Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/QJl7oYjfwKQ5ZyQRYOE1KFF1rBE.roa
File:                     QJl7oYjfwKQ5ZyQRYOE1KFF1rBE.roa (raw, json)
Hash identifier:          +ORGXCb4uI0Y7sFjn4AH2aoSpZftgm/MK3QAloOb5F4=
Subject key identifier:   40:99:7B:A1:88:DF:C0:A4:39:67:24:11:60:E1:35:28:51:75:AC:11
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01867D5AF02BE475F972CBD1D001B7B007E1
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/QJl7oYjfwKQ5ZyQRYOE1KFF1rBE.roa
Signing time:             Thu 23 Feb 2023 08:19:17 +0000
ROA not before:           Thu 23 Feb 2023 08:19:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.113.0/24 maxlen: 24
                          46.37.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 10:19:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7d:5a:f0:2b:e4:75:f9:72:cb:d1:d0:01:b7:b0:07:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Feb 23 08:19:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40997ba188dfc0a43967241160e135285175ac11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c5:64:08:d6:aa:72:c1:25:8e:08:f2:78:78:
                    bc:e5:ec:2f:55:4e:78:12:1f:1c:67:ec:ce:35:ef:
                    ae:e7:8a:8c:fc:c8:87:d7:8c:ee:97:41:03:24:05:
                    d9:de:f8:ce:69:78:4c:1a:63:58:da:31:ad:45:7a:
                    4c:ce:cd:00:2d:5d:0b:85:c2:dd:b6:0c:41:ed:fb:
                    f0:d4:47:f7:d9:28:ad:dd:c2:41:9f:1d:3e:a6:c2:
                    3a:e7:2d:59:00:85:40:9c:66:27:2c:70:f2:77:ec:
                    66:a2:15:3a:a1:ef:dd:39:fb:55:c9:ec:5e:23:30:
                    5e:7e:57:bc:df:5a:97:a1:15:4a:21:d5:c7:05:dc:
                    fb:0d:ae:d0:e0:bd:90:4e:1e:68:73:86:72:b4:e8:
                    f2:45:1f:61:96:42:29:c7:9a:05:b0:42:ea:1b:4b:
                    06:b0:f1:47:dd:55:d8:39:2f:ed:e3:19:d0:9d:c7:
                    31:fc:f8:11:0f:16:97:e4:5e:c1:a9:4c:61:ca:e2:
                    07:5c:29:23:5f:54:06:53:a3:cb:98:28:34:02:d4:
                    8f:37:0b:08:1e:9b:d4:60:b8:ce:5b:66:e6:3d:b4:
                    a5:eb:ac:20:35:07:a3:1a:9b:69:3f:3f:9d:1a:8b:
                    19:b6:a6:1e:74:52:63:17:cb:a0:06:22:72:eb:67:
                    da:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:99:7B:A1:88:DF:C0:A4:39:67:24:11:60:E1:35:28:51:75:AC:11
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/QJl7oYjfwKQ5ZyQRYOE1KFF1rBE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.113.0-46.37.114.255

    Signature Algorithm: sha256WithRSAEncryption
         bd:2d:40:4d:9d:ac:55:40:5f:60:30:97:42:dc:f9:f3:95:cf:
         ee:6d:7b:c7:94:93:61:2b:50:b6:f8:bc:47:cc:c0:0f:cd:69:
         95:bc:21:2b:70:b3:9e:1c:f2:3a:77:07:86:f7:05:cf:3b:aa:
         65:a4:dd:f5:e5:10:ca:cf:a6:1b:f9:3d:f8:7b:e5:e1:9f:c9:
         50:26:9d:1e:4d:f5:39:97:a7:3c:01:53:76:0d:6c:8e:aa:69:
         55:ec:df:0a:6e:29:73:61:0e:99:c1:e9:f4:78:70:c9:24:01:
         18:ab:aa:65:e2:f8:c5:dd:ec:46:25:3e:dd:9e:0c:be:ed:26:
         e8:9d:f6:f3:54:ed:9a:d5:52:15:77:55:86:d5:4a:73:79:d4:
         42:60:7a:3d:90:b7:38:d4:13:e2:41:ae:82:e1:bf:ec:b1:e8:
         bf:f4:e3:b5:86:0c:9b:e0:2f:c7:9a:9d:69:e5:81:b1:ed:4d:
         c3:57:a1:a2:6c:40:6a:60:c0:ec:e6:0b:b4:d8:54:b6:f4:2d:
         2c:5b:aa:c7:89:7e:ef:e9:d4:91:d5:a4:dc:23:46:0e:c7:88:
         e0:c1:d9:71:08:86:bc:bc:f4:7a:bc:42:96:af:f1:5a:91:2e:
         3e:f5:8c:ce:42:ac:3d:1d:3f:ca:59:4a:d4:27:51:cf:2f:e9:
         43:8e:c2:5c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYZ9WvAr5HX5csvR0AG3sAfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwMjIzMDgxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk5N2JhMTg4ZGZjMGE0Mzk2NzI0MTE2MGUxMzUyODUxNzVhYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcVkCNaqcsEljgjyeHi85ewvVU54
Eh8cZ+zONe+u54qM/MiH14zul0EDJAXZ3vjOaXhMGmNY2jGtRXpMzs0ALV0LhcLd
tgxB7fvw1Ef32Sit3cJBnx0+psI65y1ZAIVAnGYnLHDyd+xmohU6oe/dOftVyexe
IzBefle831qXoRVKIdXHBdz7Da7Q4L2QTh5oc4ZytOjyRR9hlkIpx5oFsELqG0sG
sPFH3VXYOS/t4xnQnccx/PgRDxaX5F7BqUxhyuIHXCkjX1QGU6PLmCg0AtSPNwsI
HpvUYLjOW2bmPbSl66wgNQejGptpPz+dGosZtqYedFJjF8ugBiJy62faXwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFECZe6GI38CkOWckEWDhNShRdawRMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUUpsN29ZamZ3S1E1WnlRUllPRTFLRkYxckJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALiViMAwD
BAAuJXEDBAAuJXIwDQYJKoZIhvcNAQELBQADggEBAL0tQE2drFVAX2Awl0Lc+fOV
z+5te8eUk2ErULb4vEfMwA/NaZW8IStws54c8jp3B4b3Bc87qmWk3fXlEMrPphv5
Pfh75eGfyVAmnR5N9TmXpzwBU3YNbI6qaVXs3wpuKXNhDpnB6fR4cMkkARirqmXi
+MXd7EYlPt2eDL7tJuid9vNU7ZrVUhV3VYbVSnN51EJgej2QtzjUE+JBroLhv+yx
6L/047WGDJvgL8eanWnlgbHtTcNXoaJsQGpgwOzmC7TYVLb0LSxbqseJfu/p1JHV
pNwjRg7HiODB2XEIhry89Hq8Qpav8VqRLj71jM5CrD0dP8pZStQnUc8v6UOOwlw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org