Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/JO_0d71e_zR6a26XWUnbXcjZyQ4.roa
File:                     JO_0d71e_zR6a26XWUnbXcjZyQ4.roa (raw, json)
Hash identifier:          8TCm34tH4giV/vOSZF2sdoTCai5MGsA1gk8ySnCrgqs=
Subject key identifier:   24:EF:F4:77:BD:5E:FF:34:7A:6B:6E:97:59:49:DB:5D:C8:D9:C9:0E
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01856D0AE3674FAF3A460C570D5200477F1D
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/JO_0d71e_zR6a26XWUnbXcjZyQ4.roa
Signing time:             Sun 01 Jan 2023 11:15:08 +0000
ROA not before:           Sun 01 Jan 2023 11:15:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202358
IP address blocks:        46.37.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:e3:67:4f:af:3a:46:0c:57:0d:52:00:47:7f:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 11:15:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24eff477bd5eff347a6b6e975949db5dc8d9c90e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:38:5a:a3:76:60:c0:81:5d:20:88:7e:36:89:
                    0b:69:b8:de:31:09:a8:73:c3:53:f2:99:d4:64:5e:
                    37:43:8d:c3:f0:77:bd:1a:4d:05:1a:ec:6f:21:95:
                    9d:4f:00:7f:ff:9a:c0:31:18:83:2a:9e:56:be:9b:
                    1c:23:23:78:14:d4:37:21:be:d1:89:0d:2c:1d:e7:
                    7d:71:35:7b:72:eb:03:15:1b:b0:d8:31:b6:9a:04:
                    54:72:3a:f8:ce:6a:72:9d:eb:d2:03:4f:33:ee:aa:
                    a4:e4:24:3b:0c:88:42:c0:93:c7:e2:7b:b9:4d:99:
                    99:bb:e2:9b:47:b0:3b:30:1e:72:72:15:4e:f1:a9:
                    dc:7f:87:89:da:f1:8b:d2:e2:8c:32:d8:57:f1:c6:
                    0e:f0:47:19:83:c2:1d:06:0e:75:08:33:91:1b:e4:
                    5a:6c:9b:69:0d:7c:32:25:b0:b5:2a:6e:0c:37:3a:
                    0d:4d:38:7e:d4:80:e8:b7:c8:6b:22:0a:86:4e:5c:
                    fd:1e:8a:9b:ec:9d:b5:a5:ce:78:09:ac:d5:20:b3:
                    a6:99:40:3c:ef:47:51:86:22:3a:77:ff:72:a8:be:
                    d8:d0:26:2f:46:3a:73:ef:79:55:c2:fc:08:48:7b:
                    c1:a7:3f:25:7b:50:18:94:d5:cb:44:4e:3e:78:36:
                    1a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:EF:F4:77:BD:5E:FF:34:7A:6B:6E:97:59:49:DB:5D:C8:D9:C9:0E
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/JO_0d71e_zR6a26XWUnbXcjZyQ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:ac:1b:0d:5b:95:1a:37:2a:6c:71:ce:0d:40:a6:d1:e1:e5:
         f6:e7:9c:d8:2f:5d:4d:71:42:38:de:34:c0:51:96:d3:17:1f:
         b2:c9:20:08:c9:c3:87:6c:d5:9a:7d:43:bc:a6:51:c5:27:64:
         93:f0:bc:d4:39:cf:c8:fa:0d:1e:e3:fa:86:53:c9:99:dd:f6:
         b7:93:ed:f0:40:89:42:f7:10:65:90:36:2c:3a:93:c9:01:fc:
         4d:27:70:95:16:16:e8:7e:4c:67:94:5c:52:8a:60:41:9d:16:
         e9:c6:0a:bb:60:2f:af:14:f3:d5:32:b5:9b:89:0b:3b:7f:9f:
         9d:b7:c6:e2:c8:04:82:0e:01:fb:13:39:48:5c:11:2d:7d:6c:
         bd:03:91:14:ec:3c:83:42:f6:3c:a9:8e:a2:83:9b:f8:45:f7:
         dd:06:cf:6f:5b:f9:2f:16:21:2b:d0:be:5d:6f:4c:dd:07:e5:
         70:6a:83:34:84:4d:dc:d4:ae:19:4b:44:7c:91:b5:6c:7c:3a:
         6f:f3:25:e9:f0:62:aa:da:9a:f3:57:b8:54:af:68:89:44:3b:
         e7:48:be:68:d3:c3:0b:0b:b9:b3:9c:8c:3b:2a:7e:59:4c:77:
         28:97:87:ce:e5:a5:5a:b9:7e:7d:02:ee:36:36:b5:6e:fa:25:
         f0:02:e3:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuNnT686RgxXDVIAR38dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwMTAxMTExNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVmZjQ3N2JkNWVmZjM0N2E2YjZlOTc1OTQ5ZGI1ZGM4ZDljOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dhao3ZgwIFdIIh+NokLabjeMQmo
c8NT8pnUZF43Q43D8He9Gk0FGuxvIZWdTwB//5rAMRiDKp5WvpscIyN4FNQ3Ib7R
iQ0sHed9cTV7cusDFRuw2DG2mgRUcjr4zmpynevSA08z7qqk5CQ7DIhCwJPH4nu5
TZmZu+KbR7A7MB5ychVO8ancf4eJ2vGL0uKMMthX8cYO8EcZg8IdBg51CDORG+Ra
bJtpDXwyJbC1Km4MNzoNTTh+1IDot8hrIgqGTlz9Hoqb7J21pc54CazVILOmmUA8
70dRhiI6d/9yqL7Y0CYvRjpz73lVwvwISHvBpz8le1AYlNXLRE4+eDYaOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTv9He9Xv80emtul1lJ213I2ckOMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvSk9fMGQ3MWVfelI2YTI2WFdVbmJYY2paeVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQANrBsNW5UaNypscc4NQKbR4eX255zYL11NcUI43jTA
UZbTFx+yySAIycOHbNWafUO8plHFJ2ST8LzUOc/I+g0e4/qGU8mZ3fa3k+3wQIlC
9xBlkDYsOpPJAfxNJ3CVFhbofkxnlFxSimBBnRbpxgq7YC+vFPPVMrWbiQs7f5+d
t8biyASCDgH7EzlIXBEtfWy9A5EU7DyDQvY8qY6ig5v4RffdBs9vW/kvFiEr0L5d
b0zdB+VwaoM0hE3c1K4ZS0R8kbVsfDpv8yXp8GKq2przV7hUr2iJRDvnSL5o08ML
C7mznIw7Kn5ZTHcol4fO5aVauX59Au42NrVu+iXwAuPt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org