Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/LCd36n8RBvToVE3fVcukU7vzU2A.roa
File:                     LCd36n8RBvToVE3fVcukU7vzU2A.roa (raw, json)
Hash identifier:          qxaTXMOAyEvjW57Fn2+gGjH3EmmbfXloVMH7bvdLTSw=
Subject key identifier:   2C:27:77:EA:7F:11:06:F4:E8:54:4D:DF:55:CB:A4:53:BB:F3:53:60
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01856D0AE44C979C10A2367A5FEBB903D489
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/LCd36n8RBvToVE3fVcukU7vzU2A.roa
Signing time:             Sun 01 Jan 2023 11:15:08 +0000
ROA not before:           Sun 01 Jan 2023 11:15:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207633
IP address blocks:        46.37.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:e4:4c:97:9c:10:a2:36:7a:5f:eb:b9:03:d4:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 11:15:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c2777ea7f1106f4e8544ddf55cba453bbf35360
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:1b:67:bb:21:06:8f:1e:b6:11:66:90:ea:8f:
                    53:12:6b:4d:94:16:26:f6:e8:84:60:01:bb:d0:5d:
                    3e:f1:f3:e1:39:e3:02:ea:d4:e6:31:0f:85:42:23:
                    cf:87:04:dd:a8:e5:eb:02:7c:da:b8:f8:f8:b0:38:
                    cd:1e:76:13:db:a0:bc:9b:4f:91:d7:c0:41:3e:80:
                    2f:e2:b8:37:c5:bd:f8:1b:fc:df:88:3d:1d:00:ab:
                    0e:07:7d:c6:42:82:c3:aa:76:2a:89:4c:b8:f5:4b:
                    09:56:c2:2b:85:40:ac:48:4d:99:a3:19:62:74:e4:
                    96:c6:b4:d2:70:f7:f0:a4:4d:05:04:d0:9c:15:c9:
                    67:3b:4d:2c:89:80:60:43:63:f7:ce:fb:81:af:86:
                    95:ee:15:f9:cd:ca:6d:77:97:38:bf:fb:eb:ec:6c:
                    8a:4c:57:89:ea:ce:8b:22:18:1a:86:f5:89:10:17:
                    a0:03:75:90:d6:44:0c:4b:30:aa:b3:62:ce:0f:ff:
                    c8:66:f8:bf:27:1a:c0:14:39:a0:62:cc:59:22:fb:
                    17:b6:bc:b3:5b:d6:21:ae:8a:e5:bd:3b:0f:cb:aa:
                    54:f1:c5:27:b4:c4:db:31:d9:39:30:71:35:49:95:
                    d9:3a:71:a3:f9:f4:09:fd:b4:fd:dd:a0:e9:a2:e4:
                    60:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:27:77:EA:7F:11:06:F4:E8:54:4D:DF:55:CB:A4:53:BB:F3:53:60
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/LCd36n8RBvToVE3fVcukU7vzU2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:fb:be:15:04:f7:84:82:66:4e:14:f1:f4:91:f2:52:60:60:
         c0:61:30:cb:32:75:8e:fd:49:d2:a7:ab:f1:06:13:3b:c1:85:
         22:1e:da:be:8c:f7:2b:e6:70:f7:78:fc:ca:6f:98:06:2a:3c:
         95:88:c7:a0:8f:5c:94:cd:2d:53:cf:fe:09:93:75:91:c8:b1:
         0e:97:b6:e6:06:76:ce:82:fe:04:42:e2:18:c2:63:a9:e3:e7:
         d3:5d:8e:32:c4:6d:68:ae:db:37:d5:0e:12:85:d6:8a:9d:83:
         66:58:4b:36:58:7a:40:4c:be:10:ab:57:65:61:13:2a:bb:d7:
         fd:c2:6e:27:72:12:67:7a:ba:fd:5e:1f:77:89:c1:ad:bf:ea:
         28:e0:c4:4d:8d:f1:ec:1c:15:fb:da:9a:c9:e6:70:06:54:65:
         c3:b3:8c:1f:9a:4f:8a:66:97:8a:fe:33:e1:3a:57:9a:8b:ea:
         7d:eb:2a:72:1a:5c:5b:3f:9f:52:b7:18:9e:15:f6:05:f9:20:
         23:43:bf:f6:95:db:06:47:f7:7a:2f:51:7f:11:fa:bd:d7:2f:
         5b:96:59:b3:89:05:01:1f:c0:b6:8e:a6:41:61:d8:26:85:68:
         c2:f2:82:9c:a1:af:3f:63:80:58:45:ae:6c:68:a2:1a:0d:60:
         cd:66:5c:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuRMl5wQojZ6X+u5A9SJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwMTAxMTExNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzI3NzdlYTdmMTEwNmY0ZTg1NDRkZGY1NWNiYTQ1M2JiZjM1MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhtnuyEGjx62EWaQ6o9TEmtNlBYm
9uiEYAG70F0+8fPhOeMC6tTmMQ+FQiPPhwTdqOXrAnzauPj4sDjNHnYT26C8m0+R
18BBPoAv4rg3xb34G/zfiD0dAKsOB33GQoLDqnYqiUy49UsJVsIrhUCsSE2Zoxli
dOSWxrTScPfwpE0FBNCcFclnO00siYBgQ2P3zvuBr4aV7hX5zcptd5c4v/vr7GyK
TFeJ6s6LIhgahvWJEBegA3WQ1kQMSzCqs2LOD//IZvi/JxrAFDmgYsxZIvsXtryz
W9YhrorlvTsPy6pU8cUntMTbMdk5MHE1SZXZOnGj+fQJ/bT93aDpouRgkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCwnd+p/EQb06FRN31XLpFO781NgMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvTENkMzZuOFJCdlRvVkUzZlZjdWtVN3Z6VTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVrMA0G
CSqGSIb3DQEBCwUAA4IBAQB4+74VBPeEgmZOFPH0kfJSYGDAYTDLMnWO/UnSp6vx
BhM7wYUiHtq+jPcr5nD3ePzKb5gGKjyViMegj1yUzS1Tz/4Jk3WRyLEOl7bmBnbO
gv4EQuIYwmOp4+fTXY4yxG1orts31Q4ShdaKnYNmWEs2WHpATL4Qq1dlYRMqu9f9
wm4nchJnerr9Xh93icGtv+oo4MRNjfHsHBX72prJ5nAGVGXDs4wfmk+KZpeK/jPh
Oleai+p96ypyGlxbP59StxieFfYF+SAjQ7/2ldsGR/d6L1F/Efq91y9bllmziQUB
H8C2jqZBYdgmhWjC8oKcoa8/Y4BYRa5saKIaDWDNZlwe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org