Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/CpFlJYMPVyIA2eu1elI1iL1OA0I.roa
File:                     CpFlJYMPVyIA2eu1elI1iL1OA0I.roa (raw, json)
Hash identifier:          xEnxjsyPKMZpyUa3y+0SwNJ0/mMItAfz6M4c2xRi8H0=
Subject key identifier:   0A:91:65:25:83:0F:57:22:00:D9:EB:B5:7A:52:35:88:BD:4E:03:42
Certificate issuer:       /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial:       01882F0BAD76F6CF7ECA5CE0C64EC63AEB04
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/CpFlJYMPVyIA2eu1elI1iL1OA0I.roa
Signing time:             Thu 18 May 2023 13:27:54 +0000
ROA not before:           Thu 18 May 2023 13:27:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     11158
IP address blocks:        77.247.1.0/24 maxlen: 24
                          77.247.15.0/24 maxlen: 24
                          212.11.82.0/24 maxlen: 24
                          212.11.84.0/24 maxlen: 24
                          185.71.48.0/24 maxlen: 24
                          185.71.50.0/24 maxlen: 24
                          46.235.109.0/24 maxlen: 24
                          46.235.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2f:0b:ad:76:f6:cf:7e:ca:5c:e0:c6:4e:c6:3a:eb:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
        Validity
            Not Before: May 18 13:27:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a916525830f572200d9ebb57a523588bd4e0342
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a8:ca:bb:ee:d0:62:09:54:d7:61:95:96:f6:
                    4a:ac:13:e8:90:16:3f:91:32:8a:34:f3:6e:1c:41:
                    7e:04:fd:44:13:e5:bc:ef:99:3e:ec:81:13:76:a2:
                    44:84:c3:83:cf:28:3d:96:6d:02:f8:14:fc:30:01:
                    60:5b:11:db:d7:96:22:80:e2:44:91:1b:2b:7f:a2:
                    af:38:83:e4:b7:36:c6:ba:62:96:a1:b9:b8:b6:62:
                    43:af:57:d6:60:c1:24:05:af:3e:24:95:78:21:37:
                    40:c3:db:43:ca:bc:75:e2:82:33:cb:17:60:c1:9c:
                    8b:49:bc:d3:b8:09:69:a4:2f:1b:e6:f6:5c:82:6d:
                    cb:e3:21:24:ea:e2:ce:ff:f1:a1:11:90:1f:39:7b:
                    fc:88:2b:3c:42:39:42:0f:b9:86:f9:94:df:98:c3:
                    75:49:46:db:8f:9c:a1:71:97:87:5a:77:93:9b:83:
                    39:d9:25:cb:9a:14:1b:d9:e7:fb:cc:d5:9a:10:f5:
                    67:12:b3:9a:38:5b:ba:86:ed:8a:7a:77:a7:16:c6:
                    fc:cd:7c:eb:83:bf:bb:6e:20:3f:fe:2b:97:55:c9:
                    48:eb:9a:97:b3:48:2b:e5:7c:e1:01:a2:1c:4b:a4:
                    b7:0d:76:70:22:18:b7:80:2c:0c:05:97:08:17:a4:
                    bd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:91:65:25:83:0F:57:22:00:D9:EB:B5:7A:52:35:88:BD:4E:03:42
            X509v3 Authority Key Identifier:
                keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/CpFlJYMPVyIA2eu1elI1iL1OA0I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.235.109.0/24
                  46.235.111.0/24
                  77.247.1.0/24
                  77.247.15.0/24
                  185.71.48.0/24
                  185.71.50.0/24
                  212.11.82.0/24
                  212.11.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:c3:7f:1c:71:b4:7b:de:8b:c0:34:f1:3e:ba:f4:4a:00:22:
         ec:e1:d8:43:ed:e9:0b:20:89:46:5a:9f:6e:4f:49:51:03:c6:
         b8:8f:77:b0:89:75:1f:01:aa:8b:21:b4:c1:f3:9f:20:df:4b:
         17:d8:a4:fe:9d:d3:76:f1:19:53:44:35:8c:54:10:1f:73:ac:
         22:12:55:8c:00:31:c5:9b:e5:e2:99:75:34:a7:2e:a5:79:00:
         68:5d:ca:66:e8:b0:5e:a3:66:e4:dc:4a:e4:73:93:91:cc:36:
         87:db:1d:de:c8:35:d0:b0:e3:5d:e3:73:ee:bd:05:d7:62:7c:
         7c:78:63:9e:f2:89:6e:23:1f:a2:28:83:17:5f:80:7f:97:28:
         db:94:86:bc:3c:7d:99:77:c0:20:9c:41:07:2f:2b:98:11:db:
         ff:06:0e:bc:87:b1:1f:1a:57:68:ec:3f:7f:8d:96:18:a1:6e:
         43:99:82:7d:73:35:6d:1c:29:0b:43:1b:76:e8:0b:e9:56:0e:
         cd:48:ff:05:5c:c4:ac:56:38:33:10:a4:62:5a:b1:de:47:53:
         82:dd:c9:b5:3a:68:dd:eb:64:02:98:54:a0:ac:0e:5b:23:d8:
         de:f3:3b:86:aa:bb:25:b4:45:b0:8e:85:d2:bb:87:fc:a1:9b:
         04:e1:53:45
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgvC6129s9+ylzgxk7GOusEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjMwNTE4MTMyNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkxNjUyNTgzMGY1NzIyMDBkOWViYjU3YTUyMzU4OGJkNGUwMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqjKu+7QYglU12GVlvZKrBPokBY/
kTKKNPNuHEF+BP1EE+W875k+7IETdqJEhMODzyg9lm0C+BT8MAFgWxHb15YigOJE
kRsrf6KvOIPktzbGumKWobm4tmJDr1fWYMEkBa8+JJV4ITdAw9tDyrx14oIzyxdg
wZyLSbzTuAlppC8b5vZcgm3L4yEk6uLO//GhEZAfOXv8iCs8QjlCD7mG+ZTfmMN1
SUbbj5yhcZeHWneTm4M52SXLmhQb2ef7zNWaEPVnErOaOFu6hu2KenenFsb8zXzr
g7+7biA//iuXVclI65qXs0gr5XzhAaIcS6S3DXZwIhi3gCwMBZcIF6S9lQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAqRZSWDD1ciANnrtXpSNYi9TgNCMB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEvQ3BGbEpZTVBWeUlBMmV1MWVsSTFpTDFPQTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALuttAwQA
LutvAwQATfcBAwQATfcPAwQAuUcwAwQAuUcyAwQA1AtSAwQA1AtUMA0GCSqGSIb3
DQEBCwUAA4IBAQAmw38ccbR73ovANPE+uvRKACLs4dhD7ekLIIlGWp9uT0lRA8a4
j3ewiXUfAaqLIbTB858g30sX2KT+ndN28RlTRDWMVBAfc6wiElWMADHFm+XimXU0
py6leQBoXcpm6LBeo2bk3Erkc5ORzDaH2x3eyDXQsONd43PuvQXXYnx8eGOe8olu
Ix+iKIMXX4B/lyjblIa8PH2Zd8AgnEEHLyuYEdv/Bg68h7EfGldo7D9/jZYYoW5D
mYJ9czVtHCkLQxt26AvpVg7NSP8FXMSsVjgzEKRiWrHeR1OC3cm1Omjd62QCmFSg
rA5bI9je8zuGqrsltEWwjoXSu4f8oZsE4VNF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:48 2024 by rpki-client on console-fra.rpki-client.org