Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/O3D5av2Cl5-8XLgEuzf5fqpEs_Y.roa
File:                     O3D5av2Cl5-8XLgEuzf5fqpEs_Y.roa (raw, json)
Hash identifier:          v7xwvbYaLssV4HZtAC69et5FEblZIsWDK8dDYIx55WU=
Subject key identifier:   3B:70:F9:6A:FD:82:97:9F:BC:5C:B8:04:BB:37:F9:7E:AA:44:B3:F6
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       0188671EB24AC89790511F286BFF4844D02A
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/O3D5av2Cl5-8XLgEuzf5fqpEs_Y.roa
Signing time:             Mon 29 May 2023 10:47:24 +0000
ROA not before:           Mon 29 May 2023 10:47:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51431
IP address blocks:        77.237.66.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:67:1e:b2:4a:c8:97:90:51:1f:28:6b:ff:48:44:d0:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: May 29 10:47:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b70f96afd82979fbc5cb804bb37f97eaa44b3f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2a:e4:ac:78:3e:f2:23:4a:df:27:52:26:69:
                    44:63:4f:d4:b0:76:07:27:fb:1c:3c:4c:c1:98:0a:
                    c9:be:e7:c3:d5:32:60:79:0a:89:85:82:6f:0e:5d:
                    ca:5e:32:cc:d2:86:83:64:1f:7b:90:c7:f6:0e:4d:
                    01:8a:52:31:82:7e:2b:7a:c3:8c:8a:e8:2f:a5:f2:
                    82:f1:9b:5f:be:d1:ba:9b:31:a0:b0:43:34:9c:2f:
                    64:01:df:37:5f:fb:5a:4b:39:82:35:ff:d0:b3:6e:
                    47:9e:70:28:d6:33:4b:75:c7:20:89:d4:cb:12:e0:
                    9e:28:27:ba:33:20:fb:f0:3b:b3:3b:7e:72:60:86:
                    7a:1a:9e:eb:c2:0a:11:33:f0:0c:b1:29:b8:7f:df:
                    d2:81:19:46:06:6a:76:99:06:d2:be:49:6c:04:d5:
                    a1:e9:52:5f:9d:da:25:b3:0f:a2:75:33:b9:7a:54:
                    5b:5a:a8:5b:32:a4:3e:a2:a0:86:cf:e0:f8:ce:73:
                    3a:44:53:7f:14:15:8d:e2:5e:ee:1f:2b:d6:61:49:
                    c8:b3:80:3a:2a:92:d9:fd:a9:48:0b:c0:e9:c3:cf:
                    86:5e:49:8e:d9:69:e0:e8:31:bd:64:39:59:dc:6e:
                    65:aa:0e:13:87:04:6a:ea:3b:95:17:2b:86:97:17:
                    cc:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:70:F9:6A:FD:82:97:9F:BC:5C:B8:04:BB:37:F9:7E:AA:44:B3:F6
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/O3D5av2Cl5-8XLgEuzf5fqpEs_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.237.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:3c:27:0c:ef:1d:b8:ce:c8:e9:0f:84:7a:94:ad:e1:33:be:
         09:87:5b:8d:ac:9c:4b:bc:de:48:09:98:86:24:3c:b3:9b:14:
         a4:64:92:19:3e:62:bf:52:77:28:07:46:d3:9b:bf:62:29:55:
         1e:1c:89:b5:ed:e1:af:25:b2:a4:ec:29:29:f4:74:19:2e:fe:
         48:0f:1b:9f:6c:dc:4d:d2:aa:07:28:6a:b4:92:95:74:3e:8d:
         32:1a:b6:5e:39:d6:2c:fc:40:06:44:cd:a0:a0:96:24:ea:0d:
         7f:2b:42:4c:4c:8d:ad:6d:d3:d3:39:6b:fa:cb:c3:24:a3:95:
         b4:50:c2:55:05:db:eb:19:83:5d:fa:78:1a:ff:74:bb:cc:a0:
         36:4f:07:76:04:45:fe:8d:9c:52:a4:de:a3:d7:d5:f8:a6:5a:
         1b:0b:1e:ff:39:f7:9c:c1:f6:3f:26:25:61:00:de:f7:1a:06:
         ab:5e:e0:03:38:ec:34:b8:89:4f:28:b6:55:36:78:1d:c2:59:
         87:da:1d:00:28:7d:0b:e9:b0:bb:e2:4f:8a:f0:30:bf:e2:fa:
         69:72:08:de:34:e7:5f:7e:7f:c7:be:33:47:d3:0a:5e:a4:d9:
         53:6b:be:f3:3b:4f:0c:28:b8:db:59:bd:f7:66:6a:9c:0e:e6:
         30:2f:6b:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhnHrJKyJeQUR8oa/9IRNAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwNTI5MTA0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjcwZjk2YWZkODI5NzlmYmM1Y2I4MDRiYjM3Zjk3ZWFhNDRiM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyrkrHg+8iNK3ydSJmlEY0/UsHYH
J/scPEzBmArJvufD1TJgeQqJhYJvDl3KXjLM0oaDZB97kMf2Dk0BilIxgn4resOM
iugvpfKC8ZtfvtG6mzGgsEM0nC9kAd83X/taSzmCNf/Qs25HnnAo1jNLdccgidTL
EuCeKCe6MyD78DuzO35yYIZ6Gp7rwgoRM/AMsSm4f9/SgRlGBmp2mQbSvklsBNWh
6VJfndolsw+idTO5elRbWqhbMqQ+oqCGz+D4znM6RFN/FBWN4l7uHyvWYUnIs4A6
KpLZ/alIC8Dpw8+GXkmO2Wng6DG9ZDlZ3G5lqg4ThwRq6juVFyuGlxfMNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtw+Wr9gpefvFy4BLs3+X6qRLP2MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvTzNENWF2MkNsNS04WExnRXV6ZjVmcXBFc19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTe1CMA0G
CSqGSIb3DQEBCwUAA4IBAQApPCcM7x24zsjpD4R6lK3hM74Jh1uNrJxLvN5ICZiG
JDyzmxSkZJIZPmK/UncoB0bTm79iKVUeHIm17eGvJbKk7Ckp9HQZLv5IDxufbNxN
0qoHKGq0kpV0Po0yGrZeOdYs/EAGRM2goJYk6g1/K0JMTI2tbdPTOWv6y8Mko5W0
UMJVBdvrGYNd+nga/3S7zKA2Twd2BEX+jZxSpN6j19X4plobCx7/OfecwfY/JiVh
AN73GgarXuADOOw0uIlPKLZVNngdwlmH2h0AKH0L6bC74k+K8DC/4vppcgjeNOdf
fn/HvjNH0wpepNlTa77zO08MKLjbWb33ZmqcDuYwL2tU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org