Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/P7cr2fb1z6LhRVUOGXXVrKvgECQ.roa
File:                     P7cr2fb1z6LhRVUOGXXVrKvgECQ.roa (raw, json)
Hash identifier:          yurv1bNziOWz0hEFBcnhfx3ExEd0lSuD/hxm12HXLC4=
Subject key identifier:   3F:B7:2B:D9:F6:F5:CF:A2:E1:45:55:0E:19:75:D5:AC:AB:E0:10:24
Certificate issuer:       /CN=77480527d0b35caf95b37502c4c6f9e3e81fd8a3
Certificate serial:       018B3A3EF50C41F3841EB8CE2A8317EFB7D0
Authority key identifier: 77:48:05:27:D0:B3:5C:AF:95:B3:75:02:C4:C6:F9:E3:E8:1F:D8:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d0gFJ9CzXK-Vs3UCxMb54-gf2KM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/P7cr2fb1z6LhRVUOGXXVrKvgECQ.roa
Signing time:             Mon 16 Oct 2023 20:48:06 +0000
ROA not before:           Mon 16 Oct 2023 20:48:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39135
IP address blocks:        77.238.64.0/19 maxlen: 19
                          185.73.56.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:3a:3e:f5:0c:41:f3:84:1e:b8:ce:2a:83:17:ef:b7:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77480527d0b35caf95b37502c4c6f9e3e81fd8a3
        Validity
            Not Before: Oct 16 20:48:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3fb72bd9f6f5cfa2e145550e1975d5acabe01024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:18:54:19:b4:2c:6e:a1:0d:b8:e2:8e:fe:e4:
                    c9:50:dc:97:d3:29:78:25:74:7a:54:4a:9d:b0:c6:
                    f2:3f:e8:78:9c:56:5c:2c:54:8f:78:f9:a7:d5:90:
                    73:bd:44:b3:5c:93:35:2d:09:a6:24:ac:05:df:cb:
                    3d:64:e3:d9:5f:63:75:74:02:2b:1a:23:5c:6a:5d:
                    d5:eb:0a:f0:4b:fc:5e:2e:31:b3:0a:64:11:92:32:
                    19:fb:2b:55:20:7f:ce:b9:eb:c3:0a:49:79:7e:d7:
                    a0:b2:07:40:25:e5:f6:7f:4f:6a:43:f3:08:b9:45:
                    e0:00:af:35:3f:be:ac:e1:80:b8:0a:ae:e9:5d:64:
                    31:78:3c:f2:ec:19:6a:29:17:f9:55:6d:21:78:a3:
                    07:a8:1c:5b:34:f5:f8:d6:bf:81:ef:02:e2:34:1d:
                    d1:ba:83:12:77:1b:7e:bf:b4:a8:cb:bb:26:1d:24:
                    20:a1:f5:14:0b:d4:bb:55:94:9f:f4:79:60:55:5a:
                    6b:2f:01:dc:cd:d6:0c:20:e6:0e:1f:d7:41:cf:09:
                    1e:2f:ec:f9:69:13:36:7f:41:93:05:3f:bf:41:8d:
                    40:65:c4:c1:97:d9:75:c9:1f:2b:88:06:26:1d:33:
                    52:86:1e:e0:b9:d4:8b:e2:e1:30:48:71:1d:f5:56:
                    9d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:B7:2B:D9:F6:F5:CF:A2:E1:45:55:0E:19:75:D5:AC:AB:E0:10:24
            X509v3 Authority Key Identifier:
                keyid:77:48:05:27:D0:B3:5C:AF:95:B3:75:02:C4:C6:F9:E3:E8:1F:D8:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0gFJ9CzXK-Vs3UCxMb54-gf2KM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/P7cr2fb1z6LhRVUOGXXVrKvgECQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/d0gFJ9CzXK-Vs3UCxMb54-gf2KM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.238.64.0/19
