Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NBFattiu4zGFJfoIQq2eEHx0JgU.roa
File:                     NBFattiu4zGFJfoIQq2eEHx0JgU.roa (raw, json)
Hash identifier:          U96YxRef36DahaUrTAR+I8D0a8nm1k8By2SGbxh0FTQ=
Subject key identifier:   34:11:5A:B6:D8:AE:E3:31:85:25:FA:08:42:AD:9E:10:7C:74:26:05
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018B6389C7FA01BDB44C7CACA2DD56E1682D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NBFattiu4zGFJfoIQq2eEHx0JgU.roa
Signing time:             Tue 24 Oct 2023 21:14:15 +0000
ROA not before:           Tue 24 Oct 2023 21:14:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198361
IP address blocks:        77.83.39.0/24 maxlen: 24
                          2.56.111.0/24 maxlen: 24
                          45.88.138.0/24 maxlen: 24
                          77.83.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 16:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:63:89:c7:fa:01:bd:b4:4c:7c:ac:a2:dd:56:e1:68:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Oct 24 21:14:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34115ab6d8aee3318525fa0842ad9e107c742605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:b6:41:23:94:ad:3a:c2:ec:a8:ef:f1:21:f3:
                    bd:78:c4:21:89:c9:b1:65:eb:3c:e6:74:ae:61:af:
                    54:6f:38:b6:70:65:aa:60:2e:5f:dc:e8:19:e5:cc:
                    48:85:6f:61:ff:6e:c0:34:2a:09:40:1a:e1:3c:84:
                    4f:d6:73:22:13:8a:10:9b:6b:24:ca:45:fb:87:98:
                    ab:3a:6e:fc:da:83:00:02:49:c0:63:d1:65:3e:b3:
                    db:7c:90:57:d8:25:8a:de:58:d2:d9:91:29:3a:46:
                    b7:36:73:7a:95:f2:bb:d1:47:81:ef:66:38:ab:46:
                    cc:0c:4d:7f:ea:4f:ac:c2:91:ca:6a:43:5f:25:16:
                    8d:7d:7c:ab:87:ed:3f:ea:87:d5:fd:8d:be:fe:cb:
                    38:9b:ab:ca:50:7f:9c:3b:24:91:a9:bf:73:a4:f6:
                    c2:aa:32:bd:f8:9b:7f:da:e7:96:12:61:45:7f:63:
                    9a:b3:56:0c:16:4c:de:2b:5c:dc:ca:1b:24:59:1b:
                    a5:2a:90:35:e4:68:33:29:db:44:31:46:30:e9:fe:
                    38:dd:04:5a:d5:0f:14:93:7f:f2:82:c1:94:75:00:
                    60:29:bc:e9:31:49:bb:88:25:a7:60:cf:ea:d3:bb:
                    6c:81:8c:59:2b:a2:df:36:1e:2e:0c:e7:7f:9d:7d:
                    4b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:11:5A:B6:D8:AE:E3:31:85:25:FA:08:42:AD:9E:10:7C:74:26:05
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NBFattiu4zGFJfoIQq2eEHx0JgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.111.0/24
                  45.88.138.0/24
                  77.83.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         72:97:e7:49:e9:f1:06:5a:e8:0c:a7:1e:40:06:92:99:4c:9e:
         42:90:66:d7:45:93:f4:f2:be:e0:64:44:a3:1e:26:1c:0d:a7:
         e7:b0:57:db:7d:ad:b4:34:a3:26:49:c3:9e:85:1b:d8:6e:6c:
         43:03:fd:dc:6a:d8:65:ce:e0:33:86:17:8f:b0:68:2c:2a:04:
         59:cb:f2:21:2d:d9:77:db:e5:9f:f4:55:b2:09:c4:bc:0b:27:
         21:08:bc:13:ba:b8:14:56:1b:c9:9b:1d:1f:96:0e:a8:16:2c:
         48:22:53:cf:2d:e6:ca:01:dc:ee:99:da:a4:28:99:bc:77:a8:
         68:30:a1:cc:93:b4:f9:bb:65:6d:9a:93:b5:86:26:90:68:3a:
         4d:7d:bb:82:3f:2c:cd:a4:28:e2:b6:b5:59:f4:db:eb:1b:ae:
         b1:57:dc:1f:85:03:1d:d5:46:1f:26:72:f6:2f:3e:80:51:3f:
         71:94:95:65:ed:6a:71:43:8e:01:1a:64:2d:de:42:b4:da:45:
         67:fe:44:a7:fa:4a:36:ff:b5:35:cf:00:e3:63:ac:4d:f3:3c:
         49:92:28:a2:9b:f6:c3:c0:8c:1d:69:75:8a:de:55:0b:07:06:
         33:78:a0:8b:15:f0:b6:b8:a4:5f:31:93:fb:bb:ed:b2:85:57:
         36:bb:85:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtjicf6Ab20THysot1W4WgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDI0MjExNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDExNWFiNmQ4YWVlMzMxODUyNWZhMDg0MmFkOWUxMDdjNzQyNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rZBI5StOsLsqO/xIfO9eMQhicmx
Zes85nSuYa9Ubzi2cGWqYC5f3OgZ5cxIhW9h/27ANCoJQBrhPIRP1nMiE4oQm2sk
ykX7h5irOm782oMAAknAY9FlPrPbfJBX2CWK3ljS2ZEpOka3NnN6lfK70UeB72Y4
q0bMDE1/6k+swpHKakNfJRaNfXyrh+0/6ofV/Y2+/ss4m6vKUH+cOySRqb9zpPbC
qjK9+Jt/2ueWEmFFf2Oas1YMFkzeK1zcyhskWRulKpA15GgzKdtEMUYw6f443QRa
1Q8Uk3/ygsGUdQBgKbzpMUm7iCWnYM/q07tsgYxZK6LfNh4uDOd/nX1LyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDQRWrbYruMxhSX6CEKtnhB8dCYFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTkJGYXR0aXU0ekdGSmZvSVFxMmVFSHgwSmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhvAwQA
LViKAwQBTVMmMA0GCSqGSIb3DQEBCwUAA4IBAQByl+dJ6fEGWugMpx5ABpKZTJ5C
kGbXRZP08r7gZESjHiYcDafnsFfbfa20NKMmScOehRvYbmxDA/3cathlzuAzhheP
sGgsKgRZy/IhLdl32+Wf9FWyCcS8CychCLwTurgUVhvJmx0flg6oFixIIlPPLebK
AdzumdqkKJm8d6hoMKHMk7T5u2VtmpO1hiaQaDpNfbuCPyzNpCjitrVZ9NvrG66x
V9wfhQMd1UYfJnL2Lz6AUT9xlJVl7WpxQ44BGmQt3kK02kVn/kSn+ko2/7U1zwDj
Y6xN8zxJkiiim/bDwIwdaXWK3lULBwYzeKCLFfC2uKRfMZP7u+2yhVc2u4Xh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org