Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/B5Il8Y1-fowNnjPRa5LSXNRVmsc.roa
File:                     B5Il8Y1-fowNnjPRa5LSXNRVmsc.roa (raw, json)
Hash identifier:          4hwKsnBXhmXjNq5NHuTtZMi0hPoTxZsAgw4HbreXvuA=
Subject key identifier:   07:92:25:F1:8D:7E:7E:8C:0D:9E:33:D1:6B:92:D2:5C:D4:55:9A:C7
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       0185730393E73EABEA24DE9D6B3DD40D4895
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/B5Il8Y1-fowNnjPRa5LSXNRVmsc.roa
Signing time:             Mon 02 Jan 2023 15:04:52 +0000
ROA not before:           Mon 02 Jan 2023 15:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        77.74.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:03:93:e7:3e:ab:ea:24:de:9d:6b:3d:d4:0d:48:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  2 15:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=079225f18d7e7e8c0d9e33d16b92d25cd4559ac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c4:84:e3:f1:3f:d7:39:28:fd:db:b5:70:47:
                    67:00:5e:e7:cf:0e:e0:1b:ba:50:4e:02:89:88:6e:
                    e3:04:69:b0:13:3b:7e:01:fe:45:6d:9c:c6:17:55:
                    48:95:09:1f:a9:34:13:b4:87:9e:57:6f:30:99:85:
                    6f:ba:b6:85:4b:be:88:4a:ea:ff:3c:36:20:51:21:
                    58:c1:41:be:26:62:fd:a4:e0:5a:22:76:cd:ae:31:
                    6a:0b:ad:a2:f4:74:9b:d7:76:0a:b7:df:07:f4:79:
                    c8:2c:40:03:84:ba:b3:91:44:b7:bd:07:35:12:8a:
                    3b:8d:4a:c2:9b:12:40:4c:26:af:86:93:1e:ff:69:
                    1c:bf:45:1b:cc:ff:b4:19:1d:08:12:97:bd:8f:a0:
                    da:d6:42:81:ed:40:78:85:b5:f4:12:3b:d9:b9:10:
                    b8:7b:98:f2:46:0e:9e:33:a2:96:94:c7:99:93:e2:
                    ed:81:3e:a0:90:a0:95:02:4b:1c:8e:63:25:ed:8e:
                    e6:71:b7:2c:24:df:a5:00:67:87:18:cc:21:c7:0f:
                    f2:33:29:f7:d5:d2:a5:e0:05:04:77:06:34:e5:1d:
                    77:45:7b:b8:f2:f5:e5:95:df:39:a0:9a:02:3d:df:
                    77:f8:e7:80:45:2c:68:ba:ff:0a:77:bc:5c:ce:84:
                    08:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:92:25:F1:8D:7E:7E:8C:0D:9E:33:D1:6B:92:D2:5C:D4:55:9A:C7
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/B5Il8Y1-fowNnjPRa5LSXNRVmsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:06:15:50:5b:8b:de:ca:bc:7d:43:be:bf:68:d1:25:0c:b5:
         d4:89:29:f1:43:4c:96:41:2d:de:04:75:4b:33:93:4f:aa:08:
         c5:68:c2:22:3d:0a:b3:a6:33:2d:0d:de:0f:34:3e:7e:e1:f0:
         b8:3e:d6:b5:b7:1a:1a:45:d2:5e:bf:07:65:24:07:7c:92:eb:
         36:d3:7f:8a:4e:82:99:98:fd:c9:c8:78:07:9c:9c:8a:c3:c9:
         96:32:20:99:e4:97:92:d4:e8:f4:73:ce:8e:4b:ad:e2:15:e3:
         30:9d:39:ef:74:d9:10:58:a5:77:bc:31:67:c7:88:b2:98:4b:
         36:a9:73:d3:9a:99:43:2b:bf:63:b0:86:82:4f:d5:90:da:b6:
         f5:23:01:6c:4c:bb:1e:b0:ed:55:53:fc:4a:26:1f:56:86:51:
         83:12:e3:32:d8:cf:59:a6:7d:60:51:1a:9d:9a:e9:c9:34:7f:
         f9:76:d6:20:8c:e5:16:f6:36:c8:73:df:d5:38:b1:1f:96:fe:
         10:3d:2c:9e:5a:bf:bd:c1:62:3d:70:8c:05:1f:fa:32:a8:c8:
         99:2a:9a:7f:db:73:10:1b:2b:4a:bb:c3:34:bf:8f:06:69:ad:
         5f:8f:e1:db:bc:c5:f2:88:70:e2:12:58:e4:19:53:22:1a:88:
         a4:bf:18:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA5PnPqvqJN6daz3UDUiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkyMjVmMThkN2U3ZThjMGQ5ZTMzZDE2YjkyZDI1Y2Q0NTU5YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMSE4/E/1zko/du1cEdnAF7nzw7g
G7pQTgKJiG7jBGmwEzt+Af5FbZzGF1VIlQkfqTQTtIeeV28wmYVvuraFS76ISur/
PDYgUSFYwUG+JmL9pOBaInbNrjFqC62i9HSb13YKt98H9HnILEADhLqzkUS3vQc1
Eoo7jUrCmxJATCavhpMe/2kcv0UbzP+0GR0IEpe9j6Da1kKB7UB4hbX0EjvZuRC4
e5jyRg6eM6KWlMeZk+LtgT6gkKCVAkscjmMl7Y7mcbcsJN+lAGeHGMwhxw/yMyn3
1dKl4AUEdwY05R13RXu48vXlld85oJoCPd93+OeARSxouv8Kd7xczoQIjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAeSJfGNfn6MDZ4z0WuS0lzUVZrHMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvQjVJbDhZMS1mb3dObmpQUmE1TFNYTlJWbXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUrhMA0G
CSqGSIb3DQEBCwUAA4IBAQAtBhVQW4veyrx9Q76/aNElDLXUiSnxQ0yWQS3eBHVL
M5NPqgjFaMIiPQqzpjMtDd4PND5+4fC4Pta1txoaRdJevwdlJAd8kus203+KToKZ
mP3JyHgHnJyKw8mWMiCZ5JeS1Oj0c86OS63iFeMwnTnvdNkQWKV3vDFnx4iymEs2
qXPTmplDK79jsIaCT9WQ2rb1IwFsTLsesO1VU/xKJh9WhlGDEuMy2M9Zpn1gURqd
munJNH/5dtYgjOUW9jbIc9/VOLEflv4QPSyeWr+9wWI9cIwFH/oyqMiZKpp/23MQ
GytKu8M0v48Gaa1fj+HbvMXyiHDiEljkGVMiGoikvxig
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:50 2024 by rpki-client on console-ams.rpki-client.org