Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/dQ2yIC-Y1ETzP099Kw0iLVEbpl8.roa
File:                     dQ2yIC-Y1ETzP099Kw0iLVEbpl8.roa (raw, json)
Hash identifier:          7whWWE/ZMY0/RKLD6L8iYpAGbqZ2UNscreyOsBaTdtw=
Subject key identifier:   75:0D:B2:20:2F:98:D4:44:F3:3F:4F:7D:2B:0D:22:2D:51:1B:A6:5F
Certificate issuer:       /CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Certificate serial:       01857356137C2C0D280DAA751462B01FFC89
Authority key identifier: 2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/dQ2yIC-Y1ETzP099Kw0iLVEbpl8.roa
Signing time:             Mon 02 Jan 2023 16:34:58 +0000
ROA not before:           Mon 02 Jan 2023 16:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62187
IP address blocks:        37.235.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:56:13:7c:2c:0d:28:0d:aa:75:14:62:b0:1f:fc:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
        Validity
            Not Before: Jan  2 16:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=750db2202f98d444f33f4f7d2b0d222d511ba65f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:47:94:cf:c0:1b:e5:10:ae:04:58:42:55:fb:
                    a5:fe:9f:ba:fb:20:76:c7:89:82:68:14:e9:03:9c:
                    9a:1a:fa:46:a0:e3:ef:ba:c9:1d:0a:12:ac:80:0c:
                    dd:d7:da:17:a1:ec:96:36:ec:b8:cd:a8:f5:83:9c:
                    df:03:3c:ff:dd:23:6e:d8:9e:3e:1b:44:27:1a:b0:
                    43:0d:e0:7b:ab:fa:d1:04:af:0d:a4:42:11:d4:0b:
                    bf:7b:f9:06:46:f9:2d:c0:8a:c7:da:69:48:32:9b:
                    76:2a:b5:f9:98:b8:79:25:d7:b8:92:a6:6b:8c:57:
                    64:91:2b:3d:2e:cb:48:a7:e0:27:ab:e4:04:ee:02:
                    cd:4b:70:73:00:90:17:87:50:f6:fa:6d:3f:4f:89:
                    ca:84:c8:d3:8c:c3:49:94:ed:d1:ca:a9:8f:bf:5a:
                    a0:47:ef:be:f8:f9:dd:1a:24:5c:d1:d9:5b:0a:e0:
                    c7:d7:25:b0:60:07:7a:43:e4:cb:08:df:91:69:12:
                    8b:92:7f:e4:ff:a4:17:0b:11:ed:a4:9d:2f:10:31:
                    e2:71:9a:cd:9c:aa:8d:e4:05:66:5b:33:7c:78:55:
                    bb:e6:88:c3:c7:38:4b:5a:b0:1f:97:29:30:d3:8c:
                    29:49:10:88:33:02:2a:0f:7f:af:ea:41:27:73:45:
                    fa:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:0D:B2:20:2F:98:D4:44:F3:3F:4F:7D:2B:0D:22:2D:51:1B:A6:5F
            X509v3 Authority Key Identifier:
                keyid:2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/dQ2yIC-Y1ETzP099Kw0iLVEbpl8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/KseP1RenX3fz9P0imsXmcyVgxuE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:6e:77:f8:0d:d8:5c:b7:60:64:e9:50:0b:e7:a2:47:dd:43:
