Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/sZQbWW_cGirhsGvjuJyOil9OlAs.roa
File:                     sZQbWW_cGirhsGvjuJyOil9OlAs.roa (raw, json)
Hash identifier:          gW6ZaYyLliHU4sKPlDVwsc5K1zdDF6iAQmT5yJ2xSL8=
Subject key identifier:   B1:94:1B:59:6F:DC:1A:2A:E1:B0:6B:E3:B8:9C:8E:8A:5F:4E:94:0B
Certificate issuer:       /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial:       0187BD95771F14706135AF7117C1024617BA
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/sZQbWW_cGirhsGvjuJyOil9OlAs.roa
Signing time:             Wed 26 Apr 2023 12:41:41 +0000
ROA not before:           Wed 26 Apr 2023 12:41:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39115
IP address blocks:        77.247.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bd:95:77:1f:14:70:61:35:af:71:17:c1:02:46:17:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
        Validity
            Not Before: Apr 26 12:41:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1941b596fdc1a2ae1b06be3b89c8e8a5f4e940b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:06:1b:8c:b5:b6:5d:01:fc:03:73:c6:0f:4a:
                    58:4d:5c:a1:b0:f2:d7:7d:1a:6d:b4:54:94:b6:6e:
                    cc:ef:e3:2d:7f:36:f9:6a:c5:eb:5f:cd:ef:65:fe:
                    58:72:69:a5:cd:b1:3e:97:9a:88:2e:46:2b:c7:81:
                    ac:ed:53:93:db:66:3d:da:44:5e:6f:3c:79:c0:53:
                    7b:fa:f4:de:15:18:be:eb:22:f4:69:29:63:83:58:
                    39:94:bc:4e:50:23:05:bf:5d:34:aa:59:ff:ae:de:
                    47:f0:4f:a8:13:9c:14:9c:2d:08:ed:c8:fa:49:c3:
                    59:eb:7a:fc:de:00:fb:f4:84:cc:16:6d:9d:c2:4e:
                    fb:f4:1d:07:83:51:d0:80:cf:7e:44:6b:b1:b2:c5:
                    1f:e2:8f:10:0f:ca:7c:53:47:0b:d1:6e:74:40:7d:
                    c5:6a:6b:26:fa:13:5e:f9:f0:0a:fb:b0:d1:ce:cc:
                    44:4d:5d:f1:e6:8e:9c:02:91:c2:c2:11:85:8d:da:
                    32:64:9b:c6:ce:5d:25:f4:93:e0:20:04:7f:18:65:
                    66:ad:11:1d:71:db:0c:80:4f:44:b1:60:55:46:4c:
                    62:ac:1c:ce:86:8d:90:2d:9d:3a:70:58:b7:9f:f8:
                    a8:5c:20:1f:67:3a:f5:29:7c:66:4b:6c:94:32:79:
                    b4:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:94:1B:59:6F:DC:1A:2A:E1:B0:6B:E3:B8:9C:8E:8A:5F:4E:94:0B
            X509v3 Authority Key Identifier:
                keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/sZQbWW_cGirhsGvjuJyOil9OlAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.247.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:6b:c1:31:e9:f9:c0:be:4b:4b:a6:7c:15:d2:ea:bd:0e:43:
         cf:01:09:02:50:86:75:67:e9:d8:b0:a6:f6:ff:09:a4:89:63:
         ee:9a:2a:62:dc:7c:0a:7d:51:ed:ac:75:ce:b6:98:08:ec:0d:
         19:4c:eb:e1:34:a8:bf:2e:cb:39:ad:41:fd:21:93:c9:63:db:
         df:6f:cb:b1:d9:5f:ed:dc:9d:e8:8b:fc:77:a8:80:78:41:7a:
         2e:a4:4e:0d:ac:f0:d3:b9:71:e5:52:8f:4a:10:6d:f2:d3:47:
         f5:3d:b6:52:11:de:25:af:cb:f3:f1:cf:4b:9e:55:cf:42:0c:
         9b:f2:70:ff:9e:1f:ce:69:ce:27:23:12:72:44:4a:f1:8b:d8:
         e8:54:54:d3:7e:17:fe:b6:71:9e:b5:6e:84:39:39:5c:6e:11:
         92:a9:f8:b6:0e:4e:92:7e:49:1c:0b:02:49:ef:25:98:fe:38:
         d7:1a:82:eb:84:57:8e:63:da:e5:68:dc:4c:bc:5e:fd:75:23:
         22:f8:2b:4e:d7:b6:ca:60:3c:87:13:6c:a6:74:98:16:54:36:
         8e:12:ec:5d:a3:c4:7b:91:30:ad:97:14:c7:78:f5:0a:46:8f:
         09:11:a6:fa:90:36:6c:87:13:c8:f5:62:b5:90:87:e1:d8:be:
         d8:65:1b:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9lXcfFHBhNa9xF8ECRhe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjMwNDI2MTI0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTk0MWI1OTZmZGMxYTJhZTFiMDZiZTNiODljOGU4YTVmNGU5NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggYbjLW2XQH8A3PGD0pYTVyhsPLX
fRpttFSUtm7M7+Mtfzb5asXrX83vZf5YcmmlzbE+l5qILkYrx4Gs7VOT22Y92kRe
bzx5wFN7+vTeFRi+6yL0aSljg1g5lLxOUCMFv100qln/rt5H8E+oE5wUnC0I7cj6
ScNZ63r83gD79ITMFm2dwk779B0Hg1HQgM9+RGuxssUf4o8QD8p8U0cL0W50QH3F
amsm+hNe+fAK+7DRzsxETV3x5o6cApHCwhGFjdoyZJvGzl0l9JPgIAR/GGVmrREd
cdsMgE9EsWBVRkxirBzOho2QLZ06cFi3n/ioXCAfZzr1KXxmS2yUMnm0JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGUG1lv3Boq4bBr47icjopfTpQLMB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEvc1pRYldXX2NHaXJoc0d2anVKeU9pbDlPbEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfcOMA0G
CSqGSIb3DQEBCwUAA4IBAQBCa8Ex6fnAvktLpnwV0uq9DkPPAQkCUIZ1Z+nYsKb2
/wmkiWPumipi3HwKfVHtrHXOtpgI7A0ZTOvhNKi/Lss5rUH9IZPJY9vfb8ux2V/t
3J3oi/x3qIB4QXoupE4NrPDTuXHlUo9KEG3y00f1PbZSEd4lr8vz8c9LnlXPQgyb
8nD/nh/Oac4nIxJyRErxi9joVFTTfhf+tnGetW6EOTlcbhGSqfi2Dk6SfkkcCwJJ
7yWY/jjXGoLrhFeOY9rlaNxMvF79dSMi+CtO17bKYDyHE2ymdJgWVDaOEuxdo8R7
kTCtlxTHePUKRo8JEab6kDZshxPI9WK1kIfh2L7YZRu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:48 2024 by rpki-client on console-fra.rpki-client.org