Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/iiQVQkKIX3yOol6c895gUMKR0to.roa
File:                     iiQVQkKIX3yOol6c895gUMKR0to.roa (raw, json)
Hash identifier:          XjLdqauVGJVh+sERrFuHEgF5h0hyd1xPSzdZdxtmiQY=
Subject key identifier:   8A:24:15:42:42:88:5F:7C:8E:A2:5E:9C:F3:DE:60:50:C2:91:D2:DA
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018AE2A15AD4E31C3CD1329347BFABC2839D
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/iiQVQkKIX3yOol6c895gUMKR0to.roa
Signing time:             Fri 29 Sep 2023 20:28:59 +0000
ROA not before:           Fri 29 Sep 2023 20:28:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        46.37.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e2:a1:5a:d4:e3:1c:3c:d1:32:93:47:bf:ab:c2:83:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Sep 29 20:28:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a24154242885f7c8ea25e9cf3de6050c291d2da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:27:3c:b6:c2:86:c1:27:fe:40:74:1e:ec:0d:
                    af:5e:cd:9a:31:54:d7:f4:91:7d:47:0f:6f:bf:c5:
                    6d:4b:1a:f8:7e:93:c6:67:58:cf:bf:66:a8:5a:90:
                    62:03:c5:6f:59:44:2a:72:db:1b:80:d9:fc:e0:ec:
                    7b:6e:ff:31:5e:f6:a6:3e:49:64:f3:fd:a0:45:06:
                    ec:09:23:74:38:2f:f8:34:e6:2c:44:85:ff:3f:9b:
                    ff:9d:e0:07:d7:03:bd:5c:42:2a:63:4b:ff:c5:5e:
                    e8:28:63:c6:4c:ad:d9:88:fd:21:0e:36:fe:62:07:
                    4e:48:6b:61:58:ba:38:14:bd:35:f2:17:48:97:2f:
                    64:e5:ca:b8:ae:99:82:95:a3:e8:07:05:0f:9c:19:
                    17:20:e3:9e:8c:97:c7:a8:34:75:6b:0d:f8:b2:68:
                    5d:f0:0a:2e:9f:22:31:1e:43:b3:cd:51:cd:d4:20:
                    3c:d3:51:eb:0e:5d:a1:d3:d1:47:48:ac:5c:d1:bf:
                    ab:a9:1b:26:69:41:2f:f3:01:35:d7:29:30:1a:e9:
                    24:53:7e:4c:64:18:4e:08:c5:58:81:c0:ca:86:e3:
                    25:d5:04:f0:dc:54:df:1f:41:9c:a5:71:6d:52:37:
                    9f:26:0a:60:e2:0a:b9:ec:ea:a1:b5:ec:21:73:46:
                    c1:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:24:15:42:42:88:5F:7C:8E:A2:5E:9C:F3:DE:60:50:C2:91:D2:DA
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/iiQVQkKIX3yOol6c895gUMKR0to.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:d7:7d:c3:99:ba:18:9f:7c:d6:9b:31:47:ce:eb:8d:55:f6:
         5b:69:e5:55:20:1e:29:42:4d:16:cd:83:87:fe:8e:44:67:f4:
         b1:69:84:4e:f9:6a:98:3d:70:cf:4a:76:dc:62:69:14:9c:6b:
         ef:17:e8:86:83:ba:c9:26:fd:d1:06:ac:b0:3a:7b:8a:e5:6e:
         39:4b:0d:c2:2d:9a:95:7e:59:7e:ef:73:f8:e5:18:8c:03:cd:
         6f:f1:42:53:86:e0:c1:d2:59:de:e9:29:12:86:ee:ea:da:13:
         c8:37:8d:41:18:4a:7e:a0:02:fd:50:df:92:1f:c3:62:b4:cd:
         bd:c5:8b:2e:09:b4:59:75:a5:cf:f9:96:7a:a4:d0:1a:1e:0a:
         e8:58:a5:1d:57:8c:aa:04:03:ef:1a:97:ef:d7:f0:31:71:dc:
         7d:34:5d:6d:6e:fb:4f:5c:c7:be:2e:2e:24:0e:56:38:d0:37:
         27:d8:9a:c9:16:7c:36:87:bd:30:92:99:e7:37:0e:e6:8d:b4:
         4b:4f:1c:23:39:b1:53:ea:45:57:63:f4:69:a1:73:a2:33:7a:
         a0:df:87:8e:30:c7:ab:0c:0c:8d:7c:71:d6:4d:0b:3e:4a:21:
         ee:52:0d:bf:a8:13:88:32:68:de:6d:b7:0f:9f:f9:45:97:a7:
         a0:52:ef:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrioVrU4xw80TKTR7+rwoOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwOTI5MjAyODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI0MTU0MjQyODg1ZjdjOGVhMjVlOWNmM2RlNjA1MGMyOTFkMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Sc8tsKGwSf+QHQe7A2vXs2aMVTX
9JF9Rw9vv8VtSxr4fpPGZ1jPv2aoWpBiA8VvWUQqctsbgNn84Ox7bv8xXvamPklk
8/2gRQbsCSN0OC/4NOYsRIX/P5v/neAH1wO9XEIqY0v/xV7oKGPGTK3ZiP0hDjb+
YgdOSGthWLo4FL018hdIly9k5cq4rpmClaPoBwUPnBkXIOOejJfHqDR1aw34smhd
8AounyIxHkOzzVHN1CA801HrDl2h09FHSKxc0b+rqRsmaUEv8wE11ykwGukkU35M
ZBhOCMVYgcDKhuMl1QTw3FTfH0GcpXFtUjefJgpg4gq57Oqhtewhc0bBZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIokFUJCiF98jqJenPPeYFDCkdLaMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvaWlRVlFrS0lYM3lPb2w2Yzg5NWdVTUtSMHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV1MA0G
CSqGSIb3DQEBCwUAA4IBAQAi133DmboYn3zWmzFHzuuNVfZbaeVVIB4pQk0WzYOH
/o5EZ/SxaYRO+WqYPXDPSnbcYmkUnGvvF+iGg7rJJv3RBqywOnuK5W45Sw3CLZqV
fll+73P45RiMA81v8UJThuDB0lne6SkShu7q2hPIN41BGEp+oAL9UN+SH8NitM29
xYsuCbRZdaXP+ZZ6pNAaHgroWKUdV4yqBAPvGpfv1/Axcdx9NF1tbvtPXMe+Li4k
DlY40Dcn2JrJFnw2h70wkpnnNw7mjbRLTxwjObFT6kVXY/RpoXOiM3qg34eOMMer
DAyNfHHWTQs+SiHuUg2/qBOIMmjebbcPn/lFl6egUu8r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org