                  185.73.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:a3:88:9a:6a:52:62:da:a1:80:5e:ab:b4:fe:56:31:d8:07:
         4b:ab:77:94:00:a4:cc:db:eb:b5:2d:87:21:39:7c:c0:bd:63:
         b3:d9:e8:ab:d9:9a:27:c7:82:a9:b7:bf:a2:ba:a6:c9:8e:54:
         1d:e8:dd:44:dd:e7:f6:c9:33:85:a9:06:3e:93:fd:f7:82:f8:
         25:5a:96:de:9f:36:83:4e:86:93:e6:67:8e:63:69:20:35:76:
         c4:10:0d:9e:fe:92:ed:bf:48:25:56:13:77:91:e2:3b:f6:25:
         11:eb:e5:b3:5a:b9:fe:d7:06:2b:39:49:89:07:b4:5d:61:24:
         3e:c9:35:bf:42:17:ee:13:d2:cc:d9:36:15:f4:da:d1:e2:57:
         fc:01:c9:f0:d7:af:29:5c:f0:0d:35:38:d0:2d:6f:84:ca:7e:
         19:2b:32:f0:60:83:2d:c4:bd:c6:7f:73:30:14:83:24:60:f9:
         3d:67:6c:a4:f5:41:52:22:1b:e0:b4:72:6c:a7:ea:63:35:5f:
         22:1b:56:ba:77:6d:47:6b:eb:ef:1f:f2:57:46:8c:84:94:0b:
         8b:e3:a9:f0:97:a5:79:ab:3b:8c:99:6c:48:1d:89:9f:86:f9:
         a0:73:70:49:86:e8:55:c9:17:1f:2a:cc:08:a5:70:e1:a0:6d:
         ea:e5:16:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs6PvUMQfOEHrjOKoMX77fQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDgwNTI3ZDBiMzVjYWY5NWIzNzUwMmM0YzZmOWUzZTgx
ZmQ4YTMwHhcNMjMxMDE2MjA0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmI3MmJkOWY2ZjVjZmEyZTE0NTU1MGUxOTc1ZDVhY2FiZTAxMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRhUGbQsbqENuOKO/uTJUNyX0yl4
JXR6VEqdsMbyP+h4nFZcLFSPePmn1ZBzvUSzXJM1LQmmJKwF38s9ZOPZX2N1dAIr
GiNcal3V6wrwS/xeLjGzCmQRkjIZ+ytVIH/OuevDCkl5ftegsgdAJeX2f09qQ/MI
uUXgAK81P76s4YC4Cq7pXWQxeDzy7BlqKRf5VW0heKMHqBxbNPX41r+B7wLiNB3R
uoMSdxt+v7Soy7smHSQgofUUC9S7VZSf9HlgVVprLwHczdYMIOYOH9dBzwkeL+z5
aRM2f0GTBT+/QY1AZcTBl9l1yR8riAYmHTNShh7gudSL4uEwSHEd9VadzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD+3K9n29c+i4UVVDhl11ayr4BAkMB8GA1UdIwQY
MBaAFHdIBSfQs1yvlbN1AsTG+ePoH9ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBnRko5Q3pYSy1WczNVQ3hNYjU0LWdmMktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iOTc4NDktMmFmNS00YzNlLThmMGUt
NGRkMzg1M2EyMjQxLzEvUDdjcjJmYjF6NkxoUlZVT0dYWFZyS3ZnRUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iOTc4NDktMmFmNS00YzNlLThmMGUtNGRkMzg1M2EyMjQx
LzEvZDBnRko5Q3pYSy1WczNVQ3hNYjU0LWdmMktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTe5AAwQC
uUk4MA0GCSqGSIb3DQEBCwUAA4IBAQBLo4iaalJi2qGAXqu0/lYx2AdLq3eUAKTM
2+u1LYchOXzAvWOz2eir2Zonx4Kpt7+iuqbJjlQd6N1E3ef2yTOFqQY+k/33gvgl
WpbenzaDToaT5meOY2kgNXbEEA2e/pLtv0glVhN3keI79iUR6+WzWrn+1wYrOUmJ
B7RdYSQ+yTW/QhfuE9LM2TYV9NrR4lf8Acnw168pXPANNTjQLW+Eyn4ZKzLwYIMt
xL3Gf3MwFIMkYPk9Z2yk9UFSIhvgtHJsp+pjNV8iG1a6d21Ha+vvH/JXRoyElAuL
46nwl6V5qzuMmWxIHYmfhvmgc3BJhuhVyRcfKswIpXDhoG3q5Ra4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:41 2024 by rpki-client on console-fra.rpki-client.org