Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/o1NV2wmA--znUgd68laqEA_UCSQ.roa
File:                     o1NV2wmA--znUgd68laqEA_UCSQ.roa (raw, json)
Hash identifier:          8Bs188zWn3fKkWLwLxLJKNQ/UqEirepwwUCUgGKfWbM=
Subject key identifier:   A3:53:55:DB:09:80:FB:EC:E7:52:07:7A:F2:56:AA:10:0F:D4:09:24
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       018CC56EDD1E0E6D69D7DDCA34627EEF62EE
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/o1NV2wmA--znUgd68laqEA_UCSQ.roa
Signing time:             Mon 01 Jan 2024 14:30:26 +0000
ROA not before:           Mon 01 Jan 2024 14:30:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29802
IP address blocks:        77.74.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 10:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:dd:1e:0e:6d:69:d7:dd:ca:34:62:7e:ef:62:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  1 14:30:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a35355db0980fbece752077af256aa100fd40924
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5f:e1:fa:02:2d:97:1c:92:54:92:61:a9:7b:
                    05:e8:8c:c7:c5:a7:86:5a:a2:8b:e3:87:77:b0:55:
                    26:d9:aa:f2:56:19:d2:a3:ab:51:35:5d:02:bf:61:
                    45:53:f3:66:59:e3:9a:e6:8d:e8:bd:65:9b:5a:61:
                    a9:8b:9b:e2:ba:1f:6c:f6:7e:fe:51:f3:11:38:48:
                    15:98:a4:af:01:f4:9d:ae:38:0c:f8:21:7c:c0:8c:
                    64:4c:f1:cf:cf:54:50:33:e1:db:1a:f4:cc:af:35:
                    95:f6:b2:9b:d4:f5:38:2c:9d:f3:5f:1a:37:05:ee:
                    5f:16:45:7e:a5:28:bb:fe:00:e7:66:bb:7b:22:9f:
                    ca:85:fe:fe:55:b4:f4:f8:a1:d9:72:4f:d3:c0:36:
                    0b:f8:f7:c7:92:76:cd:32:61:02:e0:f5:dc:f4:69:
                    a2:96:88:e7:da:4e:6f:27:c1:84:61:e5:38:a2:3b:
                    12:d0:54:4c:73:3c:a5:9f:7a:64:30:ef:68:ba:73:
                    a4:d4:7c:1b:dd:64:ff:b1:d5:54:d9:a6:3d:b6:46:
                    3c:db:1f:8d:31:94:98:54:fa:a2:73:5f:d6:d3:70:
                    31:5d:a4:41:4d:10:00:08:ad:ae:7f:0c:54:dc:64:
                    c3:d0:e5:3d:94:9f:12:33:cb:bd:78:5f:e8:25:f6:
                    34:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:53:55:DB:09:80:FB:EC:E7:52:07:7A:F2:56:AA:10:0F:D4:09:24
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/o1NV2wmA--znUgd68laqEA_UCSQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:46:4c:ac:eb:77:d7:54:f9:1d:6d:0e:4f:a3:19:39:69:75:
         9d:b1:27:b9:c1:69:ff:7d:81:b5:3b:03:93:84:f1:06:54:8f:
         ac:4b:4d:f6:87:0f:bd:bc:c2:29:15:73:9f:f6:f1:a6:20:d8:
         92:cc:36:6e:bc:8b:53:a5:39:35:94:19:10:d3:91:6f:51:b6:
         b6:61:f3:6d:b8:89:66:6d:9c:a0:eb:1c:4e:83:be:f9:e5:c5:
         19:87:ea:d0:19:e3:46:43:2a:a9:bc:ba:eb:70:88:8e:5d:dd:
         26:2c:8e:86:fd:3a:74:c2:06:31:1d:38:c9:49:5c:a5:ff:cb:
         da:a4:e5:35:c1:6b:d5:96:4a:63:df:d3:4f:a8:2b:dd:76:a3:
         64:7a:1a:8f:ad:40:f1:7e:41:ca:22:65:bd:55:bd:20:14:84:
         28:08:70:92:af:ff:d2:f2:4b:de:8c:bf:24:1a:b9:e5:05:ad:
         b9:74:de:8f:d1:4e:6e:20:ed:32:69:99:81:2a:a7:80:b8:7e:
         4d:41:d9:77:e2:5c:8c:2d:a4:86:f2:3a:f8:78:9a:63:e6:6d:
         26:04:94:b1:3f:ec:1d:7c:8f:ad:43:a2:15:0c:35:6b:04:75:
         75:de:35:34:c5:87:2e:4b:a7:22:b3:bd:7d:b0:44:7a:45:b0:
         ae:44:ee:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbt0eDm1p193KNGJ+72LuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUzNTVkYjA5ODBmYmVjZTc1MjA3N2FmMjU2YWExMDBmZDQwOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F/h+gItlxySVJJhqXsF6IzHxaeG
WqKL44d3sFUm2aryVhnSo6tRNV0Cv2FFU/NmWeOa5o3ovWWbWmGpi5viuh9s9n7+
UfMROEgVmKSvAfSdrjgM+CF8wIxkTPHPz1RQM+HbGvTMrzWV9rKb1PU4LJ3zXxo3
Be5fFkV+pSi7/gDnZrt7Ip/Khf7+VbT0+KHZck/TwDYL+PfHknbNMmEC4PXc9Gmi
lojn2k5vJ8GEYeU4ojsS0FRMczyln3pkMO9ounOk1Hwb3WT/sdVU2aY9tkY82x+N
MZSYVPqic1/W03AxXaRBTRAACK2ufwxU3GTD0OU9lJ8SM8u9eF/oJfY0lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNTVdsJgPvs51IHevJWqhAP1AkkMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvbzFOVjJ3bUEtLXpuVWdkNjhsYXFFQV9VQ1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUrnMA0G
CSqGSIb3DQEBCwUAA4IBAQBuRkys63fXVPkdbQ5Poxk5aXWdsSe5wWn/fYG1OwOT
hPEGVI+sS032hw+9vMIpFXOf9vGmINiSzDZuvItTpTk1lBkQ05FvUba2YfNtuIlm
bZyg6xxOg7755cUZh+rQGeNGQyqpvLrrcIiOXd0mLI6G/Tp0wgYxHTjJSVyl/8va
pOU1wWvVlkpj39NPqCvddqNkehqPrUDxfkHKImW9Vb0gFIQoCHCSr//S8kvejL8k
GrnlBa25dN6P0U5uIO0yaZmBKqeAuH5NQdl34lyMLaSG8jr4eJpj5m0mBJSxP+wd
fI+tQ6IVDDVrBHV13jU0xYcuS6cis719sER6RbCuRO5j
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org