Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/vvlS9lUpLCGPNBOx1jWS5zcAuXc.roa
File:                     vvlS9lUpLCGPNBOx1jWS5zcAuXc.roa (raw, json)
Hash identifier:          vNr2LbE2kjta617waSa1x4po8MKzkLp3WcwQZru3cnM=
Subject key identifier:   BE:F9:52:F6:55:29:2C:21:8F:34:13:B1:D6:35:92:E7:37:00:B9:77
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018956E84E35711808493F0DB447B2CE0A85
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/vvlS9lUpLCGPNBOx1jWS5zcAuXc.roa
Signing time:             Sat 15 Jul 2023 00:16:52 +0000
ROA not before:           Sat 15 Jul 2023 00:16:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.100.0/24 maxlen: 24
                          46.37.105.0/24 maxlen: 24
                          46.37.102.0/24 maxlen: 24
                          46.37.101.0/24 maxlen: 24
                          46.37.109.0/24 maxlen: 24
                          185.92.44.0/24 maxlen: 24
                          46.37.106.0/24 maxlen: 24
                          46.37.118.0/24 maxlen: 24
                          185.92.47.0/24 maxlen: 24
                          185.92.46.0/24 maxlen: 24
                          46.37.121.0/24 maxlen: 24
                          46.37.120.0/24 maxlen: 24
                          46.37.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Jul 2023 22:43:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:56:e8:4e:35:71:18:08:49:3f:0d:b4:47:b2:ce:0a:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jul 15 00:16:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bef952f655292c218f3413b1d63592e73700b977
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:fe:9d:22:35:8d:11:fd:4d:9e:1c:a9:4b:3d:
                    2c:db:5f:f8:48:bf:90:fd:18:cf:1a:c2:b7:11:4e:
                    57:d9:af:1f:4e:af:65:f2:05:42:6c:7d:65:2d:03:
                    36:8c:e4:8e:72:df:97:16:22:78:f1:c2:02:ec:f2:
                    ac:a9:e6:73:e2:ac:b5:5f:45:8a:8c:c8:69:33:6b:
                    9f:bd:d4:b4:31:df:6c:af:1d:8d:43:ff:e5:e4:8a:
                    84:18:f8:04:58:6e:45:c7:7b:0f:ea:09:fc:49:35:
                    08:2c:9e:1c:0a:ae:9b:97:d0:cd:12:f4:df:e8:38:
                    45:5e:a6:77:fe:df:52:f1:08:98:bc:e0:a2:fb:93:
                    51:64:cb:50:7e:ac:25:70:39:0c:b0:eb:b4:d2:57:
                    83:40:85:ea:3b:4f:f0:55:7b:d6:9f:4c:ee:a0:29:
                    e9:da:03:f6:5f:74:69:49:28:60:6b:10:c4:a0:78:
                    18:8d:34:26:3c:ba:b1:81:08:1a:36:c1:a3:0d:3d:
                    7d:00:de:61:c7:b7:58:a2:40:65:79:05:e5:63:37:
                    98:2c:06:29:d6:91:70:18:9d:53:31:80:ad:15:12:
                    2e:40:c8:37:01:87:a0:3f:84:26:ee:e5:dc:a8:1f:
                    10:de:41:63:85:02:0b:ef:cd:cb:7f:40:76:be:0d:
                    24:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:F9:52:F6:55:29:2C:21:8F:34:13:B1:D6:35:92:E7:37:00:B9:77
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/vvlS9lUpLCGPNBOx1jWS5zcAuXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.100.0-46.37.102.255
                  46.37.105.0-46.37.106.255
                  46.37.109.0/24
                  46.37.118.0/24
                  46.37.120.0/23
                  46.37.126.0/24
                  185.92.44.0/24
                  185.92.46.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:bb:b1:34:02:5f:c2:4b:ad:c0:a3:08:b6:ac:28:c2:33:c9:
         3a:51:96:ca:64:35:a4:08:f0:5d:25:15:b4:98:a1:a5:b1:00:
         de:e0:9b:56:5a:13:f9:f4:7d:88:31:09:62:07:ea:85:d4:54:
         e0:c2:b8:e8:61:96:35:6a:56:02:f3:bb:e4:cf:60:c0:d0:63:
         a6:82:0b:ca:16:0e:fa:f7:c8:3b:af:bf:5e:17:be:39:c9:4b:
         6c:0a:0c:8e:56:e4:1a:17:92:cc:80:f5:28:7f:51:fc:b0:cb:
         2c:8c:67:11:8b:d4:1b:7a:d8:e0:25:84:65:f2:86:0e:23:30:
         38:99:e2:d0:0e:14:64:5f:99:30:c7:28:ad:c6:27:6a:5a:8d:
         a5:d5:d7:df:f8:95:f1:49:a6:19:68:25:36:e0:e1:81:f1:7b:
         3f:97:bb:69:44:2e:67:50:d7:44:4f:7f:57:d6:41:9a:eb:7e:
         6a:06:ce:7b:92:3c:cc:33:c3:f9:92:b0:03:16:92:b4:75:72:
         a5:34:4e:83:28:51:e5:f7:e2:5c:b1:2a:d4:57:9d:75:cd:16:
         f7:a0:4c:40:95:94:80:33:08:a5:c7:86:58:34:37:21:bc:42:
         3a:db:35:b0:18:91:a9:e9:85:b1:13:35:c1:e8:68:b5:66:99:
         ac:9c:f1:d3
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYlW6E41cRgIST8NtEeyzgqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNzE1MDAxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWY5NTJmNjU1MjkyYzIxOGYzNDEzYjFkNjM1OTJlNzM3MDBiOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf6dIjWNEf1NnhypSz0s21/4SL+Q
/RjPGsK3EU5X2a8fTq9l8gVCbH1lLQM2jOSOct+XFiJ48cIC7PKsqeZz4qy1X0WK
jMhpM2ufvdS0Md9srx2NQ//l5IqEGPgEWG5Fx3sP6gn8STUILJ4cCq6bl9DNEvTf
6DhFXqZ3/t9S8QiYvOCi+5NRZMtQfqwlcDkMsOu00leDQIXqO0/wVXvWn0zuoCnp
2gP2X3RpSShgaxDEoHgYjTQmPLqxgQgaNsGjDT19AN5hx7dYokBleQXlYzeYLAYp
1pFwGJ1TMYCtFRIuQMg3AYegP4Qm7uXcqB8Q3kFjhQIL783Lf0B2vg0kkwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFL75UvZVKSwhjzQTsdY1kuc3ALl3MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvdnZsUzlsVXBMQ0dQTkJPeDFqV1M1emNBdVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQALiViMAwD
BAIuJWQDBAAuJWYwDAMEAC4laQMEAC4lagMEAC4lbQMEAC4ldgMEAS4leAMEAC4l
fgMEALlcLAMEAblcLjANBgkqhkiG9w0BAQsFAAOCAQEAOLuxNAJfwkutwKMItqwo
wjPJOlGWymQ1pAjwXSUVtJihpbEA3uCbVloT+fR9iDEJYgfqhdRU4MK46GGWNWpW
AvO75M9gwNBjpoILyhYO+vfIO6+/Xhe+OclLbAoMjlbkGheSzID1KH9R/LDLLIxn
EYvUG3rY4CWEZfKGDiMwOJni0A4UZF+ZMMcorcYnalqNpdXX3/iV8UmmGWglNuDh
gfF7P5e7aUQuZ1DXRE9/V9ZBmut+agbOe5I8zDPD+ZKwAxaStHVypTROgyhR5ffi
XLEq1Feddc0W96BMQJWUgDMIpceGWDQ3IbxCOts1sBiRqemFsRM1wehotWaZrJzx
0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org