Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/xmi-yBjTVmNQzk4n8Z7d18mrkVo.roa
File:                     xmi-yBjTVmNQzk4n8Z7d18mrkVo.roa (raw, json)
Hash identifier:          IorBXUwztOpT0sG013zM5bZzii8QISIEbEc2toHuPOg=
Subject key identifier:   C6:68:BE:C8:18:D3:56:63:50:CE:4E:27:F1:9E:DD:D7:C9:AB:91:5A
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01888BCFCF71FBE52FE8C0A6D1DA9FBF0D45
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/xmi-yBjTVmNQzk4n8Z7d18mrkVo.roa
Signing time:             Mon 05 Jun 2023 13:47:12 +0000
ROA not before:           Mon 05 Jun 2023 13:47:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204316
IP address blocks:        46.37.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8b:cf:cf:71:fb:e5:2f:e8:c0:a6:d1:da:9f:bf:0d:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jun  5 13:47:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c668bec818d3566350ce4e27f19eddd7c9ab915a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:24:74:c3:c1:f0:d5:d7:ad:c4:38:e0:1f:b2:
                    a3:ae:bf:d0:a8:e8:1e:03:bf:03:57:a2:69:c1:2f:
                    63:f0:80:f7:1b:11:5b:fd:56:40:df:b3:3f:60:8e:
                    e8:e2:5c:65:af:03:54:c5:1c:d1:04:f5:f9:23:65:
                    7b:9e:b5:b3:13:6f:73:28:06:7e:33:49:d8:5c:1a:
                    fb:f1:ea:8d:2d:24:3d:c3:ef:3c:7c:7e:a6:02:da:
                    d6:10:38:34:32:8a:84:dd:35:f3:f3:50:ca:34:2d:
                    ac:47:e7:37:22:f5:40:3b:44:d2:d8:7a:fd:87:0e:
                    23:bb:be:99:c7:62:0e:c6:81:e1:27:0b:40:2e:69:
                    7e:15:7c:6d:bd:a4:a8:42:13:d9:69:ca:80:2d:7e:
                    ab:3f:d3:c0:66:56:70:9b:0d:ac:37:9b:21:35:dc:
                    6b:74:4b:2b:52:27:83:63:ca:bc:e5:fe:7f:ed:d0:
                    0b:a1:ff:f4:35:75:bf:df:d0:43:65:2c:0b:08:42:
                    94:cb:21:6d:3f:69:45:00:9a:a7:76:6b:b2:68:de:
                    b6:b2:c9:bf:ec:61:b5:4b:1d:72:e4:32:a3:f0:38:
                    9a:06:f0:c2:c2:a0:eb:e2:9b:7b:6a:98:0f:ec:66:
                    31:64:4a:7d:a7:11:0d:50:63:af:fd:3a:90:a4:a7:
                    bc:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:68:BE:C8:18:D3:56:63:50:CE:4E:27:F1:9E:DD:D7:C9:AB:91:5A
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/xmi-yBjTVmNQzk4n8Z7d18mrkVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:26:d0:ec:ce:9e:7c:e2:49:44:86:90:88:7d:d0:0f:aa:1e:
         68:17:15:5b:ce:11:f9:52:38:b8:30:a3:83:41:5d:04:7d:32:
         8d:e8:4a:9d:32:e4:c7:0b:75:7f:67:e0:df:01:08:45:a6:63:
         61:b9:48:bc:1d:34:8e:e0:00:36:26:21:fb:9d:5c:3f:a4:25:
         8b:62:2e:5f:65:e6:e7:e3:52:e4:15:16:0f:34:3f:89:39:eb:
         72:71:3a:91:dc:bb:0b:71:94:b2:f5:6f:52:d6:e3:c2:eb:28:
         0f:d2:a9:d3:65:d6:2c:13:e0:e4:50:4c:d3:41:f1:d8:34:42:
         75:a3:83:3e:b0:8d:b1:fe:ba:5e:74:5f:b8:16:81:b8:e2:53:
         0b:17:b2:57:21:19:e9:4f:aa:17:cc:0b:4d:b3:46:dc:f3:76:
         d9:5c:7f:6b:65:9e:54:83:9e:fa:91:38:2b:d3:d4:da:52:0d:
         f8:28:1a:85:ac:2d:b6:d6:83:c2:cf:2f:ff:82:71:a2:43:f5:
         0c:8f:de:7e:73:ac:fd:2c:dd:63:e9:d5:e5:70:99:2f:a0:3a:
         88:02:f5:17:b5:0f:10:20:ad:d1:c3:0f:6d:77:0c:8e:a2:3d:
         24:30:06:f7:fc:99:d5:0f:e1:4e:1d:38:97:f6:01:ba:48:42:
         70:21:60:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiLz89x++Uv6MCm0dqfvw1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNjA1MTM0NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY4YmVjODE4ZDM1NjYzNTBjZTRlMjdmMTllZGRkN2M5YWI5MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSR0w8Hw1detxDjgH7Kjrr/QqOge
A78DV6JpwS9j8ID3GxFb/VZA37M/YI7o4lxlrwNUxRzRBPX5I2V7nrWzE29zKAZ+
M0nYXBr78eqNLSQ9w+88fH6mAtrWEDg0MoqE3TXz81DKNC2sR+c3IvVAO0TS2Hr9
hw4ju76Zx2IOxoHhJwtALml+FXxtvaSoQhPZacqALX6rP9PAZlZwmw2sN5shNdxr
dEsrUieDY8q85f5/7dALof/0NXW/39BDZSwLCEKUyyFtP2lFAJqndmuyaN62ssm/
7GG1Sx1y5DKj8DiaBvDCwqDr4pt7apgP7GYxZEp9pxENUGOv/TqQpKe8vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZovsgY01ZjUM5OJ/Ge3dfJq5FaMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEveG1pLXlCalRWbU5Rems0bjhaN2QxOG1ya1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVoMA0G
CSqGSIb3DQEBCwUAA4IBAQCWJtDszp584klEhpCIfdAPqh5oFxVbzhH5Uji4MKOD
QV0EfTKN6EqdMuTHC3V/Z+DfAQhFpmNhuUi8HTSO4AA2JiH7nVw/pCWLYi5fZebn
41LkFRYPND+JOetycTqR3LsLcZSy9W9S1uPC6ygP0qnTZdYsE+DkUEzTQfHYNEJ1
o4M+sI2x/rpedF+4FoG44lMLF7JXIRnpT6oXzAtNs0bc83bZXH9rZZ5Ug576kTgr
09TaUg34KBqFrC221oPCzy//gnGiQ/UMj95+c6z9LN1j6dXlcJkvoDqIAvUXtQ8Q
IK3Rww9tdwyOoj0kMAb3/JnVD+FOHTiX9gG6SEJwIWBR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org