Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/hDochHzo6CDWJfzdJ7o8SBIiSzs.roa
File:                     hDochHzo6CDWJfzdJ7o8SBIiSzs.roa (raw, json)
Hash identifier:          iJujXJFayFEoDACREIdBOuTxyEaVVimy0hPkO3IFnrk=
Subject key identifier:   84:3A:1C:84:7C:E8:E8:20:D6:25:FC:DD:27:BA:3C:48:12:22:4B:3B
Certificate issuer:       /CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Certificate serial:       01897866C035D33F89C57E2A6AFE0887800E
Authority key identifier: 4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/hDochHzo6CDWJfzdJ7o8SBIiSzs.roa
Signing time:             Fri 21 Jul 2023 12:22:27 +0000
ROA not before:           Fri 21 Jul 2023 12:22:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        77.91.88.0/24 maxlen: 24
                          77.91.91.0/24 maxlen: 24
                          77.91.90.0/24 maxlen: 24
                          77.91.89.0/24 maxlen: 24
                          77.91.95.0/24 maxlen: 24
                          77.91.94.0/24 maxlen: 24
                          77.91.93.0/24 maxlen: 24
                          77.91.92.0/24 maxlen: 24
                          185.149.145.0/24 maxlen: 24
                          185.149.144.0/24 maxlen: 24
                          185.149.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:78:66:c0:35:d3:3f:89:c5:7e:2a:6a:fe:08:87:80:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
        Validity
            Not Before: Jul 21 12:22:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=843a1c847ce8e820d625fcdd27ba3c4812224b3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:10:ed:2c:19:01:73:49:25:92:ef:2a:74:91:
                    b4:2b:4b:c7:19:c1:8f:a1:60:42:a7:ef:b8:eb:31:
                    cd:92:1f:6c:eb:eb:87:15:d1:f3:17:eb:9d:20:af:
                    f8:4c:0f:8f:82:e2:8e:09:82:fe:be:86:35:e2:3e:
                    2d:7c:89:ee:80:f7:e8:cf:20:1a:85:af:76:14:fc:
                    85:ee:85:15:e1:45:c8:1f:65:b5:39:08:4e:f9:05:
                    84:68:53:ea:85:4c:28:a2:9b:37:e1:eb:e7:34:70:
                    5b:4f:58:ee:21:2b:ce:f8:27:11:95:e6:8e:cd:d9:
                    08:e9:8a:38:d8:ea:9d:7e:62:63:ef:ec:98:1a:9a:
                    39:2c:f7:32:62:c9:5a:89:68:5d:bc:17:74:60:2e:
                    46:cd:29:20:9f:40:bf:af:1d:93:f6:04:5f:df:e3:
                    7e:68:c9:f7:bd:1f:13:4a:3f:a2:f0:41:a7:18:e3:
                    86:7b:4f:6a:a6:de:f1:c6:38:dd:0a:4e:db:a9:ac:
                    62:30:21:03:5b:c2:70:58:12:68:52:97:65:d9:af:
                    77:ea:50:25:2b:33:89:17:76:94:f5:ee:cd:0f:24:
                    cd:55:f9:e6:b7:54:72:ed:eb:3b:26:81:a4:98:4e:
                    be:14:31:79:de:0a:19:70:ec:ee:ba:be:37:25:1f:
                    62:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:3A:1C:84:7C:E8:E8:20:D6:25:FC:DD:27:BA:3C:48:12:22:4B:3B
