Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uI7Cy2ZgHAJGNIWoiOs2YuIgIQg.roa
File:                     uI7Cy2ZgHAJGNIWoiOs2YuIgIQg.roa (raw, json)
Hash identifier:          zuvZaXKRFNPdq/ZmBri3FA0XAYFNIQwb0rNJIxTKpj4=
Subject key identifier:   B8:8E:C2:CB:66:60:1C:02:46:34:85:A8:88:EB:36:62:E2:20:21:08
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0187D5DDE3B9EACE6D63800BDEEEAC4E8E23
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uI7Cy2ZgHAJGNIWoiOs2YuIgIQg.roa
Signing time:             Mon 01 May 2023 05:51:41 +0000
ROA not before:           Mon 01 May 2023 05:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.100.0/24 maxlen: 24
                          46.37.105.0/24 maxlen: 24
                          46.37.102.0/24 maxlen: 24
                          46.37.109.0/24 maxlen: 24
                          185.92.44.0/24 maxlen: 24
                          46.37.106.0/24 maxlen: 24
                          46.37.118.0/24 maxlen: 24
                          185.92.47.0/24 maxlen: 24
                          185.92.46.0/24 maxlen: 24
                          46.37.119.0/24 maxlen: 24
                          46.37.121.0/24 maxlen: 24
                          46.37.120.0/24 maxlen: 24
                          46.37.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 May 2023 21:09:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d5:dd:e3:b9:ea:ce:6d:63:80:0b:de:ee:ac:4e:8e:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: May  1 05:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b88ec2cb66601c02463485a888eb3662e2202108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:00:37:f4:88:d8:7e:77:74:ea:08:78:2c:04:
                    f2:ca:24:af:4b:bc:6f:7e:5d:69:34:04:75:d9:8f:
                    7b:64:ce:89:59:c3:a9:1a:8d:64:f3:40:d4:b9:7f:
                    8e:64:4d:65:ad:0c:94:86:65:a6:56:ce:65:23:68:
                    a1:40:50:57:11:93:08:dd:2f:ab:c4:d7:0d:3e:1a:
                    32:5c:3c:1e:e3:96:af:32:85:71:f0:99:c8:ed:5e:
                    03:9e:8d:7b:83:c7:c8:7b:3e:16:a2:75:fc:ed:be:
                    de:8d:c2:5f:78:b1:d3:ec:08:37:6e:56:8e:46:ea:
                    96:25:9c:79:c7:b1:d5:31:e0:66:22:bf:a1:61:97:
                    51:d9:55:48:05:bb:15:c0:38:ee:39:d0:fb:28:94:
                    36:4f:8e:eb:c4:25:c8:bf:c8:6f:eb:de:04:31:91:
                    81:b6:1a:b9:e5:7d:64:25:58:4d:b1:35:4d:46:9d:
                    33:5b:4b:a1:13:4c:10:6a:8a:6b:82:e6:db:38:60:
                    5c:3a:b0:f6:ac:68:a9:a6:81:74:02:3f:59:a8:10:
                    99:63:09:05:f9:28:79:fc:d6:43:da:4e:77:09:4b:
                    a8:29:9f:24:31:00:33:ff:f6:ff:b4:82:15:c3:d9:
                    d1:ac:2b:3b:74:85:e9:93:9b:7f:37:0e:e0:39:e0:
                    58:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:8E:C2:CB:66:60:1C:02:46:34:85:A8:88:EB:36:62:E2:20:21:08
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uI7Cy2ZgHAJGNIWoiOs2YuIgIQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.100.0/24
                  46.37.102.0/24
                  46.37.105.0-46.37.106.255
                  46.37.109.0/24
                  46.37.118.0-46.37.121.255
                  46.37.126.0/24
                  185.92.44.0/24
                  185.92.46.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6c:50:55:42:9d:a3:9c:47:c9:ce:88:6c:83:4c:f4:1a:5f:f2:
         99:a7:f3:21:06:67:67:88:22:29:85:f5:19:4f:0e:5b:51:6c:
         e6:b1:bf:81:14:07:a9:44:5c:50:ec:b2:55:be:27:a1:00:74:
         74:0f:0f:5c:1e:f6:91:81:65:4a:a2:dc:b8:7b:cd:c8:46:bb:
         45:69:44:af:5e:68:64:f6:c8:59:ba:40:b8:07:8d:ab:b7:c6:
         3b:a4:5f:ca:a7:0c:10:86:dd:e5:d8:3f:c0:f2:08:81:43:5a:
         32:45:44:53:57:ee:47:d4:e9:3b:8e:20:64:0f:af:54:ce:11:
         15:31:0b:4a:b7:b1:bb:ab:5c:1e:11:3d:5c:83:97:10:3f:5a:
         bf:f9:59:86:e6:21:3a:4c:1e:20:db:be:f5:13:2e:39:bf:08:
         fa:38:30:cc:9c:3e:4e:db:c4:0d:25:d7:84:bf:ae:ce:c4:7c:
         7c:3f:5c:2d:62:97:cd:34:3a:22:f9:e2:9d:01:ae:24:3c:d8:
         c3:99:84:1b:2b:d5:9b:28:0e:2c:e3:f0:ca:1d:3c:3b:02:ca:
         7e:e0:09:80:6f:c6:de:ea:77:e8:91:ba:17:a7:74:78:cc:16:
         2e:50:36:4f:6b:71:b3:77:54:57:39:c3:00:3b:ae:47:ec:59:
         7d:16:70:e5
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYfV3eO56s5tY4AL3u6sTo4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNTAxMDU1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODhlYzJjYjY2NjAxYzAyNDYzNDg1YTg4OGViMzY2MmUyMjAyMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgA39IjYfnd06gh4LATyyiSvS7xv
fl1pNAR12Y97ZM6JWcOpGo1k80DUuX+OZE1lrQyUhmWmVs5lI2ihQFBXEZMI3S+r
xNcNPhoyXDwe45avMoVx8JnI7V4Dno17g8fIez4WonX87b7ejcJfeLHT7Ag3blaO
RuqWJZx5x7HVMeBmIr+hYZdR2VVIBbsVwDjuOdD7KJQ2T47rxCXIv8hv694EMZGB
thq55X1kJVhNsTVNRp0zW0uhE0wQaoprgubbOGBcOrD2rGippoF0Aj9ZqBCZYwkF
+Sh5/NZD2k53CUuoKZ8kMQAz//b/tIIVw9nRrCs7dIXpk5t/Nw7gOeBYRQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLiOwstmYBwCRjSFqIjrNmLiICEIMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvdUk3Q3kyWmdIQUpHTklXb2lPczJZdUlnSVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQALiViAwQA
LiVkAwQALiVmMAwDBAAuJWkDBAAuJWoDBAAuJW0wDAMEAS4ldgMEAS4leAMEAC4l
fgMEALlcLAMEAblcLjANBgkqhkiG9w0BAQsFAAOCAQEAbFBVQp2jnEfJzohsg0z0
Gl/ymafzIQZnZ4giKYX1GU8OW1Fs5rG/gRQHqURcUOyyVb4noQB0dA8PXB72kYFl
SqLcuHvNyEa7RWlEr15oZPbIWbpAuAeNq7fGO6RfyqcMEIbd5dg/wPIIgUNaMkVE
U1fuR9TpO44gZA+vVM4RFTELSrexu6tcHhE9XIOXED9av/lZhuYhOkweINu+9RMu
Ob8I+jgwzJw+TtvEDSXXhL+uzsR8fD9cLWKXzTQ6IvninQGuJDzYw5mEGyvVmygO
LOPwyh08OwLKfuAJgG/G3up36JG6F6d0eMwWLlA2T2txs3dUVznDADuuR+xZfRZw
5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org