Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/ac8e6f-5f83-449b-8c9d-77c1048422d8/1/A7bS2ztpTP7Ll6uHmwGhrayz5YQ.roa
File:                     A7bS2ztpTP7Ll6uHmwGhrayz5YQ.roa (raw, json)
Hash identifier:          IogzZHSj1Tf/OCBDLwz0HTD3vuY/DShY3kezVu6ZJvc=
Subject key identifier:   03:B6:D2:DB:3B:69:4C:FE:CB:97:AB:87:9B:01:A1:AD:AC:B3:E5:84
Certificate issuer:       /CN=ac67c93b8225d04c3761c13cefee5f8329358e23
Certificate serial:       01856F549654764E4FE1ADF0FF5043B8B5F7
Authority key identifier: AC:67:C9:3B:82:25:D0:4C:37:61:C1:3C:EF:EE:5F:83:29:35:8E:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rGfJO4Il0Ew3YcE87-5fgyk1jiM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/ac8e6f-5f83-449b-8c9d-77c1048422d8/1/A7bS2ztpTP7Ll6uHmwGhrayz5YQ.roa
Signing time:             Sun 01 Jan 2023 21:54:52 +0000
ROA not before:           Sun 01 Jan 2023 21:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34592
IP address blocks:        37.137.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:96:54:76:4e:4f:e1:ad:f0:ff:50:43:b8:b5:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac67c93b8225d04c3761c13cefee5f8329358e23
        Validity
            Not Before: Jan  1 21:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=03b6d2db3b694cfecb97ab879b01a1adacb3e584
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:61:d0:39:46:a7:53:aa:c9:52:8f:fa:ac:cf:
                    ca:3f:c1:53:70:e2:f1:82:7e:87:93:77:a2:02:23:
                    a1:b7:c6:48:50:c2:03:f9:e5:95:c2:de:af:f2:31:
                    be:be:95:b5:a9:8f:91:ab:de:55:86:b9:97:8c:74:
                    29:f2:83:3d:df:3e:c1:42:81:15:f7:ec:a4:f0:a0:
                    0f:f9:3f:e6:b0:82:67:c0:70:66:5d:aa:cb:f6:36:
                    1a:db:85:f2:b1:15:60:c3:ae:4c:62:7d:7a:bb:d3:
                    b9:ba:ee:1d:71:dc:0e:d0:34:8d:4d:0c:ec:b6:9e:
                    83:77:38:ab:70:31:88:50:2e:88:9a:1b:f3:7f:59:
                    24:9c:ae:67:cb:bb:22:0a:09:9c:18:2b:a4:3c:d4:
                    86:1b:6a:8d:35:22:b6:1b:e1:d8:f1:4b:6d:31:59:
                    d6:d8:e5:0e:24:d0:23:67:31:9d:5a:78:08:21:13:
                    a2:e8:ae:2a:14:cb:18:00:e4:6d:77:a7:c4:0b:54:
                    d3:7d:91:c9:90:21:43:60:50:5d:66:54:c5:01:0a:
                    14:75:8e:63:34:c2:5c:2f:9f:e4:08:34:69:ab:73:
                    04:5b:de:e2:51:e1:20:b2:6e:cd:e1:84:d1:f8:de:
                    37:f1:b8:a5:0c:17:fc:ec:32:da:64:fc:14:db:f8:
                    38:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:B6:D2:DB:3B:69:4C:FE:CB:97:AB:87:9B:01:A1:AD:AC:B3:E5:84
            X509v3 Authority Key Identifier:
