Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0vO5j0hdep3uHCBamAZQ3xMUiY0.roa
File:                     0vO5j0hdep3uHCBamAZQ3xMUiY0.roa (raw, json)
Hash identifier:          lBNCQrPaikkLJhwlXXT2iyVA/9smbQZOZOvZZ8FPzHg=
Subject key identifier:   D2:F3:B9:8F:48:5D:7A:9D:EE:1C:20:5A:98:06:50:DF:13:14:89:8D
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01897AB36EB8FD438E588A21FEA241C247B6
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0vO5j0hdep3uHCBamAZQ3xMUiY0.roa
Signing time:             Fri 21 Jul 2023 23:05:26 +0000
ROA not before:           Fri 21 Jul 2023 23:05:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.113.0/24 maxlen: 24
                          46.37.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 23 Jul 2023 11:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:7a:b3:6e:b8:fd:43:8e:58:8a:21:fe:a2:41:c2:47:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jul 21 23:05:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d2f3b98f485d7a9dee1c205a980650df1314898d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:10:b4:01:07:97:0f:18:b2:93:6d:11:4b:d1:
                    2a:cd:ec:ae:74:f0:39:34:ff:ea:13:88:7c:6f:5a:
                    76:6c:b7:d0:df:96:88:cc:8d:fb:48:21:e3:b7:fc:
                    18:c3:d2:0e:a1:e9:59:09:8e:76:e8:ef:6c:2e:22:
                    09:4f:c5:29:de:6d:9d:69:e5:95:3d:75:a3:d8:a8:
                    57:f2:9f:ed:11:62:c5:28:4a:00:68:26:77:d9:c7:
                    ad:4f:18:2e:6e:f9:a1:0c:e1:f7:45:15:5f:f7:c2:
                    75:97:52:c2:85:40:8c:f0:83:74:7e:94:bf:b0:98:
                    29:39:ac:16:75:5e:d6:11:1e:a9:46:a6:05:79:3e:
                    51:30:e6:6a:7b:0b:62:50:2e:88:6e:1b:3b:53:a5:
                    62:e6:fa:1e:55:d4:d2:61:bd:d2:dd:68:6c:13:3e:
                    8e:f0:e8:b2:15:eb:84:92:d8:d5:07:35:f5:05:f1:
                    79:1a:b9:a0:30:75:e9:1d:a4:01:5b:9d:53:03:59:
                    cc:43:b5:5a:5c:f7:a3:34:86:14:2d:5b:65:f0:6a:
                    de:46:a9:54:92:f9:0f:95:3d:9b:17:ad:11:ea:ed:
                    95:e2:aa:dc:64:22:b8:3f:1a:67:09:6c:a9:3c:46:
                    0c:24:52:98:bf:c3:2d:4a:6f:a3:03:60:fd:59:63:
                    b7:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:F3:B9:8F:48:5D:7A:9D:EE:1C:20:5A:98:06:50:DF:13:14:89:8D
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0vO5j0hdep3uHCBamAZQ3xMUiY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.113.0-46.37.114.255

    Signature Algorithm: sha256WithRSAEncryption
         1d:d4:a7:b6:ae:d6:df:70:cb:98:a2:0c:5d:84:ce:20:5d:b4:
         37:72:6c:33:77:4f:12:cf:1a:de:3b:40:90:af:2d:7c:a2:73:
         cb:c3:9a:b1:21:78:c8:39:35:37:35:2b:cf:4e:34:53:91:ed:
         bc:aa:76:d8:e0:72:89:e8:bb:93:5f:b7:42:1c:fc:9e:20:92:
         21:f8:9a:7f:a6:d3:15:58:44:50:fd:83:68:1d:e7:22:c0:76:
         08:e8:94:d7:7d:35:52:1a:4c:33:48:fa:f4:ec:be:f8:0b:b5:
         06:34:e6:93:38:d1:01:2e:74:cb:26:f1:9f:86:30:89:fc:55:
         9c:7a:30:8a:17:41:41:c7:de:85:e2:e0:b4:6e:7f:e3:8e:1b:
         97:02:cf:49:9c:3d:75:81:6b:44:15:8f:4e:63:66:34:a9:f5:
         ad:d0:a2:f2:8e:a2:ac:4c:ff:e7:2c:51:a7:53:c4:d6:eb:52:
         41:86:f2:54:18:1a:18:27:1a:19:bd:9f:97:c5:08:e9:6e:c8:
         a9:28:a0:57:98:25:d1:4a:31:95:9b:05:82:68:73:89:9f:26:
         a1:bb:c2:ee:84:ee:c1:ac:d1:72:e4:c1:08:f7:b6:53:9e:8a:
         ab:6f:38:0c:3a:18:85:b0:63:4b:be:5b:2e:62:dc:86:fd:76:
         f1:3c:e8:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYl6s264/UOOWIoh/qJBwke2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNzIxMjMwNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYzYjk4ZjQ4NWQ3YTlkZWUxYzIwNWE5ODA2NTBkZjEzMTQ4OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBC0AQeXDxiyk20RS9EqzeyudPA5
NP/qE4h8b1p2bLfQ35aIzI37SCHjt/wYw9IOoelZCY526O9sLiIJT8Up3m2daeWV
PXWj2KhX8p/tEWLFKEoAaCZ32cetTxgubvmhDOH3RRVf98J1l1LChUCM8IN0fpS/
sJgpOawWdV7WER6pRqYFeT5RMOZqewtiUC6Ibhs7U6Vi5voeVdTSYb3S3WhsEz6O
8OiyFeuEktjVBzX1BfF5GrmgMHXpHaQBW51TA1nMQ7VaXPejNIYULVtl8GreRqlU
kvkPlT2bF60R6u2V4qrcZCK4PxpnCWypPEYMJFKYv8MtSm+jA2D9WWO3nQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNLzuY9IXXqd7hwgWpgGUN8TFImNMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMHZPNWowaGRlcDN1SENCYW1BWlEzeE1VaVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALiViMAwD
BAAuJXEDBAAuJXIwDQYJKoZIhvcNAQELBQADggEBAB3Up7au1t9wy5iiDF2EziBd
tDdybDN3TxLPGt47QJCvLXyic8vDmrEheMg5NTc1K89ONFOR7byqdtjgconou5Nf
t0Ic/J4gkiH4mn+m0xVYRFD9g2gd5yLAdgjolNd9NVIaTDNI+vTsvvgLtQY05pM4
0QEudMsm8Z+GMIn8VZx6MIoXQUHH3oXi4LRuf+OOG5cCz0mcPXWBa0QVj05jZjSp
9a3QovKOoqxM/+csUadTxNbrUkGG8lQYGhgnGhm9n5fFCOluyKkooFeYJdFKMZWb
BYJoc4mfJqG7wu6E7sGs0XLkwQj3tlOeiqtvOAw6GIWwY0u+Wy5i3Ib9dvE86BI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org