Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KghUFjtkQVFrs2gc5HsvFzU0hvc.roa
File:                     KghUFjtkQVFrs2gc5HsvFzU0hvc.roa (raw, json)
Hash identifier:          CU2eaN5Dnla9s42CUg/k+NCR41YEUt3v+iUoAVOghDs=
Subject key identifier:   2A:08:54:16:3B:64:41:51:6B:B3:68:1C:E4:7B:2F:17:35:34:86:F7
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01856D0AE2773E0EADB6D8F201BDDF8EABE5
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KghUFjtkQVFrs2gc5HsvFzU0hvc.roa
Signing time:             Sun 01 Jan 2023 11:15:07 +0000
ROA not before:           Sun 01 Jan 2023 11:15:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200704
IP address blocks:        46.37.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:e2:77:3e:0e:ad:b6:d8:f2:01:bd:df:8e:ab:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 11:15:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a0854163b6441516bb3681ce47b2f17353486f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a6:b1:3c:0b:3e:94:47:0d:ad:c9:ce:34:94:
                    80:82:86:b1:f2:d2:ea:26:31:7c:c3:71:61:32:48:
                    59:e4:c9:dc:1e:dd:11:f2:18:c4:4a:8e:6f:f5:40:
                    3c:c1:c1:5f:93:98:64:76:b4:42:c7:3f:57:fe:3c:
                    2c:42:95:3d:03:d3:a2:3f:a7:ce:4d:17:8e:84:68:
                    ee:46:94:d0:88:4f:d3:d4:60:56:91:2a:14:a5:51:
                    1e:f6:fa:ce:23:9d:dc:e2:27:6b:34:96:78:6c:b1:
                    b2:b4:82:ed:d8:0d:b8:17:0f:c0:9b:c4:8c:2d:09:
                    1c:ea:86:a6:35:11:73:e6:13:bf:f0:b0:b9:b7:d3:
                    20:a0:f9:3d:4e:00:91:84:e0:9e:69:63:5a:2e:1e:
                    1e:a6:0b:2d:2a:7d:5d:96:e4:f0:3e:e4:09:41:7b:
                    2c:a7:df:1b:94:de:87:8b:46:12:23:5a:40:c7:e0:
                    69:83:cb:63:a5:a1:be:16:bc:c0:2b:e6:c5:d9:1e:
                    d8:32:1b:fe:dd:60:38:35:12:f7:f2:43:50:31:e2:
                    74:0e:ee:55:19:92:21:a0:0a:07:1d:b8:ca:02:f1:
                    11:5d:40:2c:dc:21:4f:84:77:1f:a6:1c:62:84:ce:
                    72:49:27:0e:72:51:da:09:12:c5:c0:c9:39:ac:1b:
                    e8:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:08:54:16:3B:64:41:51:6B:B3:68:1C:E4:7B:2F:17:35:34:86:F7
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KghUFjtkQVFrs2gc5HsvFzU0hvc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:75:aa:f8:e5:d9:8c:c7:42:2a:2a:30:68:8f:57:3d:4c:ca:
         33:a4:16:51:7b:8b:db:15:93:73:96:85:d2:89:3a:1a:eb:e4:
         81:94:23:f2:51:5c:c1:96:30:c7:2b:3b:6d:63:61:e6:ca:aa:
         b6:91:5c:7f:e6:23:19:02:87:d7:17:53:ef:59:ef:3b:b1:10:
         cb:e1:7b:1a:81:2f:5b:6e:2e:f6:19:08:21:1d:bf:d7:67:47:
         ed:3d:64:8c:08:04:38:51:aa:4c:72:52:cf:fb:6e:45:5b:0d:
         91:4a:91:ec:05:28:89:1c:17:f2:b3:ab:40:5e:65:6d:84:ac:
         69:b6:0b:21:a9:55:f6:6d:3d:6f:84:71:55:a6:92:aa:c5:79:
         c0:10:46:dd:5d:7e:0e:e4:da:27:16:b7:3e:d9:e2:cd:36:46:
         85:d0:1f:9b:48:f9:39:0a:39:e3:30:2a:eb:08:7d:c9:7e:20:
         f1:c0:c0:87:f5:6c:72:1d:8b:39:bd:6f:32:cc:d7:74:1c:64:
         d3:d9:ee:ed:cb:82:a0:07:ed:c2:b4:ed:d5:da:28:f3:4d:2e:
         ac:84:83:2c:5a:3a:b5:75:7b:5b:ef:6f:8c:f4:1f:61:db:55:
         9e:88:4d:ff:7e:78:60:3b:76:0d:4f:8c:b9:eb:0f:05:86:44:
         f2:55:54:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuJ3Pg6tttjyAb3fjqvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwMTAxMTExNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA4NTQxNjNiNjQ0MTUxNmJiMzY4MWNlNDdiMmYxNzM1MzQ4NmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqaxPAs+lEcNrcnONJSAgoax8tLq
JjF8w3FhMkhZ5MncHt0R8hjESo5v9UA8wcFfk5hkdrRCxz9X/jwsQpU9A9OiP6fO
TReOhGjuRpTQiE/T1GBWkSoUpVEe9vrOI53c4idrNJZ4bLGytILt2A24Fw/Am8SM
LQkc6oamNRFz5hO/8LC5t9MgoPk9TgCRhOCeaWNaLh4epgstKn1dluTwPuQJQXss
p98blN6Hi0YSI1pAx+Bpg8tjpaG+FrzAK+bF2R7YMhv+3WA4NRL38kNQMeJ0Du5V
GZIhoAoHHbjKAvERXUAs3CFPhHcfphxihM5ySScOclHaCRLFwMk5rBvoZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoIVBY7ZEFRa7NoHOR7Lxc1NIb3MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvS2doVUZqdGtRVkZyczJnYzVIc3ZGelUwaHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQCbdar45dmMx0IqKjBoj1c9TMozpBZRe4vbFZNzloXS
iToa6+SBlCPyUVzBljDHKzttY2Hmyqq2kVx/5iMZAofXF1PvWe87sRDL4XsagS9b
bi72GQghHb/XZ0ftPWSMCAQ4UapMclLP+25FWw2RSpHsBSiJHBfys6tAXmVthKxp
tgshqVX2bT1vhHFVppKqxXnAEEbdXX4O5NonFrc+2eLNNkaF0B+bSPk5CjnjMCrr
CH3JfiDxwMCH9WxyHYs5vW8yzNd0HGTT2e7ty4KgB+3CtO3V2ijzTS6shIMsWjq1
dXtb72+M9B9h21WeiE3/fnhgO3YNT4y56w8FhkTyVVRO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org