Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/BhTqt33ZlQfo3LA8koi8R1TgYHI.roa
File:                     BhTqt33ZlQfo3LA8koi8R1TgYHI.roa (raw, json)
Hash identifier:          oZXzUqplaWiBdrpTp+d694O17N+w+OAzFaJhBnAnb4Q=
Subject key identifier:   06:14:EA:B7:7D:D9:95:07:E8:DC:B0:3C:92:88:BC:47:54:E0:60:72
Certificate issuer:       /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial:       018CC348C2FB4F1AE26E35317FE8910BAFFF
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/BhTqt33ZlQfo3LA8koi8R1TgYHI.roa
Signing time:             Mon 01 Jan 2024 04:29:34 +0000
ROA not before:           Mon 01 Jan 2024 04:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20765
IP address blocks:        185.84.216.0/22 maxlen: 24
                          193.96.96.0/21 maxlen: 24
                          194.115.4.0/24 maxlen: 24
                          2a05:a880:de10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 10:16:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:c2:fb:4f:1a:e2:6e:35:31:7f:e8:91:0b:af:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
        Validity
            Not Before: Jan  1 04:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0614eab77dd99507e8dcb03c9288bc4754e06072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:f5:5c:8e:96:d2:8e:b5:41:a5:41:c6:27:ca:
                    c3:9f:83:57:05:2d:b1:63:bd:59:ca:b6:bf:b1:d6:
                    2b:9d:31:01:8f:b8:a4:10:d3:d2:a6:82:b5:ff:29:
                    a7:4b:db:63:a8:7f:f5:89:17:50:0c:79:47:14:0e:
                    29:e9:0c:e4:de:8d:89:1f:eb:7f:27:04:96:e5:b7:
                    cc:ec:f8:38:aa:b8:90:38:68:c7:df:9e:d5:79:28:
                    c0:22:91:37:36:c6:38:43:7e:76:fd:ff:77:ac:0b:
                    54:6f:b7:25:a2:d8:c8:ac:3a:b9:65:98:1b:91:04:
                    27:24:53:54:f4:49:d4:8d:ae:31:07:d1:5e:48:d8:
                    c1:66:dd:1f:ec:59:dc:07:5d:c9:c8:c2:24:e4:e6:
                    e2:12:e7:97:ca:6a:1f:05:97:89:f0:b1:8a:a1:89:
                    9e:2b:53:38:82:ca:62:14:6d:ff:a1:a1:43:6b:3a:
                    84:3f:a6:08:76:2d:25:1a:9a:d8:03:bc:90:65:01:
                    5c:48:66:e9:85:4d:b6:99:0b:25:c6:3d:27:fe:2b:
                    26:f8:db:6d:ee:3e:a0:d1:5d:e5:3d:c6:60:c9:42:
                    57:a1:36:ab:60:b9:61:0a:1e:1e:32:9a:44:50:e9:
                    b2:7a:6d:db:d0:08:66:f5:3a:d5:a6:09:0d:d0:8f:
                    f2:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:14:EA:B7:7D:D9:95:07:E8:DC:B0:3C:92:88:BC:47:54:E0:60:72
            X509v3 Authority Key Identifier:
                keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/BhTqt33ZlQfo3LA8koi8R1TgYHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.216.0/22
                  193.96.96.0/21
                  194.115.4.0/24
                IPv6:
                  2a05:a880:de10::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:13:99:61:2b:2c:79:e2:06:d4:b7:1d:87:3f:b4:04:e5:48:
         59:b2:98:dc:2b:cb:da:2a:3e:8f:4e:a0:67:18:6a:dd:65:be:
         7d:2f:0d:38:c9:c4:32:fd:ce:80:d4:e3:dd:96:9e:0e:46:7e:
         ab:6f:e2:4e:60:eb:72:f8:15:4f:0f:c8:fc:34:ed:fc:a3:13:
         5f:7f:df:ba:88:01:28:e6:ba:40:99:a4:2d:ac:03:3b:a6:ac:
         8e:39:71:90:e5:8c:c8:2f:da:ab:f7:34:e9:c4:4b:b9:26:0c:
         99:c8:6a:1e:ef:54:60:a4:9e:a2:0e:52:15:a6:e5:86:fa:9e:
         2d:e4:c7:00:36:8a:10:3a:e5:b7:ce:84:a5:5c:70:1e:b4:05:
         05:4c:31:b3:70:2d:e1:64:96:d2:77:78:e3:4d:5f:7d:38:10:
         79:10:6c:d9:fc:96:dd:28:be:fd:58:d3:41:3f:2d:48:f9:bc:
         19:8d:fc:80:b0:4a:f8:a5:7d:df:32:91:72:1a:00:dc:7e:15:
         13:0f:33:43:2f:ba:96:b4:3b:83:ad:33:41:c2:41:81:aa:07:
         1b:0c:b1:72:91:b2:67:9f:c8:27:b8:51:60:04:ef:2c:da:c7:
         7e:a1:60:bb:16:1d:31:af:dd:26:96:de:1a:53:f1:dc:2c:d8:
         69:5c:39:a2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDSML7TxribjUxf+iRC6//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE0ZWFiNzdkZDk5NTA3ZThkY2IwM2M5Mjg4YmM0NzU0ZTA2MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPVcjpbSjrVBpUHGJ8rDn4NXBS2x
Y71Zyra/sdYrnTEBj7ikENPSpoK1/ymnS9tjqH/1iRdQDHlHFA4p6Qzk3o2JH+t/
JwSW5bfM7Pg4qriQOGjH357VeSjAIpE3NsY4Q352/f93rAtUb7clotjIrDq5ZZgb
kQQnJFNU9EnUja4xB9FeSNjBZt0f7FncB13JyMIk5ObiEueXymofBZeJ8LGKoYme
K1M4gspiFG3/oaFDazqEP6YIdi0lGprYA7yQZQFcSGbphU22mQslxj0n/ism+Ntt
7j6g0V3lPcZgyUJXoTarYLlhCh4eMppEUOmyem3b0Ahm9TrVpgkN0I/yTwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAYU6rd92ZUH6NywPJKIvEdU4GByMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvQmhUcXQzM1psUWZvM0xBOGtvaThSMVRnWUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuVTYAwQD
wWBgAwQAwnMEMA8EAgACMAkDBwAqBaiA3hAwDQYJKoZIhvcNAQELBQADggEBABkT
mWErLHniBtS3HYc/tATlSFmymNwry9oqPo9OoGcYat1lvn0vDTjJxDL9zoDU492W
ng5Gfqtv4k5g63L4FU8PyPw07fyjE19/37qIASjmukCZpC2sAzumrI45cZDljMgv
2qv3NOnES7kmDJnIah7vVGCknqIOUhWm5Yb6ni3kxwA2ihA65bfOhKVccB60BQVM
MbNwLeFkltJ3eONNX304EHkQbNn8lt0ovv1Y00E/LUj5vBmN/ICwSvilfd8ykXIa
ANx+FRMPM0Mvupa0O4OtM0HCQYGqBxsMsXKRsmefyCe4UWAE7yzax36hYLsWHTGv
3SaW3hpT8dws2GlcOaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:56 2024 by rpki-client on console-ams.rpki-client.org