Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/s-ecRna0tFkKZtTd07p9gw4XhQU.roa
File:                     s-ecRna0tFkKZtTd07p9gw4XhQU.roa (raw, json)
Hash identifier:          dH+kedP+Ayx5PjwFtTgB9Qp3qXlp64R50RfP+KH1aMs=
Subject key identifier:   B3:E7:9C:46:76:B4:B4:59:0A:66:D4:DD:D3:BA:7D:83:0E:17:85:05
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018BF650F206A4BB1C065B015A7473FEE07A
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/s-ecRna0tFkKZtTd07p9gw4XhQU.roa
Signing time:             Wed 22 Nov 2023 09:16:21 +0000
ROA not before:           Wed 22 Nov 2023 09:16:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.113.0/24 maxlen: 24
                          46.37.120.0/24 maxlen: 24
                          46.37.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 22:52:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f6:50:f2:06:a4:bb:1c:06:5b:01:5a:74:73:fe:e0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Nov 22 09:16:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3e79c4676b4b4590a66d4ddd3ba7d830e178505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b5:ba:f9:9c:ad:4e:cc:e9:d3:0d:a8:e8:56:
                    58:4a:0b:13:7a:16:45:3b:cd:a6:f2:85:da:81:e7:
                    26:3a:18:ed:cf:0c:63:bd:2e:b7:2c:9e:bf:29:c5:
                    9b:4f:de:e0:b6:16:8d:3a:a4:9b:41:1e:27:9f:6c:
                    53:d6:36:1f:4a:4f:9d:9c:87:ee:be:0f:f6:21:7f:
                    2e:ad:2f:31:fd:0c:9a:93:b3:c7:83:50:e2:73:51:
                    23:71:d5:28:03:5d:f5:2a:19:91:be:0d:8c:9a:15:
                    50:3e:22:30:d7:42:78:ea:c8:ee:7e:5e:27:e7:02:
                    5f:36:84:93:c9:c5:15:9a:ff:ed:a5:09:8e:87:69:
                    24:57:b2:0f:cf:da:2f:48:1c:c4:a6:dc:f6:ce:7e:
                    02:73:02:f6:d8:0f:03:8e:7b:c8:bd:48:63:a8:bb:
                    91:9c:93:b7:3c:5b:73:7f:d7:0e:cb:fc:ce:82:10:
                    13:84:94:31:a7:cc:6c:4e:96:4a:e7:90:bd:68:63:
                    4f:30:76:92:f4:16:0a:26:45:33:06:51:06:eb:d8:
                    d0:64:b5:79:eb:50:12:ee:56:31:55:c2:cd:41:21:
                    9c:bf:b3:f2:3a:6d:54:fd:d4:d3:65:86:11:0c:d7:
                    ba:c3:70:c8:1e:38:b6:05:3d:45:de:7b:56:60:d4:
                    45:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:E7:9C:46:76:B4:B4:59:0A:66:D4:DD:D3:BA:7D:83:0E:17:85:05
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/s-ecRna0tFkKZtTd07p9gw4XhQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.113.0/24
                  46.37.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:d5:db:90:e5:fd:83:f5:4e:e4:45:45:eb:c8:4d:65:1e:4f:
         6b:0a:9a:ad:bc:c1:72:17:15:8a:6a:f3:5b:3e:8f:54:03:57:
         70:a2:6f:7e:3e:14:87:f5:d0:b3:f0:5a:f0:33:25:d0:13:61:
         58:37:7f:fe:37:b5:f3:31:9e:a8:1e:f7:9f:dc:90:32:51:5e:
         c7:cf:3a:6c:b6:8c:ae:53:b4:e3:e1:ee:7b:e7:4a:e7:d7:25:
         93:22:fe:4c:fa:0f:69:b9:ab:ca:59:7d:b0:78:f5:aa:c7:f1:
         be:99:be:e5:93:f0:87:17:b0:c6:1f:67:55:18:44:d0:c9:6e:
         f8:e3:90:a7:e6:9a:ec:87:b1:b2:4d:9d:b6:59:19:af:7f:9e:
         2b:df:cc:98:bc:2a:70:22:2d:99:49:16:79:1a:38:43:a0:42:
         df:dd:9a:34:e5:55:cd:7c:e9:e9:fc:9b:bc:8a:c2:ab:e4:46:
         4e:45:d7:15:ee:19:47:a9:1f:b9:89:31:2d:bf:b6:17:df:5e:
         4b:ec:14:5b:45:8f:6f:73:98:89:5a:33:2a:60:42:a7:85:6c:
         ea:7b:67:5e:e1:b9:d0:ee:bb:08:cc:67:05:94:3f:fc:13:2a:
         76:2a:c9:e2:7a:94:a7:af:6f:7e:03:9c:7a:a4:e4:95:8b:cb:
         cc:2b:a6:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv2UPIGpLscBlsBWnRz/uB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMTIyMDkxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U3OWM0Njc2YjRiNDU5MGE2NmQ0ZGRkM2JhN2Q4MzBlMTc4NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbW6+ZytTszp0w2o6FZYSgsTehZF
O82m8oXagecmOhjtzwxjvS63LJ6/KcWbT97gthaNOqSbQR4nn2xT1jYfSk+dnIfu
vg/2IX8urS8x/Qyak7PHg1Dic1EjcdUoA131KhmRvg2MmhVQPiIw10J46sjufl4n
5wJfNoSTycUVmv/tpQmOh2kkV7IPz9ovSBzEptz2zn4CcwL22A8DjnvIvUhjqLuR
nJO3PFtzf9cOy/zOghAThJQxp8xsTpZK55C9aGNPMHaS9BYKJkUzBlEG69jQZLV5
61AS7lYxVcLNQSGcv7PyOm1U/dTTZYYRDNe6w3DIHji2BT1F3ntWYNRFkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLPnnEZ2tLRZCmbU3dO6fYMOF4UFMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvcy1lY1JuYTB0RmtLWnRUZDA3cDlndzRYaFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQBLiV4MA0GCSqGSIb3DQEBCwUAA4IBAQCB1duQ5f2D9U7kRUXryE1lHk9r
CpqtvMFyFxWKavNbPo9UA1dwom9+PhSH9dCz8FrwMyXQE2FYN3/+N7XzMZ6oHvef
3JAyUV7HzzpstoyuU7Tj4e5750rn1yWTIv5M+g9puavKWX2wePWqx/G+mb7lk/CH
F7DGH2dVGETQyW7445Cn5prsh7GyTZ22WRmvf54r38yYvCpwIi2ZSRZ5GjhDoELf
3Zo05VXNfOnp/Ju8isKr5EZORdcV7hlHqR+5iTEtv7YX315L7BRbRY9vc5iJWjMq
YEKnhWzqe2de4bnQ7rsIzGcFlD/8Eyp2KsniepSnr29+A5x6pOSVi8vMK6ZM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org