         20:95:8f:7f:85:b1:23:1c:bc:70:17:99:fd:5c:b3:05:65:4b:
         25:74:60:35:0d:66:5d:5f:a7:96:67:92:6f:ab:fe:f0:9e:04:
         97:f1:4f:a9:87:fe:57:90:b3:11:fe:c3:4f:97:25:04:a1:04:
         8b:66:4c:ef:0c:c1:cf:42:e1:fc:b3:57:08:8e:bd:93:6a:75:
         44:86:bb:b1:01:86:c8:84:e5:7f:89:22:93:4b:9d:df:63:97:
         67:a7:73:a6:2a:12:19:02:82:29:10:af:5f:f8:03:99:80:8c:
         87:29:a9:59:95:b8:36:db:1d:4b:d9:79:80:12:d1:bb:9e:41:
         03:9a:58:cd:6d:73:fd:1f:9e:f8:be:2d:ba:49:ae:71:c1:9f:
         b3:cc:d6:73:3b:df:d8:42:00:4f:81:72:fd:21:3f:cd:ff:c4:
         e7:b7:27:d2:39:2a:56:83:91:1e:f1:ff:61:ed:3c:a8:4f:a2:
         18:07:d1:26:0f:84:c5:79:48:e3:ce:fa:a0:59:0e:e5:7b:9f:
         89:6d:05:d3:60:9e:2b:47:96:70:27:3f:58:b6:a3:14:a8:16:
         74:b0:06:b8:80:60:0f:fe:2e:a4:9e:26:92:80:b6:20:f2:8f:
         62:71:c3:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVhN8LA0oDap1FGKwH/yJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzc4ZmQ1MTdhNzVmNzdmM2Y0ZmQyMjlhYzVlNjczMjU2
MGM2ZTEwHhcNMjMwMTAyMTYzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBkYjIyMDJmOThkNDQ0ZjMzZjRmN2QyYjBkMjIyZDUxMWJhNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUeUz8Ab5RCuBFhCVful/p+6+yB2
x4mCaBTpA5yaGvpGoOPvuskdChKsgAzd19oXoeyWNuy4zaj1g5zfAzz/3SNu2J4+
G0QnGrBDDeB7q/rRBK8NpEIR1Au/e/kGRvktwIrH2mlIMpt2KrX5mLh5Jde4kqZr
jFdkkSs9LstIp+Anq+QE7gLNS3BzAJAXh1D2+m0/T4nKhMjTjMNJlO3RyqmPv1qg
R++++PndGiRc0dlbCuDH1yWwYAd6Q+TLCN+RaRKLkn/k/6QXCxHtpJ0vEDHicZrN
nKqN5AVmWzN8eFW75ojDxzhLWrAflykw04wpSRCIMwIqD3+v6kEnc0X6mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUNsiAvmNRE8z9PfSsNIi1RG6ZfMB8GA1UdIwQY
MBaAFCrHj9UXp1938/T9IprF5nMlYMbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NlUDFSZW5YM2Z6OVAwaW1zWG1jeVZneHVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jOGYwMmItMGFiYy00MWZlLWJjNTQt
YWM4MDBjNmQ5NzZmLzEvZFEyeUlDLVkxRVR6UDA5OUt3MGlMVkVicGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jOGYwMmItMGFiYy00MWZlLWJjNTQtYWM4MDBjNmQ5NzZm
LzEvS3NlUDFSZW5YM2Z6OVAwaW1zWG1jeVZneHVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJetPMA0G
CSqGSIb3DQEBCwUAA4IBAQBtbnf4Ddhct2Bk6VAL56JH3UMglY9/hbEjHLxwF5n9
XLMFZUsldGA1DWZdX6eWZ5Jvq/7wngSX8U+ph/5XkLMR/sNPlyUEoQSLZkzvDMHP
QuH8s1cIjr2TanVEhruxAYbIhOV/iSKTS53fY5dnp3OmKhIZAoIpEK9f+AOZgIyH
KalZlbg22x1L2XmAEtG7nkEDmljNbXP9H574vi26Sa5xwZ+zzNZzO9/YQgBPgXL9
IT/N/8TntyfSOSpWg5Ee8f9h7TyoT6IYB9EmD4TFeUjjzvqgWQ7le5+JbQXTYJ4r
R5ZwJz9YtqMUqBZ0sAa4gGAP/i6kniaSgLYg8o9iccPy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:15 2024 by rpki-client on console-ams.rpki-client.org