Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/un0kCN_Sbe3QnwuKHldGm2MhI3E.roa
File:                     un0kCN_Sbe3QnwuKHldGm2MhI3E.roa (raw, json)
Hash identifier:          VaX6gg6vfZibQRyd7oKfXWDXY53lg92LvVOTSlm42OE=
Subject key identifier:   BA:7D:24:08:DF:D2:6D:ED:D0:9F:0B:8A:1E:57:46:9B:63:21:23:71
Certificate issuer:       /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial:       018CC72660F544102D60099E49ECE83D93B6
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/un0kCN_Sbe3QnwuKHldGm2MhI3E.roa
Signing time:             Mon 01 Jan 2024 22:30:30 +0000
ROA not before:           Mon 01 Jan 2024 22:30:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202848
IP address blocks:        185.137.38.0/24 maxlen: 24
                          185.137.37.0/24 maxlen: 24
                          185.137.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 Jul 2024 00:54:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:60:f5:44:10:2d:60:09:9e:49:ec:e8:3d:93:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
        Validity
            Not Before: Jan  1 22:30:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ba7d2408dfd26dedd09f0b8a1e57469b63212371
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a4:dd:c7:f0:c5:54:49:db:5c:72:5a:99:e0:
                    ed:2d:6a:51:83:7a:62:8d:75:0e:34:ec:54:d0:69:
                    80:c3:d8:78:d1:c0:2f:d4:53:67:be:9b:c2:c2:c9:
                    e0:83:73:7d:48:5d:1d:b1:30:51:1a:69:49:0e:57:
                    e7:41:9f:58:50:44:57:75:8e:99:ef:cf:bc:ca:95:
                    77:0e:16:1a:77:82:e8:df:38:9c:76:f0:77:5c:ac:
                    da:c7:3b:4a:4e:e1:4d:d8:9c:86:98:08:41:6f:fd:
                    c8:af:e7:ff:ef:ec:5f:b3:0b:57:2f:31:eb:89:61:
                    89:e3:f0:8e:c3:aa:13:a7:69:0a:d4:32:79:b6:69:
                    70:dc:65:8a:36:f8:e5:b1:e3:d6:ef:63:2c:d4:2f:
                    53:eb:70:36:d1:6c:7a:2b:66:d0:94:9e:89:45:9e:
                    57:1c:4c:c1:94:86:cb:f0:a7:89:d4:a4:fd:f8:88:
                    1d:6f:67:d5:8f:f1:df:0a:c1:ca:a3:87:24:d4:7d:
                    ef:d8:c9:87:26:27:97:d8:fa:df:8c:0c:f8:11:a6:
                    9b:44:3b:0b:2a:29:37:f0:f0:c1:c9:fd:9c:67:5c:
                    b5:53:47:d7:d8:5b:e6:33:ad:e8:65:cd:7a:c5:64:
                    bc:b1:ca:a7:44:96:e8:3b:86:b5:96:27:ec:e9:a2:
                    7d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:7D:24:08:DF:D2:6D:ED:D0:9F:0B:8A:1E:57:46:9B:63:21:23:71
            X509v3 Authority Key Identifier:
                keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/un0kCN_Sbe3QnwuKHldGm2MhI3E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.37.0-185.137.39.255

    Signature Algorithm: sha256WithRSAEncryption
         1e:16:ed:c4:b6:51:d1:46:92:15:d3:0d:d4:ea:23:53:b3:98:
         b6:98:28:25:ae:c1:24:2a:5d:e0:24:cb:e7:14:c8:37:80:74:
         80:b2:1b:c3:7a:6e:d6:b2:b5:34:40:17:1d:ad:05:29:ca:b1:
         9e:04:9f:61:4e:94:d8:8e:36:24:0b:b0:39:96:1c:ad:af:87:
         c3:c0:a3:c6:fd:50:b2:f6:ef:0f:38:c3:42:77:44:84:5f:8e:
         70:40:9a:24:e0:03:95:0d:bc:3e:5a:9d:aa:b6:c4:b4:27:ef:
         91:0c:86:1f:4e:5f:43:a2:e2:60:f4:fb:b2:1a:54:5f:6b:3d:
         38:b9:8d:43:2f:26:49:6f:40:d0:68:a2:3e:56:b8:76:ac:7e:
         24:a7:9a:5a:b5:bc:77:32:d4:b7:0b:1f:52:1f:8b:9c:8f:f9:
         1c:ef:a6:76:8d:f7:af:9b:8d:a1:4f:e3:75:59:99:90:32:a3:
         8b:4d:08:b3:8d:9d:08:c3:8d:2d:8f:6f:4f:76:db:59:59:7c:
         d7:aa:61:64:3d:3d:1e:fe:05:48:be:5d:0f:35:9d:80:9f:d3:
         ae:d4:e9:8a:03:66:e4:c5:30:c4:21:9b:e9:73:87:21:c7:61:
         52:ca:52:dc:5b:9b:18:ab:97:fe:e7:ae:cc:bb:56:e9:3e:5b:
         c5:5c:f2:4a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHJmD1RBAtYAmeSezoPZO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjQwMTAxMjIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdkMjQwOGRmZDI2ZGVkZDA5ZjBiOGExZTU3NDY5YjYzMjEyMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKTdx/DFVEnbXHJameDtLWpRg3pi
jXUONOxU0GmAw9h40cAv1FNnvpvCwsngg3N9SF0dsTBRGmlJDlfnQZ9YUERXdY6Z
78+8ypV3DhYad4Lo3zicdvB3XKzaxztKTuFN2JyGmAhBb/3Ir+f/7+xfswtXLzHr
iWGJ4/COw6oTp2kK1DJ5tmlw3GWKNvjlsePW72Ms1C9T63A20Wx6K2bQlJ6JRZ5X
HEzBlIbL8KeJ1KT9+Igdb2fVj/HfCsHKo4ck1H3v2MmHJieX2PrfjAz4EaabRDsL
Kik38PDByf2cZ1y1U0fX2FvmM63oZc16xWS8scqnRJboO4a1lifs6aJ9xwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLp9JAjf0m3t0J8Lih5XRptjISNxMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvdW4wa0NOX1NiZTNRbnd1S0hsZEdtMk1oSTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5iSUD
BAO5iSAwDQYJKoZIhvcNAQELBQADggEBAB4W7cS2UdFGkhXTDdTqI1OzmLaYKCWu
wSQqXeAky+cUyDeAdICyG8N6btaytTRAFx2tBSnKsZ4En2FOlNiONiQLsDmWHK2v
h8PAo8b9ULL27w84w0J3RIRfjnBAmiTgA5UNvD5anaq2xLQn75EMhh9OX0Oi4mD0
+7IaVF9rPTi5jUMvJklvQNBooj5WuHasfiSnmlq1vHcy1LcLH1Ifi5yP+RzvpnaN
96+bjaFP43VZmZAyo4tNCLONnQjDjS2Pb09221lZfNeqYWQ9PR7+BUi+XQ81nYCf
067U6YoDZuTFMMQhm+lzhyHHYVLKUtxbmxirl/7nrsy7Vuk+W8Vc8ko=
Generated at Sat Jul 13 03:36:52 2024 by rpki-client on console-fra.rpki-client.org