Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nJHy4fwDJN6AfKh2Esdtp0_sBXI.roa
File:                     nJHy4fwDJN6AfKh2Esdtp0_sBXI.roa (raw, json)
Hash identifier:          yLE3toFqrKdj1a1gJE66ZHSRyy1uzVqLq4sAZv7dIls=
Subject key identifier:   9C:91:F2:E1:FC:03:24:DE:80:7C:A8:76:12:C7:6D:A7:4F:EC:05:72
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       01856F022CA7F5FF0740E01F869785CF0B47
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nJHy4fwDJN6AfKh2Esdtp0_sBXI.roa
Signing time:             Sun 01 Jan 2023 20:24:51 +0000
ROA not before:           Sun 01 Jan 2023 20:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        37.153.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Jan 2023 19:45:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:2c:a7:f5:ff:07:40:e0:1f:86:97:85:cf:0b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Jan  1 20:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c91f2e1fc0324de807ca87612c76da74fec0572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2a:b6:9e:8e:bc:82:2d:54:fe:d7:45:ba:67:
                    09:18:6f:5b:17:c7:f4:90:70:91:90:89:77:57:19:
                    3a:a6:a7:c8:94:3d:66:4d:e7:af:8e:7d:67:aa:9e:
                    34:09:7b:8c:56:59:34:21:6b:d8:f3:77:0c:71:b2:
                    8c:2e:fa:7d:a2:ca:2a:29:38:01:94:48:4e:92:99:
                    40:13:a0:cc:1c:42:0c:92:27:6a:fb:b5:d4:c2:30:
                    ca:23:11:c5:4d:e9:e6:6a:7a:a2:39:0a:00:3c:fb:
                    06:2f:94:15:a9:c4:15:46:84:60:e7:27:f8:51:bc:
                    38:8d:c0:7d:34:18:64:6a:3e:a5:5d:38:d7:a1:0d:
                    b0:1e:ab:40:f2:87:b0:0b:da:14:e4:9d:13:de:1e:
                    7e:da:f8:0d:ea:0f:5f:d5:71:67:56:b1:47:12:3e:
                    a8:ee:cb:f8:43:77:02:eb:40:55:4b:8f:1d:3e:16:
                    52:70:99:50:3f:fa:f3:27:f3:f7:1c:09:41:7e:b0:
                    fc:4f:9c:a1:8e:7f:2b:74:ef:32:28:a3:3c:81:c4:
                    b6:60:f7:e8:a9:6b:98:23:43:ed:49:e2:09:8b:f1:
                    33:20:cb:59:f1:c3:2d:62:4c:93:02:cb:a8:ce:53:
                    bd:7c:50:0d:11:5c:45:2e:4f:19:88:03:2c:e5:ef:
                    49:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:91:F2:E1:FC:03:24:DE:80:7C:A8:76:12:C7:6D:A7:4F:EC:05:72
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nJHy4fwDJN6AfKh2Esdtp0_sBXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.153.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:c1:1a:7d:bb:82:b8:7b:39:57:63:b5:de:84:ee:4b:aa:bd:
         4c:6f:d5:42:12:16:23:a1:b1:95:aa:56:9b:db:71:20:2a:48:
         fb:9a:81:eb:79:49:d6:11:53:06:51:7b:7b:a4:b6:31:5c:6f:
         06:8b:5d:14:23:d8:44:68:0e:91:42:e6:71:36:c0:19:14:24:
         00:75:6d:06:75:62:71:8f:8a:e5:62:32:a7:a7:13:82:3b:b2:
         e1:b1:49:14:c0:a5:5e:90:a3:d5:32:c7:9a:11:d5:b2:e6:bf:
         b8:c4:34:f1:b2:8f:23:51:fa:2d:48:78:d9:5a:08:b8:50:a1:
         b2:ff:68:cc:5b:01:5f:53:df:57:57:40:cd:81:82:72:21:1a:
         38:0e:d9:07:f6:ee:76:8c:ff:2b:74:7a:23:75:bb:37:2c:5c:
         90:83:ff:06:34:7d:d5:d0:02:eb:59:53:34:fa:f8:05:87:67:
         23:a8:47:7c:b0:f5:30:f6:39:49:65:09:d4:31:dd:47:ec:cf:
         4e:46:8d:5c:26:78:2e:3c:23:48:34:b9:ae:2d:40:78:c9:48:
         6e:2b:c4:aa:95:83:96:9d:bc:56:6e:88:71:aa:24:30:fd:b9:
         3e:83:d2:74:b8:1e:18:d5:72:82:19:de:00:75:56:0b:17:97:
         04:86:53:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAiyn9f8HQOAfhpeFzwtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTAxMjAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkxZjJlMWZjMDMyNGRlODA3Y2E4NzYxMmM3NmRhNzRmZWMwNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyq2no68gi1U/tdFumcJGG9bF8f0
kHCRkIl3Vxk6pqfIlD1mTeevjn1nqp40CXuMVlk0IWvY83cMcbKMLvp9osoqKTgB
lEhOkplAE6DMHEIMkidq+7XUwjDKIxHFTenmanqiOQoAPPsGL5QVqcQVRoRg5yf4
Ubw4jcB9NBhkaj6lXTjXoQ2wHqtA8oewC9oU5J0T3h5+2vgN6g9f1XFnVrFHEj6o
7sv4Q3cC60BVS48dPhZScJlQP/rzJ/P3HAlBfrD8T5yhjn8rdO8yKKM8gcS2YPfo
qWuYI0PtSeIJi/EzIMtZ8cMtYkyTAsuozlO9fFANEVxFLk8ZiAMs5e9JkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyR8uH8AyTegHyodhLHbadP7AVyMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbkpIeTRmd0RKTjZBZktoMkVzZHRwMF9zQlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmEMA0G
CSqGSIb3DQEBCwUAA4IBAQAAwRp9u4K4ezlXY7XehO5Lqr1Mb9VCEhYjobGVqlab
23EgKkj7moHreUnWEVMGUXt7pLYxXG8Gi10UI9hEaA6RQuZxNsAZFCQAdW0GdWJx
j4rlYjKnpxOCO7LhsUkUwKVekKPVMseaEdWy5r+4xDTxso8jUfotSHjZWgi4UKGy
/2jMWwFfU99XV0DNgYJyIRo4DtkH9u52jP8rdHojdbs3LFyQg/8GNH3V0ALrWVM0
+vgFh2cjqEd8sPUw9jlJZQnUMd1H7M9ORo1cJnguPCNINLmuLUB4yUhuK8SqlYOW
nbxWbohxqiQw/bk+g9J0uB4Y1XKCGd4AdVYLF5cEhlOJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org