Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/7wipX567yZryPrR3QQYbrWpcB0k.roa
File:                     7wipX567yZryPrR3QQYbrWpcB0k.roa (raw, json)
Hash identifier:          8mrnFgR9+rY4/jZU0Uh4MHdb03RvKjbea7BztVuZOps=
Subject key identifier:   EF:08:A9:5F:9E:BB:C9:9A:F2:3E:B4:77:41:06:1B:AD:6A:5C:07:49
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       018798EB78F2F372CD086B9E7F1F1F980EBD
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/7wipX567yZryPrR3QQYbrWpcB0k.roa
Signing time:             Wed 19 Apr 2023 09:49:41 +0000
ROA not before:           Wed 19 Apr 2023 09:49:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210392
IP address blocks:        185.180.128.0/22 maxlen: 24
                          2a0a:a480::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:98:eb:78:f2:f3:72:cd:08:6b:9e:7f:1f:1f:98:0e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Apr 19 09:49:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef08a95f9ebbc99af23eb47741061bad6a5c0749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:71:73:c3:b0:28:56:e4:cd:da:f8:f5:86:6a:
                    d6:bd:2f:ba:78:a2:c3:e9:50:9f:c4:9f:01:50:c6:
                    a0:08:2b:b8:89:71:a9:67:03:1f:78:d9:c3:7e:72:
                    2f:a6:96:1f:ee:82:2c:21:64:d0:63:e2:ca:3e:37:
                    3b:39:70:a1:a7:9b:4e:c0:b3:c0:40:88:ad:28:17:
                    3c:d6:81:5c:ea:11:8b:23:28:2a:72:bf:90:db:d4:
                    e5:86:c9:fc:4e:bc:ad:b5:95:a1:01:ca:99:30:e3:
                    ac:d6:92:c7:7d:ef:63:1f:7d:e6:30:a2:82:be:10:
                    9e:8a:1c:64:84:59:7d:cc:a9:a6:2d:00:dd:a3:44:
                    de:a7:1f:da:f0:a0:0a:77:1e:49:80:73:e1:1f:cf:
                    60:4e:d5:b3:76:c8:a8:e8:c4:62:74:4c:2b:a2:b4:
                    96:2d:90:37:50:d2:85:d7:50:34:3b:f0:25:74:d1:
                    c5:b0:de:b3:20:c5:36:d8:c7:3a:98:87:e8:33:3b:
                    dd:1a:a4:f4:e1:45:b4:4e:e0:a4:9a:74:0c:b0:6c:
                    9e:9e:11:ac:40:32:35:b8:a6:b4:25:9f:fe:b8:9c:
                    1c:77:44:cf:ed:75:aa:e6:93:9e:e7:d5:82:98:6e:
                    2c:03:ef:9a:78:aa:ee:20:7d:54:a4:50:1a:05:25:
                    4d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:08:A9:5F:9E:BB:C9:9A:F2:3E:B4:77:41:06:1B:AD:6A:5C:07:49
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/7wipX567yZryPrR3QQYbrWpcB0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.180.128.0/22
                IPv6:
                  2a0a:a480::/29

    Signature Algorithm: sha256WithRSAEncryption
         57:ce:d0:fa:de:48:a6:94:ad:84:1a:17:47:7f:54:2f:c3:b2:
         86:c1:eb:c1:d7:7d:e9:af:8c:4c:5d:a6:a1:06:e5:f0:29:78:
         c8:95:6c:72:10:ba:5d:88:c4:50:cf:8b:53:7c:69:e3:1e:61:
         0c:da:0d:2c:43:e6:c1:01:5a:9b:9d:a0:01:bf:98:fb:04:65:
         cd:f2:a8:1e:1e:1a:35:f5:22:33:84:0c:30:4f:c1:b8:f8:b9:
         06:58:d1:16:b5:ca:09:7e:f7:7f:d8:91:f9:78:0f:ef:d2:51:
         94:1d:ba:ac:96:fa:d5:a1:25:70:ec:ae:dc:c4:fa:92:d1:8e:
         c2:fb:86:99:4f:3b:d2:e5:9f:0d:99:53:a0:1e:19:62:7e:b8:
         86:c7:58:be:4a:40:3c:a2:ff:b3:84:f1:77:44:89:e7:b2:c8:
         ee:7e:c7:90:0a:a4:11:ba:22:30:84:0b:ae:ae:dc:87:86:c7:
         65:1c:f3:06:bd:0a:c4:6b:cb:bd:21:f8:62:dc:f9:aa:8f:7c:
         a5:c8:bf:a3:cd:d2:2b:97:ac:dd:30:d9:74:9c:89:b1:9d:6f:
         23:c8:3a:d4:13:bf:bd:33:3d:22:12:68:1b:08:0c:d6:82:fa:
         50:39:e5:48:58:b1:1a:fd:59:04:ea:ae:e8:f2:7c:1c:2f:9d:
         03:00:84:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeY63jy83LNCGuefx8fmA69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwNDE5MDk0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjA4YTk1ZjllYmJjOTlhZjIzZWI0Nzc0MTA2MWJhZDZhNWMwNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHFzw7AoVuTN2vj1hmrWvS+6eKLD
6VCfxJ8BUMagCCu4iXGpZwMfeNnDfnIvppYf7oIsIWTQY+LKPjc7OXChp5tOwLPA
QIitKBc81oFc6hGLIygqcr+Q29Tlhsn8TryttZWhAcqZMOOs1pLHfe9jH33mMKKC
vhCeihxkhFl9zKmmLQDdo0Tepx/a8KAKdx5JgHPhH89gTtWzdsio6MRidEwrorSW
LZA3UNKF11A0O/AldNHFsN6zIMU22Mc6mIfoMzvdGqT04UW0TuCkmnQMsGyenhGs
QDI1uKa0JZ/+uJwcd0TP7XWq5pOe59WCmG4sA++aeKruIH1UpFAaBSVNKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO8IqV+eu8ma8j60d0EGG61qXAdJMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvN3dpcFg1Njd5WnJ5UHJSM1FRWWJyV3BjQjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubSAMA0E
AgACMAcDBQMqCqSAMA0GCSqGSIb3DQEBCwUAA4IBAQBXztD63kimlK2EGhdHf1Qv
w7KGwevB133pr4xMXaahBuXwKXjIlWxyELpdiMRQz4tTfGnjHmEM2g0sQ+bBAVqb
naABv5j7BGXN8qgeHho19SIzhAwwT8G4+LkGWNEWtcoJfvd/2JH5eA/v0lGUHbqs
lvrVoSVw7K7cxPqS0Y7C+4aZTzvS5Z8NmVOgHhlifriGx1i+SkA8ov+zhPF3RInn
ssjufseQCqQRuiIwhAuurtyHhsdlHPMGvQrEa8u9Ifhi3Pmqj3ylyL+jzdIrl6zd
MNl0nImxnW8jyDrUE7+9Mz0iEmgbCAzWgvpQOeVIWLEa/VkE6q7o8nwcL50DAIST
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org