Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BrhNYe4lfv5ctBdhEEh3VOqDi5o.roa
File:                     BrhNYe4lfv5ctBdhEEh3VOqDi5o.roa (raw, json)
Hash identifier:          NfL4TcUOGC1xHG7OLcQapALikGuwpkQQ98K9efHmsD4=
Subject key identifier:   06:B8:4D:61:EE:25:7E:FE:5C:B4:17:61:10:48:77:54:EA:83:8B:9A
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0187A0AC557B636E5BDC699E0A32F82E0239
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BrhNYe4lfv5ctBdhEEh3VOqDi5o.roa
Signing time:             Thu 20 Apr 2023 21:57:41 +0000
ROA not before:           Thu 20 Apr 2023 21:57:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203363
IP address blocks:        46.37.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:a0:ac:55:7b:63:6e:5b:dc:69:9e:0a:32:f8:2e:02:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Apr 20 21:57:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=06b84d61ee257efe5cb4176110487754ea838b9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:57:02:81:cb:7e:4a:ad:fd:e5:15:08:29:cd:
                    7b:6c:12:af:8b:05:94:07:98:e0:4f:86:3a:4e:ff:
                    24:33:83:8d:24:37:28:7a:37:4c:6f:3f:af:20:c4:
                    20:82:84:ab:de:6d:66:69:ff:7d:ed:6b:f3:6e:43:
                    c7:e3:39:27:8c:05:0b:fb:d1:6d:64:8d:41:d7:97:
                    ea:96:09:b8:09:6f:ed:fe:92:18:ec:25:ff:b8:09:
                    97:2d:2b:4c:57:31:25:b1:b1:4a:ba:b8:e9:9a:87:
                    ae:21:49:5b:83:ce:eb:d2:0b:94:00:50:af:85:32:
                    c4:b3:89:b1:ad:7c:6c:52:e4:f0:9e:ed:1e:26:a3:
                    cf:ed:62:57:5d:83:83:1a:24:c2:50:fd:8f:05:b2:
                    7b:35:8f:90:e6:df:ce:84:d5:06:5b:bf:5c:b1:cd:
                    32:75:7a:21:10:6b:fa:bb:5e:04:c8:11:62:13:5f:
                    e1:dd:16:05:23:1a:06:db:47:5f:3b:a7:38:5b:b7:
                    9b:42:a3:0c:f5:31:a8:b4:6d:f0:ec:a9:e0:db:8c:
                    2e:9e:dc:50:6e:93:10:be:f1:a5:49:6a:54:62:8e:
                    5c:d6:ff:ab:fd:3f:1c:2c:08:21:9f:17:ea:ca:fe:
                    d9:48:60:da:b2:fb:8e:2d:93:a1:fb:5d:86:00:d5:
                    94:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:B8:4D:61:EE:25:7E:FE:5C:B4:17:61:10:48:77:54:EA:83:8B:9A
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BrhNYe4lfv5ctBdhEEh3VOqDi5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:37:42:ac:18:95:7c:5e:ce:90:dc:4f:b1:f7:5d:18:8d:4a:
         d6:8e:cf:a5:7c:53:b1:76:44:87:b0:ac:63:8e:be:00:81:eb:
         b1:98:63:81:4e:f4:69:09:6f:3c:5d:a4:2c:7a:ac:b1:90:a4:
         64:c1:fc:db:28:be:ed:cd:9f:ca:b8:0e:dc:77:b0:79:56:e4:
         5a:9b:4e:66:34:bc:f7:e0:7b:7e:c8:b6:5c:5f:9e:20:f4:04:
         9c:44:74:ac:ac:98:5e:f7:b2:11:91:e1:ea:b2:1a:4b:6d:b4:
         b1:35:49:31:c7:d2:b7:b2:d6:e5:32:16:01:c1:4b:3a:05:42:
         73:7b:1c:c6:30:43:4c:9f:7f:18:b4:65:70:a0:3f:1b:38:83:
         06:22:bf:4a:7a:c4:8c:35:05:c0:49:a4:9c:f4:ff:55:48:63:
         18:f1:9a:6a:1f:d4:ac:4b:fa:21:04:fc:91:33:41:b7:5a:60:
         ac:c9:f5:2f:f3:c3:0b:7a:1b:b8:7a:62:82:f1:79:42:80:74:
         33:4a:51:ea:bc:fb:c4:93:73:7a:44:ac:0e:ab:8f:4f:ac:1e:
         01:c9:d7:ae:43:86:e5:65:db:95:6f:ec:44:91:f7:36:a1:d3:
         be:3b:e6:56:f5:30:a2:bd:5c:c4:a7:7f:4c:03:ac:05:09:f7:
         c1:83:c9:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYegrFV7Y25b3GmeCjL4LgI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNDIwMjE1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI4NGQ2MWVlMjU3ZWZlNWNiNDE3NjExMDQ4Nzc1NGVhODM4YjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1cCgct+Sq395RUIKc17bBKviwWU
B5jgT4Y6Tv8kM4ONJDcoejdMbz+vIMQggoSr3m1maf997WvzbkPH4zknjAUL+9Ft
ZI1B15fqlgm4CW/t/pIY7CX/uAmXLStMVzElsbFKurjpmoeuIUlbg87r0guUAFCv
hTLEs4mxrXxsUuTwnu0eJqPP7WJXXYODGiTCUP2PBbJ7NY+Q5t/OhNUGW79csc0y
dXohEGv6u14EyBFiE1/h3RYFIxoG20dfO6c4W7ebQqMM9TGotG3w7Kng24wuntxQ
bpMQvvGlSWpUYo5c1v+r/T8cLAghnxfqyv7ZSGDasvuOLZOh+12GANWUVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAa4TWHuJX7+XLQXYRBId1Tqg4uaMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvQnJoTlllNGxmdjVjdEJkaEVFaDNWT3FEaTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV8MA0G
CSqGSIb3DQEBCwUAA4IBAQCDN0KsGJV8Xs6Q3E+x910YjUrWjs+lfFOxdkSHsKxj
jr4AgeuxmGOBTvRpCW88XaQseqyxkKRkwfzbKL7tzZ/KuA7cd7B5VuRam05mNLz3
4Ht+yLZcX54g9AScRHSsrJhe97IRkeHqshpLbbSxNUkxx9K3stblMhYBwUs6BUJz
exzGMENMn38YtGVwoD8bOIMGIr9KesSMNQXASaSc9P9VSGMY8ZpqH9SsS/ohBPyR
M0G3WmCsyfUv88MLehu4emKC8XlCgHQzSlHqvPvEk3N6RKwOq49PrB4BydeuQ4bl
ZduVb+xEkfc2odO+O+ZW9TCivVzEp39MA6wFCffBg8lb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org