Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0wRvh_yByX18K2pnpnW9D4fs9U0.roa
File:                     0wRvh_yByX18K2pnpnW9D4fs9U0.roa (raw, json)
Hash identifier:          49um0NIkvThYYriIed9SH7mFQoyl4bydNOg9SiNAyas=
Subject key identifier:   D3:04:6F:87:FC:81:C9:7D:7C:2B:6A:67:A6:75:BD:0F:87:EC:F5:4D
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01856D0AE864A45DF30181DA89BD0A8B2B85
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0wRvh_yByX18K2pnpnW9D4fs9U0.roa
Signing time:             Sun 01 Jan 2023 11:15:09 +0000
ROA not before:           Sun 01 Jan 2023 11:15:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212953
IP address blocks:        46.37.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 15:54:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:e8:64:a4:5d:f3:01:81:da:89:bd:0a:8b:2b:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 11:15:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3046f87fc81c97d7c2b6a67a675bd0f87ecf54d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:bf:76:5e:fd:e9:02:55:40:55:bd:24:59:27:
                    47:be:57:f5:08:28:77:dc:29:36:81:76:9b:20:bd:
                    bd:de:8e:f3:a8:16:6f:d6:e3:ba:bd:2f:d5:e2:d0:
                    d7:70:5b:12:d0:e0:11:cf:21:30:28:d9:6b:e2:ac:
                    79:2c:a3:e0:9f:77:c2:89:ca:51:44:03:0d:11:cb:
                    bd:7d:21:37:29:e3:9b:2d:2d:4f:00:95:a5:5d:52:
                    1d:f8:f5:e1:7f:63:c0:94:39:82:b0:f9:ba:e4:96:
                    ba:69:22:89:eb:39:7a:a2:41:f7:e4:da:40:55:97:
                    41:b0:12:c2:42:75:64:70:07:73:49:11:cc:eb:86:
                    1e:21:57:d6:e5:13:1a:74:27:42:52:9d:68:b4:8d:
                    c5:14:93:41:50:1f:e3:0c:dd:47:21:62:5f:7b:53:
                    40:c6:5e:bf:a4:49:65:86:20:c2:88:65:cf:3a:cd:
                    c2:d2:6c:75:c5:34:5c:26:f8:b1:ea:cb:6e:94:de:
                    62:c8:c6:67:09:71:7b:6a:e0:c4:27:60:ab:e0:53:
                    4b:3a:9e:4c:28:8f:f0:c6:3a:4e:a7:84:20:a0:ab:
                    77:eb:d4:c6:7c:1e:fa:f2:58:d8:f0:7d:a0:1c:db:
                    55:90:22:45:ed:83:e9:1a:10:5a:da:00:bb:bb:b2:
                    26:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:04:6F:87:FC:81:C9:7D:7C:2B:6A:67:A6:75:BD:0F:87:EC:F5:4D
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0wRvh_yByX18K2pnpnW9D4fs9U0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:ba:24:44:0c:97:35:c1:05:ad:2c:0f:41:6a:ca:70:84:92:
         bb:83:9b:1a:4a:31:39:be:f8:0d:96:97:40:c9:19:da:8a:a9:
         f1:ba:a3:c7:fb:e2:96:f1:3a:14:db:86:5c:61:d7:1c:6b:a3:
         d7:05:23:0c:91:8d:c5:03:e4:80:da:3b:cb:59:05:0d:be:bd:
         4a:f9:fe:f9:90:e9:11:4d:34:74:67:08:8b:0b:6e:d6:8e:0c:
         f1:65:82:36:13:d4:58:0e:78:e5:8c:f6:6a:6f:17:d1:86:45:
         c0:52:65:03:30:be:ac:b6:68:eb:95:bf:6e:bc:ee:ab:8b:6e:
         bb:bc:e9:5b:78:f9:d5:7c:20:d9:71:02:09:bc:7e:4b:e5:5f:
         41:b8:01:33:8f:a7:c4:04:11:be:a6:ae:0a:df:69:67:2a:9c:
         9a:b6:4b:ee:aa:65:e1:74:92:47:35:ab:cc:94:21:31:43:ce:
         ed:dc:c8:fa:a9:dd:f6:6f:6a:84:70:b1:44:da:8c:59:86:4c:
         ee:5c:a3:5f:71:44:63:9c:26:96:f5:7d:dd:04:1b:11:ff:62:
         4c:5e:44:83:b4:a6:64:b4:78:40:da:31:92:72:17:4a:b3:1f:
         3e:7d:31:02:d4:58:c7:41:18:0d:3c:7b:f6:d9:1d:74:3a:04:
         0e:38:1f:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuhkpF3zAYHaib0KiyuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwMTAxMTExNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzA0NmY4N2ZjODFjOTdkN2MyYjZhNjdhNjc1YmQwZjg3ZWNmNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+L92Xv3pAlVAVb0kWSdHvlf1CCh3
3Ck2gXabIL293o7zqBZv1uO6vS/V4tDXcFsS0OARzyEwKNlr4qx5LKPgn3fCicpR
RAMNEcu9fSE3KeObLS1PAJWlXVId+PXhf2PAlDmCsPm65Ja6aSKJ6zl6okH35NpA
VZdBsBLCQnVkcAdzSRHM64YeIVfW5RMadCdCUp1otI3FFJNBUB/jDN1HIWJfe1NA
xl6/pEllhiDCiGXPOs3C0mx1xTRcJvix6stulN5iyMZnCXF7auDEJ2Cr4FNLOp5M
KI/wxjpOp4QgoKt369TGfB768ljY8H2gHNtVkCJF7YPpGhBa2gC7u7ImPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMEb4f8gcl9fCtqZ6Z1vQ+H7PVNMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMHdSdmhfeUJ5WDE4SzJwbnBuVzlENGZzOVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVtMA0G
CSqGSIb3DQEBCwUAA4IBAQAFuiREDJc1wQWtLA9BaspwhJK7g5saSjE5vvgNlpdA
yRnaiqnxuqPH++KW8ToU24ZcYdcca6PXBSMMkY3FA+SA2jvLWQUNvr1K+f75kOkR
TTR0ZwiLC27WjgzxZYI2E9RYDnjljPZqbxfRhkXAUmUDML6stmjrlb9uvO6ri267
vOlbePnVfCDZcQIJvH5L5V9BuAEzj6fEBBG+pq4K32lnKpyatkvuqmXhdJJHNavM
lCExQ87t3Mj6qd32b2qEcLFE2oxZhkzuXKNfcURjnCaW9X3dBBsR/2JMXkSDtKZk
tHhA2jGSchdKsx8+fTEC1FjHQRgNPHv22R10OgQOOB/z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org