Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/U6F9ui4niKL5KDtYm93jOMiPen0.roa
File:                     U6F9ui4niKL5KDtYm93jOMiPen0.roa (raw, json)
Hash identifier:          slYQb1/o8AFN+TcNSD9ewgRQqJc7IEYCl3fS1Bk8M8s=
Subject key identifier:   53:A1:7D:BA:2E:27:88:A2:F9:28:3B:58:9B:DD:E3:38:C8:8F:7A:7D
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018CC348B9C698A00D8792682F5510F708B4
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/U6F9ui4niKL5KDtYm93jOMiPen0.roa
Signing time:             Mon 01 Jan 2024 04:29:32 +0000
ROA not before:           Mon 01 Jan 2024 04:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.100.0/24 maxlen: 24
                          46.37.105.0/24 maxlen: 24
                          46.37.102.0/24 maxlen: 24
                          46.37.101.0/24 maxlen: 24
                          46.37.109.0/24 maxlen: 24
                          185.92.44.0/24 maxlen: 24
                          46.37.106.0/24 maxlen: 24
                          46.37.118.0/24 maxlen: 24
                          185.92.46.0/24 maxlen: 24
                          46.37.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 22:44:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:b9:c6:98:a0:0d:87:92:68:2f:55:10:f7:08:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 04:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=53a17dba2e2788a2f9283b589bdde338c88f7a7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f4:a3:b1:57:bd:b7:87:d1:a0:a9:4d:7f:91:
                    14:f8:48:68:d1:6d:db:c0:8f:cb:8a:9d:76:8c:b4:
                    d5:e8:a1:31:98:b4:3a:d0:f2:a1:2d:39:d5:7b:18:
                    2c:33:fa:ee:c6:fd:84:9e:8f:63:6e:51:5e:c7:e3:
                    3c:f5:fa:09:a0:15:26:17:7b:58:16:ba:17:c7:7c:
                    91:9f:1e:c2:23:ad:82:10:b0:30:56:36:53:93:c3:
                    3b:f9:4e:9d:93:f3:5d:96:9c:60:1d:39:69:72:80:
                    b4:09:6b:19:d4:c2:65:f6:11:ae:65:46:67:42:5f:
                    2e:51:16:fb:d2:81:15:3f:c9:28:19:44:40:0b:b4:
                    bd:fc:0d:9c:33:80:30:c0:aa:29:66:07:42:dd:f8:
                    49:cb:9c:65:6a:43:7c:46:8d:77:3c:6f:d1:34:5f:
                    5a:4a:b2:8a:c3:ef:cf:82:ce:c7:c6:5d:b9:0a:82:
                    26:9b:9d:bb:24:11:ae:5c:1c:e2:fb:50:0e:e6:12:
                    d6:0f:64:a1:62:b7:85:a9:79:cb:b3:5d:6c:54:35:
                    78:8c:81:b3:e7:f3:33:f1:87:a5:a0:09:e2:d2:a3:
                    ed:17:17:eb:63:ee:77:c1:fa:d0:d7:40:db:dd:b0:
                    e7:27:51:2e:b3:3f:8c:1e:46:e0:ed:73:6c:77:63:
                    bc:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:A1:7D:BA:2E:27:88:A2:F9:28:3B:58:9B:DD:E3:38:C8:8F:7A:7D
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/U6F9ui4niKL5KDtYm93jOMiPen0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.100.0-46.37.102.255
                  46.37.105.0-46.37.106.255
                  46.37.109.0/24
                  46.37.118.0/24
                  46.37.126.0/24
                  185.92.44.0/24
                  185.92.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:7a:00:96:d9:a6:64:0f:91:92:4c:bb:cc:4b:3e:d6:5b:d8:
         b6:65:19:82:3a:4e:f2:c8:2d:d8:34:d4:1f:a2:70:95:f8:d6:
         3e:c3:20:0e:11:7c:34:cd:2b:ad:cc:d5:88:d9:53:e8:68:fd:
         b5:d3:fc:2d:46:58:6f:ef:cc:3b:41:50:75:f2:89:38:95:d6:
         be:93:f1:78:7b:f6:6b:5a:7b:c7:17:03:bd:75:df:0b:77:ff:
         a8:86:e4:b9:18:c2:e5:2d:2e:e2:1c:d9:e7:17:5d:6d:a7:dc:
         59:77:71:b5:45:6e:8d:35:cb:8a:c0:3c:d4:0c:a2:52:f5:99:
         57:39:d5:67:91:65:20:e2:b4:2a:a2:73:04:78:39:9c:28:22:
         11:a8:8f:89:8a:c9:ca:31:85:16:be:51:23:d9:59:a3:77:e3:
         24:de:34:0b:da:79:66:2e:49:64:c7:73:08:6c:bc:82:5b:1b:
         05:43:5b:1d:f2:0c:2a:a8:5b:23:63:0b:e1:df:1e:8e:e5:d7:
         25:f7:e9:3e:a5:d3:d9:35:67:dc:c1:ff:16:45:94:47:e9:86:
         91:6e:c1:bc:a1:80:e6:1d:e1:d8:46:8b:56:78:97:61:0e:a6:
         43:8d:d9:1b:e5:d3:28:e3:ca:ef:97:a9:19:d3:0c:be:7e:29:
         ab:4c:0d:ff
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzDSLnGmKANh5JoL1UQ9wi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ExN2RiYTJlMjc4OGEyZjkyODNiNTg5YmRkZTMzOGM4OGY3YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/SjsVe9t4fRoKlNf5EU+Eho0W3b
wI/Lip12jLTV6KExmLQ60PKhLTnVexgsM/ruxv2Eno9jblFex+M89foJoBUmF3tY
FroXx3yRnx7CI62CELAwVjZTk8M7+U6dk/NdlpxgHTlpcoC0CWsZ1MJl9hGuZUZn
Ql8uURb70oEVP8koGURAC7S9/A2cM4AwwKopZgdC3fhJy5xlakN8Ro13PG/RNF9a
SrKKw+/Pgs7Hxl25CoImm527JBGuXBzi+1AO5hLWD2ShYreFqXnLs11sVDV4jIGz
5/Mz8YeloAni0qPtFxfrY+53wfrQ10Db3bDnJ1Eusz+MHkbg7XNsd2O8rQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFOhfbouJ4ii+Sg7WJvd4zjIj3p9MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVTZGOXVpNG5pS0w1S0R0WW05M2pPTWlQZW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQALiViMAwD
BAIuJWQDBAAuJWYwDAMEAC4laQMEAC4lagMEAC4lbQMEAC4ldgMEAC4lfgMEALlc
LAMEALlcLjANBgkqhkiG9w0BAQsFAAOCAQEAUnoAltmmZA+Rkky7zEs+1lvYtmUZ
gjpO8sgt2DTUH6JwlfjWPsMgDhF8NM0rrczViNlT6Gj9tdP8LUZYb+/MO0FQdfKJ
OJXWvpPxeHv2a1p7xxcDvXXfC3f/qIbkuRjC5S0u4hzZ5xddbafcWXdxtUVujTXL
isA81AyiUvWZVznVZ5FlIOK0KqJzBHg5nCgiEaiPiYrJyjGFFr5RI9lZo3fjJN40
C9p5Zi5JZMdzCGy8glsbBUNbHfIMKqhbI2ML4d8ejuXXJffpPqXT2TVn3MH/FkWU
R+mGkW7BvKGA5h3h2EaLVniXYQ6mQ43ZG+XTKOPK75epGdMMvn4pq0wN/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org