Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hRFc5D9GDlv-UBW4khJWB8CCtVY.roa
File:                     hRFc5D9GDlv-UBW4khJWB8CCtVY.roa (raw, json)
Hash identifier:          UakPpR26GyyjElttSB8tjTbIROGCkEkIHE0EkodHpBA=
Subject key identifier:   85:11:5C:E4:3F:46:0E:5B:FE:50:15:B8:92:12:56:07:C0:82:B5:56
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       01856BDCB1B30D679F00B0BD930CFEF689F5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hRFc5D9GDlv-UBW4khJWB8CCtVY.roa
Signing time:             Sun 01 Jan 2023 05:45:03 +0000
ROA not before:           Sun 01 Jan 2023 05:45:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206070
IP address blocks:        77.36.62.0/23 maxlen: 24
                          93.120.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:dc:b1:b3:0d:67:9f:00:b0:bd:93:0c:fe:f6:89:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Jan  1 05:45:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85115ce43f460e5bfe5015b892125607c082b556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:38:f4:42:a6:04:9f:e6:02:3b:6f:5f:f6:85:
                    3a:f3:7d:af:ba:29:c0:ce:64:3f:bb:52:d0:15:85:
                    32:ea:a6:42:53:79:c9:18:a3:54:7b:d9:72:90:b0:
                    9a:2e:a3:c1:75:e3:f9:c1:fc:5e:53:c2:89:d4:87:
                    9f:6f:73:08:df:6b:05:a6:94:08:06:d2:a6:88:07:
                    f4:90:8b:5f:3f:f8:f0:22:cd:6b:13:10:5f:b4:53:
                    bc:c3:cd:c1:46:9a:17:da:cf:3d:bb:ba:50:c1:b4:
                    70:e6:2c:01:78:1e:eb:cb:15:d4:58:14:ff:a6:03:
                    bb:e6:97:b7:43:4c:e7:ed:19:30:d0:4a:ff:00:1b:
                    a0:69:65:5c:ec:c4:0f:8f:70:d6:a7:95:d8:db:2d:
                    23:96:a2:20:76:67:8a:cc:0a:8a:d1:67:c5:4c:6a:
                    d1:93:0b:7f:79:57:27:17:29:8f:df:4a:22:78:27:
                    da:36:c1:7c:22:a7:d6:84:ff:82:4d:e4:42:03:9d:
                    89:b9:38:f4:b7:4b:fa:2b:f6:d1:54:12:58:27:58:
                    8a:8e:79:fb:28:39:e9:6c:15:6a:63:66:bc:5c:90:
                    66:85:19:06:37:9d:b0:ac:3a:ec:8f:3e:3a:da:a0:
                    e8:fc:62:b5:95:76:2d:85:67:f0:80:d1:ee:8e:69:
                    15:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:11:5C:E4:3F:46:0E:5B:FE:50:15:B8:92:12:56:07:C0:82:B5:56
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hRFc5D9GDlv-UBW4khJWB8CCtVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.36.62.0/23
                  93.120.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:03:56:24:7d:97:91:7c:bc:07:10:99:37:b4:80:ba:b4:01:
         f1:13:6e:c7:94:04:7f:6e:50:49:64:4e:f4:35:0a:31:8e:4f:
         b1:66:2e:7f:02:89:e6:60:bd:3d:f1:5d:27:18:68:25:54:7f:
         60:d8:29:b6:3e:96:b6:9b:f1:a8:db:3b:c1:ba:e8:51:f5:9a:
         40:4d:bd:c0:a9:80:fe:14:e8:40:ca:09:e8:09:d0:b0:86:60:
         e3:14:d5:5a:17:f3:40:0a:7a:c0:87:f3:54:67:9a:39:8d:a2:
         83:43:f2:f4:bf:87:f2:10:a6:96:27:aa:04:56:b8:07:80:29:
         b0:b0:d8:ba:33:16:9f:52:50:22:a8:fa:33:5c:70:78:0b:1d:
         18:cb:6e:69:5b:95:bb:8d:70:a2:4f:3b:3c:91:07:d2:da:67:
         70:8c:8b:6f:4c:8b:a0:f9:d8:68:d1:fa:8b:02:98:f8:25:1f:
         f2:77:75:09:ac:10:1e:df:83:6d:7e:71:03:c0:99:22:45:cd:
         4b:e5:b9:ae:f5:cd:eb:10:69:db:70:eb:62:af:7a:78:15:df:
         d6:20:c4:89:74:0e:5c:73:db:5d:64:00:48:00:be:fb:78:c5:
         19:67:d4:23:73:62:4e:d8:cb:8c:d4:4b:13:27:6b:a2:e0:69:
         61:0a:2d:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr3LGzDWefALC9kwz+9on1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTExNWNlNDNmNDYwZTViZmU1MDE1Yjg5MjEyNTYwN2MwODJiNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjj0QqYEn+YCO29f9oU6832vuinA
zmQ/u1LQFYUy6qZCU3nJGKNUe9lykLCaLqPBdeP5wfxeU8KJ1Iefb3MI32sFppQI
BtKmiAf0kItfP/jwIs1rExBftFO8w83BRpoX2s89u7pQwbRw5iwBeB7ryxXUWBT/
pgO75pe3Q0zn7Rkw0Er/ABugaWVc7MQPj3DWp5XY2y0jlqIgdmeKzAqK0WfFTGrR
kwt/eVcnFymP30oieCfaNsF8IqfWhP+CTeRCA52JuTj0t0v6K/bRVBJYJ1iKjnn7
KDnpbBVqY2a8XJBmhRkGN52wrDrsjz462qDo/GK1lXYthWfwgNHujmkVwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIURXOQ/Rg5b/lAVuJISVgfAgrVWMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaFJGYzVEOUdEbHYtVUJXNGtoSldCOENDdFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTSQ+AwQA
XXgrMA0GCSqGSIb3DQEBCwUAA4IBAQBBA1YkfZeRfLwHEJk3tIC6tAHxE27HlAR/
blBJZE70NQoxjk+xZi5/AonmYL098V0nGGglVH9g2Cm2Ppa2m/Go2zvBuuhR9ZpA
Tb3AqYD+FOhAygnoCdCwhmDjFNVaF/NACnrAh/NUZ5o5jaKDQ/L0v4fyEKaWJ6oE
VrgHgCmwsNi6MxafUlAiqPozXHB4Cx0Yy25pW5W7jXCiTzs8kQfS2mdwjItvTIug
+dho0fqLApj4JR/yd3UJrBAe34NtfnEDwJkiRc1L5bmu9c3rEGnbcOtir3p4Fd/W
IMSJdA5cc9tdZABIAL77eMUZZ9Qjc2JO2MuM1EsTJ2ui4GlhCi3i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org