Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lzLW2dnx2agVxi6H3jQUsx3xM-w.roa
File:                     lzLW2dnx2agVxi6H3jQUsx3xM-w.roa (raw, json)
Hash identifier:          zEpAYZXLXO29ptn/zK6ZkZ0UiZ7E059VHiqGh0yGXyQ=
Subject key identifier:   97:32:D6:D9:D9:F1:D9:A8:15:C6:2E:87:DE:34:14:B3:1D:F1:33:EC
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       018F2B22F6503C2BACC8E66FBFFE85B89076
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lzLW2dnx2agVxi6H3jQUsx3xM-w.roa
Signing time:             Mon 29 Apr 2024 18:34:22 +0000
ROA not before:           Mon 29 Apr 2024 18:34:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215039
IP address blocks:        77.90.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 09:40:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:2b:22:f6:50:3c:2b:ac:c8:e6:6f:bf:fe:85:b8:90:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Apr 29 18:34:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9732d6d9d9f1d9a815c62e87de3414b31df133ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:db:8d:2b:a2:a8:e6:76:05:96:d3:77:3f:ed:
                    cb:36:81:34:46:2e:36:32:97:5a:ab:bd:10:3d:18:
                    ca:7d:0f:8b:94:da:b6:7c:60:a4:55:dd:ac:00:6f:
                    84:4e:52:61:5c:bd:6a:0a:c9:cc:b2:38:54:77:77:
                    65:1a:ec:55:cb:a1:b5:dd:9a:cb:38:6b:18:d7:22:
                    6a:90:2a:06:9d:c0:9d:53:c8:43:96:ce:32:f1:cd:
                    61:8c:ac:74:12:83:bc:aa:c2:88:61:b3:df:40:2e:
                    94:04:0d:ba:94:77:15:50:86:58:9a:c0:a1:88:6d:
                    75:ee:a3:d4:06:c0:80:51:4d:7d:23:ed:a1:b9:12:
                    c1:b0:64:3b:df:64:b5:d5:b4:94:6f:fc:f0:3d:d4:
                    91:9e:b7:47:2a:fa:81:7d:b2:82:42:6a:9e:4b:b9:
                    aa:79:d8:e8:0e:5a:70:ab:1d:cf:f3:d1:9e:81:77:
                    9c:20:08:aa:fd:df:95:b8:c9:47:98:b5:a0:31:76:
                    96:69:42:9e:42:70:39:51:9e:57:f3:99:a1:49:94:
                    30:50:b1:a4:01:f5:b0:03:c3:b3:85:2b:5f:4a:7e:
                    bb:1c:b7:35:15:e1:11:5f:ad:29:11:bb:67:c7:f6:
                    02:8e:45:2d:b4:cd:9a:0b:15:aa:21:c4:b1:e5:1f:
                    73:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:32:D6:D9:D9:F1:D9:A8:15:C6:2E:87:DE:34:14:B3:1D:F1:33:EC
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lzLW2dnx2agVxi6H3jQUsx3xM-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:8e:e8:0d:38:1f:56:9b:b8:08:07:fb:4c:99:ad:1b:16:6c:
         44:76:b1:da:e7:3d:9f:79:40:22:0b:54:08:c6:fd:80:07:cc:
         d6:98:64:85:cf:85:1f:0e:0a:0e:06:91:42:31:fe:72:74:06:
         12:e5:3f:fd:4e:9d:8f:bf:cf:b0:bc:57:38:e5:35:8f:ab:f3:
         3d:4f:22:fa:82:f5:ee:c5:e3:df:f2:26:01:bc:6a:8b:da:ac:
         73:82:04:99:32:a9:24:c2:fc:85:9a:bc:7f:8c:80:4b:5e:84:
         b5:64:d3:b4:d6:d9:06:c5:81:50:83:07:1b:eb:c4:fd:53:2e:
         35:cd:dd:32:f1:1e:d3:93:5e:47:f4:b0:e7:c2:73:1c:d4:9c:
         07:a0:a7:f7:04:4b:c9:7a:dd:a7:c5:de:81:5f:04:73:92:4b:
         46:8f:7a:ba:ba:f0:4a:73:eb:d8:98:ed:58:fd:e9:54:23:c1:
         ba:3c:28:b5:0b:70:53:55:7a:14:8e:ff:08:e6:df:0a:4e:45:
         02:6f:d6:54:6a:7f:e4:77:b3:0d:0e:ac:27:cc:67:cf:a1:41:
         2d:1a:98:8b:93:cc:96:cb:c9:07:54:c4:05:c9:50:c9:56:78:
         19:90:4d:5f:a7:e9:db:cd:9f:18:08:82:74:76:d8:20:9b:ba:
         ce:dd:67:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8rIvZQPCusyOZvv/6FuJB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNDI5MTgzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzMyZDZkOWQ5ZjFkOWE4MTVjNjJlODdkZTM0MTRiMzFkZjEzM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwduNK6Ko5nYFltN3P+3LNoE0Ri42
Mpdaq70QPRjKfQ+LlNq2fGCkVd2sAG+ETlJhXL1qCsnMsjhUd3dlGuxVy6G13ZrL
OGsY1yJqkCoGncCdU8hDls4y8c1hjKx0EoO8qsKIYbPfQC6UBA26lHcVUIZYmsCh
iG117qPUBsCAUU19I+2huRLBsGQ732S11bSUb/zwPdSRnrdHKvqBfbKCQmqeS7mq
edjoDlpwqx3P89GegXecIAiq/d+VuMlHmLWgMXaWaUKeQnA5UZ5X85mhSZQwULGk
AfWwA8OzhStfSn67HLc1FeERX60pEbtnx/YCjkUttM2aCxWqIcSx5R9zMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcy1tnZ8dmoFcYuh940FLMd8TPsMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbHpMVzJkbngyYWdWeGk2SDNqUVVzeDN4TS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVoBMA0G
CSqGSIb3DQEBCwUAA4IBAQAfjugNOB9Wm7gIB/tMma0bFmxEdrHa5z2feUAiC1QI
xv2AB8zWmGSFz4UfDgoOBpFCMf5ydAYS5T/9Tp2Pv8+wvFc45TWPq/M9TyL6gvXu
xePf8iYBvGqL2qxzggSZMqkkwvyFmrx/jIBLXoS1ZNO01tkGxYFQgwcb68T9Uy41
zd0y8R7Tk15H9LDnwnMc1JwHoKf3BEvJet2nxd6BXwRzkktGj3q6uvBKc+vYmO1Y
/elUI8G6PCi1C3BTVXoUjv8I5t8KTkUCb9ZUan/kd7MNDqwnzGfPoUEtGpiLk8yW
y8kHVMQFyVDJVngZkE1fp+nbzZ8YCIJ0dtggm7rO3WcA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:30 2024 by rpki-client on console-fra.rpki-client.org