            X509v3 Authority Key Identifier:
                keyid:4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/hDochHzo6CDWJfzdJ7o8SBIiSzs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.88.0/21
                  185.149.144.0/23
                  185.149.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:96:ac:81:e1:d3:7d:45:73:d2:14:34:d7:08:6f:bf:a2:9d:
         b7:fb:15:42:c2:28:2e:c5:fe:fd:5f:8c:bb:95:f2:bd:97:82:
         02:46:0b:ac:59:ab:10:76:f8:4d:92:4c:b1:65:e4:6b:c9:97:
         14:b1:07:4c:1e:29:c2:ae:aa:59:49:68:49:f1:3e:fe:9f:3e:
         e8:25:e7:28:cf:2e:86:98:fa:6e:67:ca:9a:b2:da:86:cc:6f:
         87:22:1f:3c:af:6a:65:85:69:da:e6:6e:fa:1c:94:0f:b8:66:
         4a:73:36:67:ad:e7:15:d9:cb:aa:c7:7d:de:6e:36:27:dd:1d:
         87:1a:65:25:0e:8c:ef:a3:06:6a:db:5b:ed:96:e6:44:d0:86:
         1d:db:6b:3e:81:12:ee:1a:74:f6:17:33:12:6b:25:b5:a4:67:
         6c:e5:3b:30:ab:fd:23:bd:1b:b9:d6:58:98:65:1e:f8:54:d1:
         e1:7a:35:15:a3:f9:1e:3a:69:75:74:c9:cb:05:80:57:a7:46:
         af:41:de:68:a8:f5:03:f1:20:a6:71:95:db:2e:10:2b:2f:05:
         d4:01:86:ed:52:5e:eb:05:28:87:5f:c8:d1:fb:f5:ed:b7:77:
         50:04:9a:2b:7f:5a:83:4f:40:09:ab:3a:8a:74:81:20:d0:b1:
         00:e1:e4:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYl4ZsA10z+JxX4qav4Ih4AOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmQzMGIwMTVlYzRlZjFiMGQzYzY0MzQ3YzhkMWI1OTgy
OTNmODEwHhcNMjMwNzIxMTIyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDNhMWM4NDdjZThlODIwZDYyNWZjZGQyN2JhM2M0ODEyMjI0YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRDtLBkBc0klku8qdJG0K0vHGcGP
oWBCp++46zHNkh9s6+uHFdHzF+udIK/4TA+PguKOCYL+voY14j4tfInugPfozyAa
ha92FPyF7oUV4UXIH2W1OQhO+QWEaFPqhUwoops34evnNHBbT1juISvO+CcRleaO
zdkI6Yo42OqdfmJj7+yYGpo5LPcyYslaiWhdvBd0YC5GzSkgn0C/rx2T9gRf3+N+
aMn3vR8TSj+i8EGnGOOGe09qpt7xxjjdCk7bqaxiMCEDW8JwWBJoUpdl2a936lAl
KzOJF3aU9e7NDyTNVfnmt1Ry7es7JoGkmE6+FDF53goZcOzuur43JR9iTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQ6HIR86Ogg1iX83Se6PEgSIks7MB8GA1UdIwQY
MBaAFE8tMLAV7E7xsNPGQ0fI0bWYKT+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjkt
NDM1MWJiZjc0YzBjLzEvaERvY2hIem82Q0RXSmZ6ZEo3bzhTQklpU3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjktNDM1MWJiZjc0YzBj
LzEvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVtYAwQB
uZWQAwQAuZWTMA0GCSqGSIb3DQEBCwUAA4IBAQC5lqyB4dN9RXPSFDTXCG+/op23
+xVCwiguxf79X4y7lfK9l4ICRgusWasQdvhNkkyxZeRryZcUsQdMHinCrqpZSWhJ
8T7+nz7oJecozy6GmPpuZ8qastqGzG+HIh88r2plhWna5m76HJQPuGZKczZnrecV
2cuqx33ebjYn3R2HGmUlDozvowZq21vtluZE0IYd22s+gRLuGnT2FzMSayW1pGds
5Tswq/0jvRu51liYZR74VNHhejUVo/keOml1dMnLBYBXp0avQd5oqPUD8SCmcZXb
LhArLwXUAYbtUl7rBSiHX8jR+/Xtt3dQBJorf1qDT0AJqzqKdIEg0LEA4eTp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:29 2024 by rpki-client on console-ams.rpki-client.org