Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/6Y53nm-03LhgoXX0OcKXAnFtuC0.roa
File:                     6Y53nm-03LhgoXX0OcKXAnFtuC0.roa (raw, json)
Hash identifier:          D2av0+80bifj+bZrUDg6PgIjP2E3rBHYHYNCb8JT/Ts=
Subject key identifier:   E9:8E:77:9E:6F:B4:DC:B8:60:A1:75:F4:39:C2:97:02:71:6D:B8:2D
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018CC348BC21091B622C2AC3F9E61553364E
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/6Y53nm-03LhgoXX0OcKXAnFtuC0.roa
Signing time:             Mon 01 Jan 2024 04:29:32 +0000
ROA not before:           Mon 01 Jan 2024 04:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202358
IP address blocks:        46.37.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 07:18:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:bc:21:09:1b:62:2c:2a:c3:f9:e6:15:53:36:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 04:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e98e779e6fb4dcb860a175f439c29702716db82d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:cc:fb:0b:03:14:3c:3d:8e:a4:69:62:72:62:
                    bb:67:c7:ea:fc:a5:f5:03:62:0d:04:49:30:85:33:
                    2c:4a:4f:82:40:02:5e:61:5f:e6:d8:f0:06:68:93:
                    c8:a8:cb:d9:d2:95:61:ec:19:36:2c:b9:54:2d:85:
                    56:7a:6e:82:33:98:d5:a6:05:a1:d7:f9:ed:5d:3c:
                    2a:56:1f:c8:21:d3:98:34:d8:0e:db:ff:f5:44:fa:
                    12:55:40:60:3f:15:75:0c:f8:e2:a5:5c:31:61:1f:
                    0a:5e:17:16:fc:14:f8:a9:bc:33:6a:cd:23:b9:31:
                    d0:5a:10:76:88:7a:0f:6f:aa:1c:d6:3b:09:e0:68:
                    91:a5:70:0c:31:ba:c3:0b:5c:69:d3:23:e0:e8:7b:
                    db:88:e4:43:30:c1:ab:01:6e:5e:c8:6c:73:87:ca:
                    cc:a4:08:3a:9e:40:4f:1b:6f:a6:c1:0a:49:e2:98:
                    01:9b:4e:52:dc:9f:fb:b0:e2:a3:69:25:0c:22:18:
                    4f:6d:06:ee:6d:b8:bb:d1:e6:53:9b:8d:94:3d:06:
                    34:41:8b:20:bb:6c:cb:c5:e7:03:4a:07:ff:7a:7c:
                    ac:b8:4a:92:ff:95:7f:fc:42:40:25:b5:ee:10:6e:
                    cb:6c:33:96:84:e0:80:89:da:73:f2:8a:01:e5:ad:
                    86:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:8E:77:9E:6F:B4:DC:B8:60:A1:75:F4:39:C2:97:02:71:6D:B8:2D
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/6Y53nm-03LhgoXX0OcKXAnFtuC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:7f:95:f6:7b:bc:97:f9:cc:e7:6b:ef:b0:24:d8:19:35:28:
         67:bd:33:45:c3:12:d8:bc:31:c6:e4:bd:23:94:c0:55:c6:0a:
         db:00:bb:aa:3f:3d:42:1a:c4:bd:d9:51:38:b6:17:8f:8b:55:
         7b:4b:06:70:94:48:aa:fe:0d:7e:71:67:d3:e4:20:19:f6:cd:
         67:2f:0c:6b:44:dc:e7:7d:c6:eb:21:46:1f:32:35:f7:2c:0a:
         6e:67:90:45:17:22:89:0c:f3:66:a1:29:a6:7a:ec:e3:b8:ec:
         d3:1b:8f:50:ae:62:ca:ee:df:e9:c3:af:93:0c:de:f5:3f:d9:
         ed:a2:3e:6f:1a:ae:1e:fd:25:98:e2:dd:10:11:02:f9:22:d2:
         c3:46:44:12:71:5e:56:16:f5:94:dd:25:d7:2a:11:23:78:57:
         4d:94:88:40:a0:75:9e:7e:1d:1f:bd:e5:b3:19:2a:74:74:33:
         4c:a4:7e:16:d8:e9:f7:59:da:66:02:bf:c1:73:49:83:a6:ea:
         b3:59:74:bf:2c:0c:3f:43:3e:bc:a3:f1:f7:68:1b:f5:d4:f2:
         76:e2:07:28:8e:ad:7f:e9:44:f4:a0:83:b1:09:a8:34:a5:4d:
         38:4f:5b:8e:84:9b:84:6f:01:73:ca:63:37:e8:9b:18:23:75:
         b2:59:78:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLwhCRtiLCrD+eYVUzZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThlNzc5ZTZmYjRkY2I4NjBhMTc1ZjQzOWMyOTcwMjcxNmRiODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsz7CwMUPD2OpGlicmK7Z8fq/KX1
A2INBEkwhTMsSk+CQAJeYV/m2PAGaJPIqMvZ0pVh7Bk2LLlULYVWem6CM5jVpgWh
1/ntXTwqVh/IIdOYNNgO2//1RPoSVUBgPxV1DPjipVwxYR8KXhcW/BT4qbwzas0j
uTHQWhB2iHoPb6oc1jsJ4GiRpXAMMbrDC1xp0yPg6HvbiORDMMGrAW5eyGxzh8rM
pAg6nkBPG2+mwQpJ4pgBm05S3J/7sOKjaSUMIhhPbQbubbi70eZTm42UPQY0QYsg
u2zLxecDSgf/enysuEqS/5V//EJAJbXuEG7LbDOWhOCAidpz8ooB5a2GIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmOd55vtNy4YKF19DnClwJxbbgtMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvNlk1M25tLTAzTGhnb1hYME9jS1hBbkZ0dUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQCFf5X2e7yX+czna++wJNgZNShnvTNFwxLYvDHG5L0j
lMBVxgrbALuqPz1CGsS92VE4thePi1V7SwZwlEiq/g1+cWfT5CAZ9s1nLwxrRNzn
fcbrIUYfMjX3LApuZ5BFFyKJDPNmoSmmeuzjuOzTG49QrmLK7t/pw6+TDN71P9nt
oj5vGq4e/SWY4t0QEQL5ItLDRkQScV5WFvWU3SXXKhEjeFdNlIhAoHWefh0fveWz
GSp0dDNMpH4W2On3WdpmAr/Bc0mDpuqzWXS/LAw/Qz68o/H3aBv11PJ24gcojq1/
6UT0oIOxCag0pU04T1uOhJuEbwFzymM36JsYI3WyWXhc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:05 2024 by rpki-client on console-ams.rpki-client.org