Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/S7xmeZznG7VHu9lTih5SnuxPgZw.roa
File:                     S7xmeZznG7VHu9lTih5SnuxPgZw.roa (raw, json)
Hash identifier:          uHh6NR2z6cbA47S7O9MmH7W8Fwzc0JkBEfcVrJP4IJM=
Subject key identifier:   4B:BC:66:79:9C:E7:1B:B5:47:BB:D9:53:8A:1E:52:9E:EC:4F:81:9C
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01856D0AEA403CF53323547B152BB5BFE048
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/S7xmeZznG7VHu9lTih5SnuxPgZw.roa
Signing time:             Sun 01 Jan 2023 11:15:09 +0000
ROA not before:           Sun 01 Jan 2023 11:15:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        46.37.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:ea:40:3c:f5:33:23:54:7b:15:2b:b5:bf:e0:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 11:15:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4bbc66799ce71bb547bbd9538a1e529eec4f819c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:13:bd:7f:ac:e0:51:fe:e7:6d:67:40:d9:a2:
                    4e:77:d2:36:6c:e3:41:c2:fc:c5:82:89:38:1b:c2:
                    8d:b2:17:2f:c2:36:c4:1a:b2:82:ce:3b:2e:48:73:
                    e8:99:e8:a0:0c:e7:e4:3a:3a:d5:10:3a:3e:26:d1:
                    d9:90:66:55:3c:9f:68:40:19:91:bd:6c:b0:1e:b0:
                    44:a9:10:b6:56:53:68:d2:18:60:c3:63:44:d1:85:
                    c3:69:00:89:ff:7f:bb:f4:f6:36:a7:bd:83:b2:28:
                    24:41:3b:18:98:e5:12:02:70:59:e5:80:f1:d9:01:
                    f4:e4:f5:86:34:cb:ce:30:04:72:1f:75:af:1d:a3:
                    5d:4e:7c:cc:5a:d0:8a:56:66:c5:0d:0a:d8:68:f3:
                    5f:ee:8e:90:f6:ff:14:b0:94:e6:ff:55:d1:ab:20:
                    f2:f9:e1:33:4d:f8:a7:df:c6:12:4d:94:d8:2b:ee:
                    75:50:d9:bd:79:7d:10:d3:3c:ea:50:54:d0:eb:9b:
                    b4:4a:71:fe:0b:a2:b4:c9:18:8a:47:84:40:cc:4a:
                    3a:a5:dd:bb:cf:a4:0e:1c:9e:65:c8:02:7a:a4:4a:
                    d5:64:70:30:b8:74:66:31:7d:e9:69:b4:7b:cd:a0:
                    f3:1f:18:d8:24:1a:29:48:f0:b6:75:bd:bd:d0:9a:
                    84:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:BC:66:79:9C:E7:1B:B5:47:BB:D9:53:8A:1E:52:9E:EC:4F:81:9C
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/S7xmeZznG7VHu9lTih5SnuxPgZw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:7c:54:dd:49:bb:6c:d9:73:cd:15:01:89:96:c6:3e:57:87:
         63:18:7c:a8:9d:6e:b8:7a:0e:16:59:66:4b:a7:1f:06:bd:7f:
         61:f2:b2:8b:02:8a:25:48:63:3e:68:87:52:1b:cf:a1:8a:1b:
         ee:e1:9b:a4:9c:d4:c8:af:cb:38:fa:a0:8e:2f:a5:5d:94:d8:
         c6:ec:2b:33:48:00:1f:ce:41:cb:24:a8:82:57:c3:e5:0e:39:
         e8:94:d2:8f:9c:58:52:9e:bd:bd:57:00:64:c4:7a:e2:21:6c:
         61:f8:be:91:a1:b3:03:64:4d:c7:b8:a0:22:94:bb:ba:ab:f5:
         2a:87:00:4d:2c:97:2d:49:8a:c1:70:24:53:78:6b:e8:ab:29:
         28:67:b3:1c:de:58:ac:62:79:6d:d5:81:64:25:37:6f:d8:61:
         a3:01:1e:f2:cb:b7:94:78:a4:6b:26:1e:e0:d0:63:7f:2b:09:
         96:af:c5:53:8e:f6:fe:4a:d5:4d:32:8b:d3:7d:b0:c9:c4:9a:
         54:fe:6f:9c:cc:da:4b:4c:e1:29:c5:5a:98:1c:a2:17:c3:38:
         04:2e:06:66:fb:94:34:b0:8c:c6:90:16:32:94:a2:09:eb:03:
         5d:b9:03:b8:24:ab:84:89:5c:2e:6d:04:d1:8f:32:d4:39:c3:
         10:75:d3:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCupAPPUzI1R7FSu1v+BIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwMTAxMTExNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmJjNjY3OTljZTcxYmI1NDdiYmQ5NTM4YTFlNTI5ZWVjNGY4MTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxO9f6zgUf7nbWdA2aJOd9I2bONB
wvzFgok4G8KNshcvwjbEGrKCzjsuSHPomeigDOfkOjrVEDo+JtHZkGZVPJ9oQBmR
vWywHrBEqRC2VlNo0hhgw2NE0YXDaQCJ/3+79PY2p72DsigkQTsYmOUSAnBZ5YDx
2QH05PWGNMvOMARyH3WvHaNdTnzMWtCKVmbFDQrYaPNf7o6Q9v8UsJTm/1XRqyDy
+eEzTfin38YSTZTYK+51UNm9eX0Q0zzqUFTQ65u0SnH+C6K0yRiKR4RAzEo6pd27
z6QOHJ5lyAJ6pErVZHAwuHRmMX3pabR7zaDzHxjYJBopSPC2db290JqE5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEu8Znmc5xu1R7vZU4oeUp7sT4GcMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUzd4bWVaem5HN1ZIdTlsVGloNVNudXhQZ1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVmMA0G
CSqGSIb3DQEBCwUAA4IBAQBTfFTdSbts2XPNFQGJlsY+V4djGHyonW64eg4WWWZL
px8GvX9h8rKLAoolSGM+aIdSG8+hihvu4ZuknNTIr8s4+qCOL6VdlNjG7CszSAAf
zkHLJKiCV8PlDjnolNKPnFhSnr29VwBkxHriIWxh+L6RobMDZE3HuKAilLu6q/Uq
hwBNLJctSYrBcCRTeGvoqykoZ7Mc3lisYnlt1YFkJTdv2GGjAR7yy7eUeKRrJh7g
0GN/KwmWr8VTjvb+StVNMovTfbDJxJpU/m+czNpLTOEpxVqYHKIXwzgELgZm+5Q0
sIzGkBYylKIJ6wNduQO4JKuEiVwubQTRjzLUOcMQddP5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org