Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/GQ-0ZUxZvmYrsWw1YirWGftiLFQ.roa
File:                     GQ-0ZUxZvmYrsWw1YirWGftiLFQ.roa (raw, json)
Hash identifier:          qh1ul7PwCxRk/WDwQGE3cM0SWP+YFgGQYZH16n+C1l0=
Subject key identifier:   19:0F:B4:65:4C:59:BE:66:2B:B1:6C:35:62:2A:D6:19:FB:62:2C:54
Certificate issuer:       /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial:       01856B40C44B3954AC4BF6CCD58F6FCD8973
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/GQ-0ZUxZvmYrsWw1YirWGftiLFQ.roa
Signing time:             Sun 01 Jan 2023 02:54:44 +0000
ROA not before:           Sun 01 Jan 2023 02:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51487
IP address blocks:        77.228.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:40:c4:4b:39:54:ac:4b:f6:cc:d5:8f:6f:cd:89:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
        Validity
            Not Before: Jan  1 02:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=190fb4654c59be662bb16c35622ad619fb622c54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:54:87:e8:25:15:08:36:6a:ee:2f:7b:3a:bb:
                    bf:b7:68:60:14:59:ec:37:39:57:82:6f:0d:bb:31:
                    0f:3f:5e:85:3e:63:48:90:7c:7a:2b:c9:fd:2c:62:
                    0b:5f:63:83:d7:67:a7:77:8e:e7:6b:ad:71:d0:a5:
                    d7:11:51:f7:33:ba:61:63:bf:70:f5:62:16:eb:cb:
                    85:b9:4b:0c:ae:ca:ed:83:ec:c1:ca:f7:bd:2f:f5:
                    cf:a7:96:0b:6d:71:df:44:47:01:c0:a3:be:cc:9e:
                    3c:05:7f:85:d5:f6:a9:00:09:a2:cf:8b:db:6a:cc:
                    e9:37:bf:80:29:92:6d:70:3b:e5:4a:15:c1:8c:0a:
                    e2:99:02:8d:f9:bb:80:46:58:b0:87:bf:f4:34:d6:
                    58:79:d6:71:d1:09:83:d5:10:73:56:9c:22:06:b0:
                    f0:3e:f5:dd:d2:15:44:8f:dd:9f:3d:b7:86:fa:69:
                    f7:50:47:92:fa:80:3e:4a:a6:67:3c:d3:77:db:eb:
                    c8:64:73:ed:67:31:e6:78:c5:0e:c9:77:36:45:06:
                    d4:c4:14:a0:98:2d:ac:80:3c:70:32:35:25:6f:0f:
                    9a:fe:d7:f9:b4:51:06:b8:5a:76:14:9b:de:4a:02:
                    0e:81:8e:79:9c:c1:5e:96:96:61:f1:06:d7:0f:77:
                    09:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:0F:B4:65:4C:59:BE:66:2B:B1:6C:35:62:2A:D6:19:FB:62:2C:54
            X509v3 Authority Key Identifier:
                keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/GQ-0ZUxZvmYrsWw1YirWGftiLFQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.228.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:52:a1:86:9f:fd:e3:5b:77:13:0c:90:75:c7:df:91:c4:41:
         2a:01:a4:c7:85:46:a9:a4:a4:16:91:3a:54:00:91:2e:de:5b:
         56:f8:dd:42:84:83:c5:f3:ec:34:54:53:c6:4c:4d:45:2c:d1:
         0f:09:09:68:01:2c:11:0e:15:cc:b6:67:11:45:6d:77:ce:c2:
         ab:17:a9:d5:e0:15:7a:24:16:e5:a8:a1:66:47:88:03:c7:50:
         57:b6:94:33:a1:c2:32:fd:d1:31:28:fd:5d:f9:5d:61:c0:45:
         33:ad:39:a2:6c:47:7d:53:da:42:bb:07:41:02:3d:18:56:39:
         36:d2:3f:74:9a:b4:35:f7:23:22:e9:fe:ea:7d:66:95:34:88:
         7e:b2:15:c8:32:a7:e2:9e:e2:51:70:95:11:e3:02:09:0b:6e:
         c6:0f:be:79:d9:78:fa:21:ac:80:8c:86:c2:fc:22:6a:8b:f4:
         a2:19:2e:79:bf:d2:f5:fa:39:10:63:fa:8b:0f:17:6c:b9:aa:
         d7:0c:78:ce:3e:ed:08:af:3e:78:2a:cf:a3:64:4e:c6:97:d3:
         f2:75:2d:85:76:37:2b:dc:c0:89:1d:94:ac:58:52:84:49:a9:
         73:f9:8c:e1:bb:d2:d5:5d:19:99:28:0a:f8:c9:28:b4:07:68:
         71:68:43:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrQMRLOVSsS/bM1Y9vzYlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjMwMTAxMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBmYjQ2NTRjNTliZTY2MmJiMTZjMzU2MjJhZDYxOWZiNjIyYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVSH6CUVCDZq7i97Oru/t2hgFFns
NzlXgm8NuzEPP16FPmNIkHx6K8n9LGILX2OD12end47na61x0KXXEVH3M7phY79w
9WIW68uFuUsMrsrtg+zByve9L/XPp5YLbXHfREcBwKO+zJ48BX+F1fapAAmiz4vb
aszpN7+AKZJtcDvlShXBjArimQKN+buARliwh7/0NNZYedZx0QmD1RBzVpwiBrDw
PvXd0hVEj92fPbeG+mn3UEeS+oA+SqZnPNN32+vIZHPtZzHmeMUOyXc2RQbUxBSg
mC2sgDxwMjUlbw+a/tf5tFEGuFp2FJveSgIOgY55nMFelpZh8QbXD3cJXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkPtGVMWb5mK7FsNWIq1hn7YixUMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvR1EtMFpVeFp2bVlyc1d3MVlpcldHZnRpTEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATeTIMA0G
CSqGSIb3DQEBCwUAA4IBAQA6UqGGn/3jW3cTDJB1x9+RxEEqAaTHhUappKQWkTpU
AJEu3ltW+N1ChIPF8+w0VFPGTE1FLNEPCQloASwRDhXMtmcRRW13zsKrF6nV4BV6
JBblqKFmR4gDx1BXtpQzocIy/dExKP1d+V1hwEUzrTmibEd9U9pCuwdBAj0YVjk2
0j90mrQ19yMi6f7qfWaVNIh+shXIMqfinuJRcJUR4wIJC27GD7552Xj6IayAjIbC
/CJqi/SiGS55v9L1+jkQY/qLDxdsuarXDHjOPu0Irz54Ks+jZE7Gl9PydS2Fdjcr
3MCJHZSsWFKESalz+Yzhu9LVXRmZKAr4ySi0B2hxaENb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:01 2024 by rpki-client on console-fra.rpki-client.org