                keyid:AC:67:C9:3B:82:25:D0:4C:37:61:C1:3C:EF:EE:5F:83:29:35:8E:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rGfJO4Il0Ew3YcE87-5fgyk1jiM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/ac8e6f-5f83-449b-8c9d-77c1048422d8/1/A7bS2ztpTP7Ll6uHmwGhrayz5YQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/ac8e6f-5f83-449b-8c9d-77c1048422d8/1/rGfJO4Il0Ew3YcE87-5fgyk1jiM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.137.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:3f:3e:1a:72:f2:e3:17:79:7d:04:84:24:64:d8:9b:cf:fe:
         3d:c9:bb:b2:8f:ae:7c:c6:2e:a9:ec:5e:12:40:91:28:9e:09:
         f1:98:8e:67:50:74:70:74:b9:1e:de:1b:42:f2:90:cd:a4:08:
         99:ac:ce:d9:d3:0b:fc:c9:19:a7:13:f3:6e:1c:af:fc:2b:fd:
         dc:37:8e:b7:47:7a:cd:af:b8:99:77:ce:35:76:85:71:d5:b6:
         2c:64:5a:73:5c:29:46:c5:c6:0d:28:60:14:c4:6f:40:36:d3:
         3b:e2:3b:87:58:ef:d4:db:4b:c9:22:31:76:b4:38:b6:a5:fb:
         17:f6:77:cd:a1:56:38:00:6d:3a:c6:e7:54:9e:57:f8:7c:7b:
         8c:d1:d2:ee:f8:a3:9a:1e:7f:12:a2:56:58:9b:a6:d1:a8:09:
         5d:5d:be:41:6f:95:a8:42:37:02:86:4d:e9:13:d3:7d:66:d5:
         dc:7b:a5:28:2f:fe:d4:3e:a3:c2:97:f3:ed:85:d4:e5:22:38:
         e9:0c:7e:31:5b:86:c1:77:71:93:bb:ba:58:b6:ee:55:54:7d:
         b5:a7:ba:54:19:3a:80:71:9e:6e:31:03:af:20:a2:98:f4:83:
         48:53:58:46:51:f3:46:8e:78:dc:1e:e7:35:ec:da:dc:a4:8a:
         97:2d:71:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVJZUdk5P4a3w/1BDuLX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNjdjOTNiODIyNWQwNGMzNzYxYzEzY2VmZWU1ZjgzMjkz
NThlMjMwHhcNMjMwMTAxMjE1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I2ZDJkYjNiNjk0Y2ZlY2I5N2FiODc5YjAxYTFhZGFjYjNlNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGHQOUanU6rJUo/6rM/KP8FTcOLx
gn6Hk3eiAiOht8ZIUMID+eWVwt6v8jG+vpW1qY+Rq95VhrmXjHQp8oM93z7BQoEV
9+yk8KAP+T/msIJnwHBmXarL9jYa24XysRVgw65MYn16u9O5uu4dcdwO0DSNTQzs
tp6DdzircDGIUC6Imhvzf1kknK5ny7siCgmcGCukPNSGG2qNNSK2G+HY8UttMVnW
2OUOJNAjZzGdWngIIROi6K4qFMsYAORtd6fEC1TTfZHJkCFDYFBdZlTFAQoUdY5j
NMJcL5/kCDRpq3MEW97iUeEgsm7N4YTR+N438bilDBf87DLaZPwU2/g4bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAO20ts7aUz+y5erh5sBoa2ss+WEMB8GA1UdIwQY
MBaAFKxnyTuCJdBMN2HBPO/uX4MpNY4jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckdmSk80SWwwRXczWWNFODctNWZneWsxamlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hYzhlNmYtNWY4My00NDliLThjOWQt
NzdjMTA0ODQyMmQ4LzEvQTdiUzJ6dHBUUDdMbDZ1SG13R2hyYXl6NVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hYzhlNmYtNWY4My00NDliLThjOWQtNzdjMTA0ODQyMmQ4
LzEvckdmSk80SWwwRXczWWNFODctNWZneWsxamlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYklMA0G
CSqGSIb3DQEBCwUAA4IBAQAGPz4acvLjF3l9BIQkZNibz/49ybuyj658xi6p7F4S
QJEongnxmI5nUHRwdLke3htC8pDNpAiZrM7Z0wv8yRmnE/NuHK/8K/3cN463R3rN
r7iZd841doVx1bYsZFpzXClGxcYNKGAUxG9ANtM74juHWO/U20vJIjF2tDi2pfsX
9nfNoVY4AG06xudUnlf4fHuM0dLu+KOaHn8SolZYm6bRqAldXb5Bb5WoQjcChk3p
E9N9ZtXce6UoL/7UPqPCl/PthdTlIjjpDH4xW4bBd3GTu7pYtu5VVH21p7pUGTqA
cZ5uMQOvIKKY9INIU1hGUfNGjnjcHuc17NrcpIqXLXHn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:27 2024 by rpki-client on console-ams.rpki-client.org