN2E3ZWQzb1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2YtZDMzZmExNjA1YWUx
LzEvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJXv+MA0G
CSqGSIb3DQEBCwUAA4IBAQC7UHn+IC/GwjyNDRV8/AgbBtqj3KAIlxI4VzRby2Ku
XvhdTqGVfLmNoF9F/xSbVKeUhIvmx4SJ/bDqwp7PNWyJwOjDRQpLYdQLtjfKX563
+6Qi/GOKyo3xMlxkknvv4GC5tH7LLk5WgdvLejpQdhfBR+JkUMqoo5AKKM4K9grE
AItB0RvPpxJOx414ItdE6hiIXT+o3Jg3qKBftlmgtOGUPJjqVZbt5cztU22uNuhD
WPMDvEmL/VukD8+NJ3cw3ZMI+KYkA7BOt9I4SGVctxQuDwfSty/tY8pB5VrpBJXv
hFpVt0F2SgCTj5Zo6XjGAcEcPJ2pyByhq6RhytSMixCG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:46 2024 by rpki-client on console-ams.rpki-client.org