Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/bPAXh_cZT8AbEeBeQQ5j87yLozY.roa
File:                     bPAXh_cZT8AbEeBeQQ5j87yLozY.roa (raw, json)
Hash identifier:          0IWibn89O5iqQJAWbvAEp3wjDL4YjX6MDHz+wiUrm/8=
Subject key identifier:   6C:F0:17:87:F7:19:4F:C0:1B:11:E0:5E:41:0E:63:F3:BC:8B:A3:36
Certificate issuer:       /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial:       018F208A51D2645BC541952987CC64359D90
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/bPAXh_cZT8AbEeBeQQ5j87yLozY.roa
Signing time:             Sat 27 Apr 2024 17:11:26 +0000
ROA not before:           Sat 27 Apr 2024 17:11:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     147291
IP address blocks:        77.93.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 May 2024 11:48:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:20:8a:51:d2:64:5b:c5:41:95:29:87:cc:64:35:9d:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
        Validity
            Not Before: Apr 27 17:11:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6cf01787f7194fc01b11e05e410e63f3bc8ba336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:78:71:19:b8:0f:46:6c:de:89:b1:9d:76:6f:
                    2b:7b:0d:87:81:b0:d1:70:ad:ce:42:9c:ea:ae:a8:
                    40:73:f8:06:05:ae:a5:6f:c1:de:ac:7b:00:99:a1:
                    b1:ea:33:d0:62:df:15:4a:7c:ec:93:b0:9f:c4:e4:
                    b8:40:66:a0:eb:60:62:62:fb:3b:ba:28:71:36:52:
                    f1:e6:22:07:b4:be:b7:14:fa:7e:bd:cd:77:61:bc:
                    36:a0:0f:0e:88:10:ac:67:06:8e:61:1e:5b:c0:35:
                    93:45:07:4a:31:8e:40:01:37:9b:a9:72:68:50:50:
                    f4:02:db:4c:46:5e:5d:58:82:4c:1d:4e:06:34:04:
                    d3:18:c6:bd:52:5a:a7:4d:f7:b9:e2:fb:11:68:82:
                    b5:c4:28:72:8f:30:0e:d9:69:4b:60:e7:c1:f8:60:
                    ff:8b:8c:fb:83:8c:97:e7:fd:aa:02:04:55:fd:4d:
                    05:7d:6d:80:a9:53:4b:c1:a4:03:31:b9:80:a2:8c:
                    fc:0b:e2:d0:73:0b:8d:fc:62:e3:5e:90:2f:b9:55:
                    a5:e1:db:4c:8a:c5:14:03:aa:07:66:26:c2:67:c0:
                    51:93:0c:6a:4f:b8:0e:dd:55:3e:3e:4c:f7:ec:eb:
                    58:02:de:c1:35:0b:d6:86:a9:74:f8:eb:16:bc:00:
                    84:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:F0:17:87:F7:19:4F:C0:1B:11:E0:5E:41:0E:63:F3:BC:8B:A3:36
            X509v3 Authority Key Identifier:
                keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/bPAXh_cZT8AbEeBeQQ5j87yLozY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.93.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:09:06:43:7c:9e:c6:39:c0:c9:82:d5:be:29:bd:82:0c:7d:
         ac:9b:da:23:77:40:85:a9:b2:e4:0f:20:6f:7b:1f:fe:1e:b4:
         18:77:2b:c9:53:a0:da:0f:dc:be:23:f5:99:84:c5:c2:f2:58:
         4f:ad:41:9a:6a:7f:35:d7:85:33:0a:4b:d1:6b:21:cb:77:41:
         fb:67:e9:69:25:0b:e9:84:88:85:73:f9:ce:7a:05:d1:ec:fe:
         19:a7:2a:b5:3a:1e:8b:1e:20:f6:ef:9e:95:f9:3c:c8:ea:07:
         c3:29:83:e2:ca:62:95:1f:a4:de:b6:8d:83:53:e4:ec:41:23:
         93:54:68:5b:f4:cd:3b:35:40:95:31:91:d7:76:86:51:61:da:
         77:34:11:7e:88:aa:dd:a7:df:6e:05:88:04:8b:70:69:b3:d5:
         37:17:5a:74:c1:b3:cc:a8:45:94:c8:c5:ef:81:b4:45:cf:e4:
         1e:d2:56:e1:07:26:1b:5d:4f:47:dc:38:67:a2:c8:38:4c:9c:
         b4:78:c1:57:bb:ea:57:fa:f5:21:56:16:0b:03:7a:56:b4:ed:
         5a:f6:d4:fa:34:9c:e2:ac:3c:54:85:be:04:a2:28:ff:00:c2:
         2f:64:e1:4a:16:92:37:71:9b:02:8c:54:fc:93:89:fb:0a:05:
         11:26:34:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8gilHSZFvFQZUph8xkNZ2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQwNDI3MTcxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2YwMTc4N2Y3MTk0ZmMwMWIxMWUwNWU0MTBlNjNmM2JjOGJhMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13hxGbgPRmzeibGddm8rew2HgbDR
cK3OQpzqrqhAc/gGBa6lb8HerHsAmaGx6jPQYt8VSnzsk7CfxOS4QGag62BiYvs7
uihxNlLx5iIHtL63FPp+vc13Ybw2oA8OiBCsZwaOYR5bwDWTRQdKMY5AATebqXJo
UFD0AttMRl5dWIJMHU4GNATTGMa9UlqnTfe54vsRaIK1xChyjzAO2WlLYOfB+GD/
i4z7g4yX5/2qAgRV/U0FfW2AqVNLwaQDMbmAooz8C+LQcwuN/GLjXpAvuVWl4dtM
isUUA6oHZibCZ8BRkwxqT7gO3VU+Pkz37OtYAt7BNQvWhql0+OsWvACEWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzwF4f3GU/AGxHgXkEOY/O8i6M2MB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvYlBBWGhfY1pUOEFiRWVCZVFRNWo4N3lMb3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATV2NMA0G
CSqGSIb3DQEBCwUAA4IBAQCDCQZDfJ7GOcDJgtW+Kb2CDH2sm9ojd0CFqbLkDyBv
ex/+HrQYdyvJU6DaD9y+I/WZhMXC8lhPrUGaan8114UzCkvRayHLd0H7Z+lpJQvp
hIiFc/nOegXR7P4Zpyq1Oh6LHiD2756V+TzI6gfDKYPiymKVH6Teto2DU+TsQSOT
VGhb9M07NUCVMZHXdoZRYdp3NBF+iKrdp99uBYgEi3Bps9U3F1p0wbPMqEWUyMXv
gbRFz+Qe0lbhByYbXU9H3Dhnosg4TJy0eMFXu+pX+vUhVhYLA3pWtO1a9tT6NJzi
rDxUhb4Eoij/AMIvZOFKFpI3cZsCjFT8k4n7CgURJjQO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org