Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/QI0VIL27X1G5I_LDR6vTUAUSOsI.roa
File:                     QI0VIL27X1G5I_LDR6vTUAUSOsI.roa (raw, json)
Hash identifier:          NoGsR8GbgSr3Wu+n/55fboT6juZuztWN3D3dSeN3t1M=
Subject key identifier:   40:8D:15:20:BD:BB:5F:51:B9:23:F2:C3:47:AB:D3:50:05:12:3A:C2
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018A6E45AC4839BC95A1A0F3498B5E1B458A
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/QI0VIL27X1G5I_LDR6vTUAUSOsI.roa
Signing time:             Thu 07 Sep 2023 06:12:54 +0000
ROA not before:           Thu 07 Sep 2023 06:12:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35916
IP address blocks:        46.37.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:6e:45:ac:48:39:bc:95:a1:a0:f3:49:8b:5e:1b:45:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Sep  7 06:12:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=408d1520bdbb5f51b923f2c347abd35005123ac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ab:04:d9:d1:e6:ec:82:9c:a2:e9:eb:3d:72:
                    6f:0f:70:ff:05:73:7a:e9:81:bd:3b:8f:59:9b:d3:
                    b5:a4:d3:1c:75:58:13:f5:aa:a2:83:6f:ed:4f:8f:
                    a5:3b:a5:46:54:bd:c0:e6:bc:06:b2:e5:39:ba:ad:
                    97:5b:37:da:29:63:13:1f:e8:87:c5:12:c4:a7:85:
                    7c:6c:41:58:e2:d7:87:16:d3:9b:5e:c8:a5:16:ec:
                    e8:ab:fb:49:56:93:f5:a0:13:66:73:d9:07:bd:cb:
                    eb:1c:d9:2b:21:d7:04:f3:d2:df:b6:e2:86:c7:c0:
                    8c:07:ba:4f:3d:e8:3a:77:74:8d:05:b3:82:ae:c9:
                    18:f8:1e:88:29:fb:9c:15:01:22:5d:c9:5c:34:73:
                    17:07:88:ae:2e:f7:59:6c:0b:5c:77:b0:0b:76:49:
                    de:84:e8:da:11:23:2e:ab:54:cd:c1:ad:41:7c:7d:
                    e9:43:2d:ef:0a:2e:3c:9a:71:67:42:05:3c:cd:cc:
                    74:5b:49:4b:c7:9d:92:31:12:d0:32:1a:fa:0d:13:
                    0d:d9:a8:07:35:af:4f:db:f6:de:3d:df:cd:5c:41:
                    12:f1:9e:c3:56:4c:8e:53:d7:68:2f:76:d7:d5:85:
                    35:02:19:73:1b:6f:2b:a0:45:c1:91:da:b9:7a:a1:
                    03:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:8D:15:20:BD:BB:5F:51:B9:23:F2:C3:47:AB:D3:50:05:12:3A:C2
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/QI0VIL27X1G5I_LDR6vTUAUSOsI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:d1:47:e4:a6:c9:db:66:64:aa:ba:15:1f:a0:e0:c4:43:8b:
         e9:28:78:0b:f6:2d:f9:c8:bc:75:90:56:11:a6:f1:b1:ee:29:
         40:6c:b5:f3:23:cf:5d:ed:44:eb:8c:e9:ed:1f:bb:d5:21:ea:
         18:8a:4a:5e:b3:87:2b:12:32:23:bb:21:97:b8:f1:4f:3a:d8:
         ee:f1:64:70:e3:86:a9:03:b8:fb:e4:53:75:20:4b:c5:db:12:
         8b:9f:bd:aa:7e:80:7e:56:3e:7f:b0:ce:cc:2e:4b:f9:de:1f:
         6e:e6:22:d1:87:ed:c9:23:1d:8c:11:98:eb:01:1a:8f:88:05:
         94:b0:01:7a:a9:d0:cf:36:87:c6:f4:8d:cf:88:d2:a4:73:8f:
         65:eb:b2:11:db:93:2b:68:a9:bc:8c:a6:55:95:a8:fb:bb:98:
         c5:83:49:bd:10:e9:2a:f8:3b:4f:12:3f:05:12:8c:bb:78:80:
         d7:1e:1b:a7:fa:2f:19:73:de:6b:78:14:8d:4e:24:ae:ff:95:
         b2:86:99:7b:7a:7b:51:10:f2:b0:f8:4d:1e:18:e6:cd:7e:82:
         17:e9:67:3c:6e:33:4f:de:2a:39:04:b5:14:8c:d6:af:ac:6c:
         a9:0e:d5:ae:d2:98:c7:cd:6a:63:72:f4:8e:44:5c:d0:0b:67:
         9a:ca:6a:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpuRaxIObyVoaDzSYteG0WKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwOTA3MDYxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhkMTUyMGJkYmI1ZjUxYjkyM2YyYzM0N2FiZDM1MDA1MTIzYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqsE2dHm7IKcounrPXJvD3D/BXN6
6YG9O49Zm9O1pNMcdVgT9aqig2/tT4+lO6VGVL3A5rwGsuU5uq2XWzfaKWMTH+iH
xRLEp4V8bEFY4teHFtObXsilFuzoq/tJVpP1oBNmc9kHvcvrHNkrIdcE89LftuKG
x8CMB7pPPeg6d3SNBbOCrskY+B6IKfucFQEiXclcNHMXB4iuLvdZbAtcd7ALdkne
hOjaESMuq1TNwa1BfH3pQy3vCi48mnFnQgU8zcx0W0lLx52SMRLQMhr6DRMN2agH
Na9P2/bePd/NXEES8Z7DVkyOU9doL3bX1YU1AhlzG28roEXBkdq5eqEDmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECNFSC9u19RuSPyw0er01AFEjrCMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUUkwVklMMjdYMUc1SV9MRFI2dlRVQVVTT3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV3MA0G
CSqGSIb3DQEBCwUAA4IBAQC30UfkpsnbZmSquhUfoODEQ4vpKHgL9i35yLx1kFYR
pvGx7ilAbLXzI89d7UTrjOntH7vVIeoYikpes4crEjIjuyGXuPFPOtju8WRw44ap
A7j75FN1IEvF2xKLn72qfoB+Vj5/sM7MLkv53h9u5iLRh+3JIx2MEZjrARqPiAWU
sAF6qdDPNofG9I3PiNKkc49l67IR25MraKm8jKZVlaj7u5jFg0m9EOkq+DtPEj8F
Eoy7eIDXHhun+i8Zc95reBSNTiSu/5Wyhpl7entREPKw+E0eGObNfoIX6Wc8bjNP
3io5BLUUjNavrGypDtWu0pjHzWpjcvSORFzQC2eaymo0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org