Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NPKJPBhF-QtGbwdhgcGm2Ogbt1w.roa
File:                     NPKJPBhF-QtGbwdhgcGm2Ogbt1w.roa (raw, json)
Hash identifier:          HsKeDrwtBhUVJR+99OlGL0Q03ow6MV48157SIctYD8c=
Subject key identifier:   34:F2:89:3C:18:45:F9:0B:46:6F:07:61:81:C1:A6:D8:E8:1B:B7:5C
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       01911A7B776139D942DD553A03FAC394E2E1
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NPKJPBhF-QtGbwdhgcGm2Ogbt1w.roa
Signing time:             Sat 03 Aug 2024 23:03:04 +0000
ROA not before:           Sat 03 Aug 2024 23:03:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207252
IP address blocks:        77.90.12.0/24 maxlen: 24
                          77.90.22.0/24 maxlen: 24
                          77.90.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 15:16:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:1a:7b:77:61:39:d9:42:dd:55:3a:03:fa:c3:94:e2:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Aug  3 23:03:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=34f2893c1845f90b466f076181c1a6d8e81bb75c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e6:43:c5:58:13:bd:44:2e:18:a8:9e:29:36:
                    6d:9b:f6:9f:9a:42:6e:4a:b7:b8:ff:c7:9c:29:f6:
                    0b:a1:6d:1f:34:25:32:af:48:8d:8c:5c:91:05:01:
                    a5:a0:14:b2:53:5c:48:ab:a6:4a:2d:64:dd:b2:ca:
                    40:ad:e9:74:36:a7:c3:dd:8f:e3:62:63:c0:de:ca:
                    95:e0:01:ca:68:f0:80:e8:8a:1b:a3:2b:ab:b8:f5:
                    a8:23:60:6e:45:12:43:21:11:c7:3f:72:75:06:f4:
                    df:8b:a3:16:f0:80:9e:9b:1f:10:a6:39:ae:54:f7:
                    89:39:23:97:31:e4:17:57:db:ec:23:eb:28:01:9a:
                    c4:bf:37:98:07:2c:11:01:4c:89:f0:16:20:f5:12:
                    ab:2e:a6:99:b9:0f:75:ed:70:35:1e:81:e2:54:a5:
                    05:78:77:12:aa:00:80:f2:97:1e:e0:6a:b9:4c:1e:
                    c0:5a:a1:7d:1b:d0:a4:e0:6c:0c:e7:4a:43:6b:5f:
                    0f:04:f0:7e:1c:74:d5:33:39:a0:f5:20:66:f7:b8:
                    21:68:9b:0c:6c:44:f4:63:e3:8c:de:97:c2:bb:fb:
                    5c:5c:d1:73:88:1f:79:85:25:74:f6:11:4a:c5:c8:
                    cf:6d:df:fb:e1:2a:b6:45:66:6d:c1:7b:d4:0a:59:
                    67:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:F2:89:3C:18:45:F9:0B:46:6F:07:61:81:C1:A6:D8:E8:1B:B7:5C
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NPKJPBhF-QtGbwdhgcGm2Ogbt1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.12.0/24
                  77.90.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:b2:d1:7c:77:a2:06:83:0d:8f:df:59:de:05:82:a6:5c:57:
         05:43:35:52:53:95:8e:e2:1d:65:87:15:5f:d5:b0:89:26:50:
         73:95:6f:b8:21:ff:37:af:ab:26:84:8a:2e:c9:8c:f7:1f:10:
         b6:85:47:e2:1f:ac:db:94:e9:89:58:76:2d:80:1d:d9:48:3f:
         8c:22:a3:3d:5d:5e:05:b3:54:82:95:5b:e6:40:36:27:66:4d:
         ec:c0:56:8b:c2:94:cb:73:a8:70:89:96:d2:bb:eb:c4:27:8d:
         32:a7:89:be:6f:66:ce:25:a5:15:93:23:09:0f:9d:ad:0e:c8:
         3d:e9:f0:07:6b:7e:f6:bf:77:02:53:3a:ea:02:fa:6c:47:f8:
         5f:ef:8a:d8:08:9d:e8:ec:7d:bf:c5:69:dd:5e:24:f8:a7:88:
         68:53:47:74:9c:6b:89:24:81:54:f9:22:1b:cb:72:9e:22:07:
         a8:d8:d1:0f:f0:65:22:be:d7:9d:d3:90:5f:7e:f8:f1:41:fc:
         c9:e2:6d:0a:a7:5b:37:b7:c2:bc:99:6f:9a:e4:05:26:00:22:
         35:49:43:3e:3f:b0:c2:06:9a:0d:01:56:32:b7:03:5a:8c:25:
         40:05:8e:a8:04:cf:ed:b3:17:01:b3:17:31:ae:fe:4d:fb:f7:
         fc:43:89:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEae3dhOdlC3VU6A/rDlOLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwODAzMjMwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGYyODkzYzE4NDVmOTBiNDY2ZjA3NjE4MWMxYTZkOGU4MWJiNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+ZDxVgTvUQuGKieKTZtm/afmkJu
Sre4/8ecKfYLoW0fNCUyr0iNjFyRBQGloBSyU1xIq6ZKLWTdsspArel0NqfD3Y/j
YmPA3sqV4AHKaPCA6IoboyuruPWoI2BuRRJDIRHHP3J1BvTfi6MW8ICemx8Qpjmu
VPeJOSOXMeQXV9vsI+soAZrEvzeYBywRAUyJ8BYg9RKrLqaZuQ917XA1HoHiVKUF
eHcSqgCA8pce4Gq5TB7AWqF9G9Ck4GwM50pDa18PBPB+HHTVMzmg9SBm97ghaJsM
bET0Y+OM3pfCu/tcXNFziB95hSV09hFKxcjPbd/74Sq2RWZtwXvUCllnaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDTyiTwYRfkLRm8HYYHBptjoG7dcMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTlBLSlBCaEYtUXRHYndkaGdjR20yT2didDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVoMAwQB
TVoWMA0GCSqGSIb3DQEBCwUAA4IBAQAWstF8d6IGgw2P31neBYKmXFcFQzVSU5WO
4h1lhxVf1bCJJlBzlW+4If83r6smhIouyYz3HxC2hUfiH6zblOmJWHYtgB3ZSD+M
IqM9XV4Fs1SClVvmQDYnZk3swFaLwpTLc6hwiZbSu+vEJ40yp4m+b2bOJaUVkyMJ
D52tDsg96fAHa372v3cCUzrqAvpsR/hf74rYCJ3o7H2/xWndXiT4p4hoU0d0nGuJ
JIFU+SIby3KeIgeo2NEP8GUivted05BffvjxQfzJ4m0Kp1s3t8K8mW+a5AUmACI1
SUM+P7DCBpoNAVYytwNajCVABY6oBM/tsxcBsxcxrv5N+/f8Q4lJ
-----END CERTIFICATE-----
Generated at Thu Aug 15 19:59:47 2024 by rpki-client on console-fra.rpki-client.org