Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/EkefCW7YoU2vT_oKUHLX8R5xln8.roa
File:                     EkefCW7YoU2vT_oKUHLX8R5xln8.roa (raw, json)
Hash identifier:          6Y3kNOCjPB0wsxRZlO7KpnJN+GXDWUXaLD3dWMVrOh0=
Subject key identifier:   12:47:9F:09:6E:D8:A1:4D:AF:4F:FA:0A:50:72:D7:F1:1E:71:96:7F
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018D619F74076AF5A78DCD99C8A812075251
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/EkefCW7YoU2vT_oKUHLX8R5xln8.roa
Signing time:             Wed 31 Jan 2024 22:24:16 +0000
ROA not before:           Wed 31 Jan 2024 22:24:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.113.0/24 maxlen: 24
                          46.37.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Feb 2024 06:36:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:61:9f:74:07:6a:f5:a7:8d:cd:99:c8:a8:12:07:52:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan 31 22:24:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=12479f096ed8a14daf4ffa0a5072d7f11e71967f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:0e:46:be:74:57:30:15:62:ab:28:cb:39:eb:
                    c1:43:c8:0b:ff:fc:1c:62:a6:ff:1d:4c:5a:b9:41:
                    e7:6c:2a:51:23:67:10:17:0e:96:db:da:fb:dd:e0:
                    31:b5:80:1b:a7:85:05:78:05:b3:6a:28:57:9a:80:
                    5d:e5:ef:ca:8f:48:59:3a:e6:29:bf:19:e6:e6:58:
                    83:54:10:19:18:11:e4:d9:f7:45:f8:5b:28:f2:36:
                    8a:87:dd:28:a4:6a:d5:7b:67:05:12:47:79:5d:55:
                    a3:e5:64:6f:b5:4c:5d:6b:35:70:0c:56:dc:d2:5e:
                    1b:ca:c6:ff:e4:1c:e2:85:ec:85:c8:00:19:81:9c:
                    85:76:0d:5d:7e:88:8a:94:d7:95:d9:fc:1b:bf:55:
                    cb:50:81:64:99:68:2d:a2:12:61:b9:ec:bf:f4:d0:
                    b2:b3:e4:c7:5a:f6:fc:3d:47:d7:96:9a:94:f3:ad:
                    b0:2f:08:f3:87:44:a0:c4:5a:7e:29:1b:ad:9f:dd:
                    ea:05:67:ab:5b:d7:e2:10:2e:85:d4:e7:bf:e1:e8:
                    84:7e:c6:f0:86:69:10:1f:02:0d:8d:68:78:37:94:
                    6d:d7:ad:ea:49:dd:6d:3d:63:d3:3f:0c:9f:54:e4:
                    40:77:d8:85:23:2e:8f:02:d5:b9:14:03:51:63:cd:
                    0e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:47:9F:09:6E:D8:A1:4D:AF:4F:FA:0A:50:72:D7:F1:1E:71:96:7F
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/EkefCW7YoU2vT_oKUHLX8R5xln8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.113.0/24
                  46.37.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:14:29:b4:f7:00:91:bc:0c:51:92:40:59:38:96:d7:8a:af:
         72:d7:f1:01:c9:0e:af:97:16:69:fb:f7:0e:75:8a:7f:8e:bb:
         c0:08:60:85:6f:de:21:30:2c:25:d1:29:0d:eb:98:be:ff:d1:
         74:e9:f0:41:49:44:11:1f:ad:ce:2f:7e:5a:97:70:a8:98:90:
         81:8f:43:9e:c9:46:8b:5e:0b:ee:17:95:07:7e:77:34:8c:8e:
         68:60:3a:c8:b4:f0:b7:70:83:25:3e:ab:d2:ef:1e:47:66:53:
         86:e0:e6:ad:72:18:20:c9:e4:b0:5c:fc:0a:e1:0b:79:f8:de:
         d1:51:ca:d4:e2:ff:a6:42:8b:51:41:02:64:b9:3d:dd:02:aa:
         4e:da:e1:24:38:78:a4:80:4f:67:3a:d7:18:87:83:25:d0:0b:
         44:a2:cd:97:81:7c:a0:9c:2a:ba:3d:d6:1f:63:a7:ff:58:fe:
         36:e0:a1:ba:a1:93:11:7d:f4:b5:aa:df:ff:b7:b1:50:a7:32:
         9e:ec:fa:e7:ec:16:4a:9b:1e:67:d5:e8:e6:85:de:14:b6:4a:
         52:88:b7:e4:e4:32:3a:e3:92:6a:93:89:72:98:7d:be:9c:8b:
         80:07:ba:8f:06:d2:60:55:f1:76:e6:86:58:ef:ee:63:91:d0:
         1c:e7:f9:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1hn3QHavWnjc2ZyKgSB1JRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTMxMjIyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ3OWYwOTZlZDhhMTRkYWY0ZmZhMGE1MDcyZDdmMTFlNzE5NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw5GvnRXMBViqyjLOevBQ8gL//wc
Yqb/HUxauUHnbCpRI2cQFw6W29r73eAxtYAbp4UFeAWzaihXmoBd5e/Kj0hZOuYp
vxnm5liDVBAZGBHk2fdF+Fso8jaKh90opGrVe2cFEkd5XVWj5WRvtUxdazVwDFbc
0l4bysb/5BziheyFyAAZgZyFdg1dfoiKlNeV2fwbv1XLUIFkmWgtohJhuey/9NCy
s+THWvb8PUfXlpqU862wLwjzh0SgxFp+KRutn93qBWerW9fiEC6F1Oe/4eiEfsbw
hmkQHwINjWh4N5Rt163qSd1tPWPTPwyfVORAd9iFIy6PAtW5FANRY80OnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBJHnwlu2KFNr0/6ClBy1/EecZZ/MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvRWtlZkNXN1lvVTJ2VF9vS1VITFg4UjV4bG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV5MA0GCSqGSIb3DQEBCwUAA4IBAQCtFCm09wCRvAxRkkBZOJbXiq9y
1/EByQ6vlxZp+/cOdYp/jrvACGCFb94hMCwl0SkN65i+/9F06fBBSUQRH63OL35a
l3ComJCBj0OeyUaLXgvuF5UHfnc0jI5oYDrItPC3cIMlPqvS7x5HZlOG4Oatchgg
yeSwXPwK4Qt5+N7RUcrU4v+mQotRQQJkuT3dAqpO2uEkOHikgE9nOtcYh4Ml0AtE
os2XgXygnCq6PdYfY6f/WP424KG6oZMRffS1qt//t7FQpzKe7Prn7BZKmx5n1ejm
hd4UtkpSiLfk5DI645Jqk4lymH2+nIuAB7qPBtJgVfF25oZY7+5jkdAc5/kA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org