Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/7VgpWSqKrfyGC8CbM3v83GKU7ss.roa
File:                     7VgpWSqKrfyGC8CbM3v83GKU7ss.roa (raw, json)
Hash identifier:          r+Qt17oVEneR7fyUGJpYoIoOn5xuTOMWeVt916A+g0A=
Subject key identifier:   ED:58:29:59:2A:8A:AD:FC:86:0B:C0:9B:33:7B:FC:DC:62:94:EE:CB
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       018573038D6F737F13169AB01B1AE049CDC5
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/7VgpWSqKrfyGC8CbM3v83GKU7ss.roa
Signing time:             Mon 02 Jan 2023 15:04:50 +0000
ROA not before:           Mon 02 Jan 2023 15:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43179
IP address blocks:        77.74.226.0/24 maxlen: 24
                          77.74.224.0/24 maxlen: 24
                          77.74.227.0/24 maxlen: 24
                          109.105.206.0/24 maxlen: 24
                          109.105.204.0/24 maxlen: 24
                          109.105.202.0/24 maxlen: 24
                          109.105.203.0/24 maxlen: 24
                          109.105.201.0/24 maxlen: 24
                          109.105.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:03:8d:6f:73:7f:13:16:9a:b0:1b:1a:e0:49:cd:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  2 15:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed5829592a8aadfc860bc09b337bfcdc6294eecb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:96:6c:0c:d4:67:42:ff:cd:76:03:da:5b:bd:
                    7e:31:bc:5e:ae:c8:3e:99:c9:13:b7:73:25:76:58:
                    b3:3f:f4:da:96:28:25:35:9a:ff:1c:f4:f8:3c:e4:
                    1f:cc:a9:f5:00:1c:2c:c7:dd:87:57:48:f5:8c:69:
                    16:99:f8:3d:3b:b3:ac:cf:16:82:9a:96:43:d1:c9:
                    7d:e7:3a:8e:b8:04:fb:ab:7a:3a:13:be:59:53:52:
                    44:dc:7a:e7:12:93:4d:c5:5b:5a:37:39:98:04:a0:
                    8d:d4:6e:b4:c3:37:58:58:75:3f:dc:21:59:fc:47:
                    b1:2b:a7:d6:bc:d0:71:85:85:fe:8c:00:6a:cf:17:
                    8f:17:32:22:b8:f5:3e:6c:83:5e:d2:a1:98:67:61:
                    02:92:a9:7c:38:9d:9f:e8:ee:59:08:df:98:ef:83:
                    49:d6:d3:84:89:cb:4e:33:e5:9b:f9:2a:af:1e:d2:
                    b3:de:26:1f:6c:82:76:53:5e:3f:35:10:5a:5d:41:
                    48:44:8a:4a:0e:10:7d:da:c4:bc:8f:c0:82:26:93:
                    52:c0:5d:04:ee:96:31:b1:63:3f:a4:7a:19:00:35:
                    df:02:e8:0e:9b:33:b1:4a:09:cb:7d:b0:0a:0c:de:
                    37:a3:0a:25:67:29:9e:f5:6b:8d:64:4a:5f:98:b0:
                    ae:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:58:29:59:2A:8A:AD:FC:86:0B:C0:9B:33:7B:FC:DC:62:94:EE:CB
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/7VgpWSqKrfyGC8CbM3v83GKU7ss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.224.0/24
                  77.74.226.0/23
                  109.105.200.0-109.105.204.255
                  109.105.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:f7:83:80:b1:90:5d:b8:de:36:ad:d6:f2:fe:2e:e4:04:58:
         aa:6a:b9:76:75:9a:c9:3d:7b:d5:03:89:d8:85:43:10:4a:41:
         15:16:43:ac:55:d6:7e:31:33:49:76:b4:a7:9d:83:b1:40:d4:
         3b:2c:ac:95:a1:77:97:0a:80:76:fa:7a:ac:5a:ab:0a:68:cf:
         cd:9e:ff:e4:cb:09:11:ed:e1:73:6a:17:fc:5d:14:7d:be:c3:
         d4:36:c0:32:1c:a7:2f:ea:af:36:1b:13:0b:17:89:57:16:42:
         fb:9b:aa:9c:bd:26:ea:75:b9:18:1a:44:e6:1e:28:ee:43:98:
         04:88:30:ec:2b:06:7f:95:2a:fc:3b:bc:ee:c2:d0:06:65:3a:
         f8:25:e3:d5:93:24:d9:3c:04:77:37:f7:17:4e:2f:fe:0b:c6:
         a9:89:ea:cd:ad:d6:3c:02:fc:24:d2:af:c5:28:46:93:fb:e9:
         3c:7f:7d:ac:ed:d7:a6:5d:d9:a5:b0:31:43:f9:34:b2:4d:ef:
         d0:dd:20:b8:91:8b:ac:00:9e:86:86:1f:53:2d:3d:d8:a9:d0:
         30:3d:d1:2e:6f:b1:80:fa:9c:4d:13:8a:00:cb:8e:2d:25:01:
         29:a2:79:dc:ad:c5:30:aa:9b:37:34:73:ff:3e:3d:f5:80:b9:
         ea:82:e8:f5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzA41vc38TFpqwGxrgSc3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDU4Mjk1OTJhOGFhZGZjODYwYmMwOWIzMzdiZmNkYzYyOTRlZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpZsDNRnQv/NdgPaW71+Mbxersg+
mckTt3MldlizP/TaliglNZr/HPT4POQfzKn1ABwsx92HV0j1jGkWmfg9O7OszxaC
mpZD0cl95zqOuAT7q3o6E75ZU1JE3HrnEpNNxVtaNzmYBKCN1G60wzdYWHU/3CFZ
/EexK6fWvNBxhYX+jABqzxePFzIiuPU+bINe0qGYZ2ECkql8OJ2f6O5ZCN+Y74NJ
1tOEictOM+Wb+SqvHtKz3iYfbIJ2U14/NRBaXUFIRIpKDhB92sS8j8CCJpNSwF0E
7pYxsWM/pHoZADXfAugOmzOxSgnLfbAKDN43owolZyme9WuNZEpfmLCuHwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO1YKVkqiq38hgvAmzN7/NxilO7LMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvN1ZncFdTcUtyZnlHQzhDYk0zdjgzR0tVN3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATUrgAwQB
TUriMAwDBANtacgDBABtacwDBABtac4wDQYJKoZIhvcNAQELBQADggEBAAL3g4Cx
kF243jat1vL+LuQEWKpquXZ1msk9e9UDidiFQxBKQRUWQ6xV1n4xM0l2tKedg7FA
1DssrJWhd5cKgHb6eqxaqwpoz82e/+TLCRHt4XNqF/xdFH2+w9Q2wDIcpy/qrzYb
EwsXiVcWQvubqpy9Jup1uRgaROYeKO5DmASIMOwrBn+VKvw7vO7C0AZlOvgl49WT
JNk8BHc39xdOL/4LxqmJ6s2t1jwC/CTSr8UoRpP76Tx/fazt16Zd2aWwMUP5NLJN
79DdILiRi6wAnoaGH1MtPdip0DA90S5vsYD6nE0TigDLji0lASmiedytxTCqmzc0
c/8+PfWAueqC6PU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org