Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/PYptU7sWin4a5Vy_k7NMLW5-_hk.roa
File:                     PYptU7sWin4a5Vy_k7NMLW5-_hk.roa (raw, json)
Hash identifier:          SA0OSTQMILDL8ARGqaZDK9Imp3wfPgmtUPDdqZuTkDw=
Subject key identifier:   3D:8A:6D:53:BB:16:8A:7E:1A:E5:5C:BF:93:B3:4C:2D:6E:7E:FE:19
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018C12FCB9AFA6894413D3E7378BD9BCF252
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/PYptU7sWin4a5Vy_k7NMLW5-_hk.roa
Signing time:             Mon 27 Nov 2023 22:53:21 +0000
ROA not before:           Mon 27 Nov 2023 22:53:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59426
IP address blocks:        46.37.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Dec 2023 08:10:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:12:fc:b9:af:a6:89:44:13:d3:e7:37:8b:d9:bc:f2:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Nov 27 22:53:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d8a6d53bb168a7e1ae55cbf93b34c2d6e7efe19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:35:e9:33:f3:4c:1c:59:66:58:f6:3a:3f:b8:
                    a0:d7:bf:7f:72:e0:85:3c:10:3a:00:5d:ad:c4:a4:
                    db:96:02:c2:96:6e:95:fd:6e:08:8c:23:1d:db:f4:
                    ea:33:7c:d1:17:07:7d:24:c0:71:c2:6c:af:09:9a:
                    ce:b7:57:3a:7c:08:dd:5c:89:6c:c1:78:f9:aa:cd:
                    2a:81:8f:aa:b3:52:41:2d:97:6e:b0:09:e7:9e:3e:
                    08:06:3c:b7:73:47:38:e5:32:15:ed:f5:9a:19:1d:
                    32:dd:b8:a9:15:78:3e:46:4b:af:85:a3:0f:7d:61:
                    ed:bd:67:04:00:c5:31:f8:05:a9:8d:4b:d4:72:7d:
                    4e:c5:8a:4b:fc:fb:04:09:69:e7:3b:3d:44:cb:e9:
                    6b:e8:f7:ca:09:48:b3:6a:93:46:48:54:0d:d8:0f:
                    d3:93:f7:70:25:9f:2f:c1:f3:b6:9c:77:19:44:ca:
                    ff:e3:8f:96:6b:72:e6:2d:c8:eb:2f:ca:6d:1d:90:
                    10:ba:7d:eb:8e:99:cf:85:ff:b5:2e:52:48:9e:fc:
                    20:88:8e:3f:2e:f6:77:04:f0:ee:dc:61:f1:fe:4c:
                    ce:1b:ed:91:c9:fe:13:63:0b:88:71:1e:c1:b7:71:
                    d4:1f:ae:08:59:ad:a8:78:cd:68:4f:5d:34:e3:2e:
                    8e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:8A:6D:53:BB:16:8A:7E:1A:E5:5C:BF:93:B3:4C:2D:6E:7E:FE:19
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/PYptU7sWin4a5Vy_k7NMLW5-_hk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:a4:a8:e6:7a:17:9b:f2:3c:fe:82:d5:cc:a0:f8:d0:47:bc:
         20:92:76:c7:12:a4:0a:7f:20:4c:bb:30:03:ae:91:8b:f5:e3:
         79:f0:f1:f9:3c:65:1f:1e:87:cb:cc:b8:77:8d:f0:f3:c0:23:
         5f:dd:f6:f1:d4:69:09:42:e6:23:da:ff:56:c8:54:50:23:15:
         81:e4:3a:af:22:97:00:d9:1c:65:00:1c:a6:03:b8:15:2f:9a:
         e3:4e:41:76:ab:c7:81:d6:2a:4f:68:41:04:d8:cd:86:31:14:
         9f:27:55:25:fd:1a:74:5b:59:52:b8:aa:ce:ed:d2:4c:b6:44:
         65:0a:82:9a:24:d9:34:12:56:88:40:f8:d9:b7:de:9d:7d:45:
         2c:19:bf:a7:4e:72:84:e1:16:45:8e:6f:c8:0d:d2:da:88:7f:
         0c:29:d1:f4:d9:13:a7:bd:74:da:cf:90:67:73:dd:a8:27:d3:
         dc:d2:5e:2b:44:1f:01:7c:57:51:bb:a8:09:ed:14:a7:06:2a:
         9d:cb:47:c5:28:f1:34:1d:5b:8a:92:6b:46:63:91:33:f4:29:
         b8:05:93:64:51:15:97:df:1d:dc:bb:16:5e:05:03:6f:fb:eb:
         77:54:37:24:bc:84:b4:3d:b6:77:dd:b2:62:12:cf:31:48:97:
         a0:7e:13:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwS/LmvpolEE9PnN4vZvPJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMTI3MjI1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNmQ1M2JiMTY4YTdlMWFlNTVjYmY5M2IzNGMyZDZlN2VmZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjXpM/NMHFlmWPY6P7ig179/cuCF
PBA6AF2txKTblgLClm6V/W4IjCMd2/TqM3zRFwd9JMBxwmyvCZrOt1c6fAjdXIls
wXj5qs0qgY+qs1JBLZdusAnnnj4IBjy3c0c45TIV7fWaGR0y3bipFXg+RkuvhaMP
fWHtvWcEAMUx+AWpjUvUcn1OxYpL/PsECWnnOz1Ey+lr6PfKCUizapNGSFQN2A/T
k/dwJZ8vwfO2nHcZRMr/44+Wa3LmLcjrL8ptHZAQun3rjpnPhf+1LlJInvwgiI4/
LvZ3BPDu3GHx/kzOG+2Ryf4TYwuIcR7Bt3HUH64IWa2oeM1oT1004y6OeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2KbVO7Fop+GuVcv5OzTC1ufv4ZMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUFlwdFU3c1dpbjRhNVZ5X2s3Tk1MVzUtX2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV5MA0G
CSqGSIb3DQEBCwUAA4IBAQCypKjmeheb8jz+gtXMoPjQR7wgknbHEqQKfyBMuzAD
rpGL9eN58PH5PGUfHofLzLh3jfDzwCNf3fbx1GkJQuYj2v9WyFRQIxWB5DqvIpcA
2RxlABymA7gVL5rjTkF2q8eB1ipPaEEE2M2GMRSfJ1Ul/Rp0W1lSuKrO7dJMtkRl
CoKaJNk0ElaIQPjZt96dfUUsGb+nTnKE4RZFjm/IDdLaiH8MKdH02ROnvXTaz5Bn
c92oJ9Pc0l4rRB8BfFdRu6gJ7RSnBiqdy0fFKPE0HVuKkmtGY5Ez9Cm4BZNkURWX
3x3cuxZeBQNv++t3VDckvIS0PbZ33bJiEs8xSJegfhOL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org