Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa
File:                     Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa (raw, json)
Hash identifier:          4FTixVQINPmkxlHJnSAC1aGYtoBUlV7dA2BhN7xJZz8=
Subject key identifier:   1F:3F:EB:41:54:ED:9A:94:B0:02:77:0D:5D:2B:76:77:60:5C:F5:39
Certificate issuer:       /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial:       01856F1D8A9A9E0FF1747511EE930EA64976
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa
Signing time:             Sun 01 Jan 2023 20:54:45 +0000
ROA not before:           Sun 01 Jan 2023 20:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20765
IP address blocks:        185.84.216.0/22 maxlen: 24
                          193.96.96.0/21 maxlen: 24
                          194.115.4.0/24 maxlen: 24
                          2a05:a880:de10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:8a:9a:9e:0f:f1:74:75:11:ee:93:0e:a6:49:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
        Validity
            Not Before: Jan  1 20:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f3feb4154ed9a94b002770d5d2b7677605cf539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:47:d3:05:3c:77:54:dc:fb:6a:84:38:98:78:
                    9b:31:13:18:d8:11:2a:d7:41:cf:cd:15:5c:02:df:
                    c9:72:09:69:d2:65:c8:4c:53:53:84:2a:4a:d9:1f:
                    71:0c:fb:0d:5c:a9:d7:af:cc:0d:02:59:ce:a1:94:
                    a4:be:c6:6f:ab:f5:14:93:5d:81:6f:2f:fb:d0:2b:
                    34:f9:57:aa:bd:ce:94:ee:83:5d:91:dc:6e:d1:69:
                    4a:17:cd:b8:93:ed:20:70:4c:07:70:f1:66:3f:36:
                    f3:28:20:96:07:4b:5c:5f:f8:db:50:76:a4:0a:61:
                    c1:b0:43:d6:2d:09:d3:c6:47:60:26:e5:8e:a6:81:
                    c5:11:cf:e8:a2:db:d2:05:e2:e1:1c:1a:2f:4b:7a:
                    f1:82:42:34:a3:be:41:b4:63:8e:d5:be:69:eb:96:
                    7f:e3:79:09:22:17:83:ef:81:99:94:2d:bb:2e:27:
                    51:b6:56:e5:5a:04:2d:72:27:5b:69:81:55:c1:29:
                    4e:09:86:19:fe:82:da:9f:cd:c0:c8:ca:57:f8:20:
                    14:50:53:90:db:6f:e0:f6:47:07:25:76:84:1e:f0:
                    ef:d5:38:d8:19:80:aa:92:34:42:46:fc:b3:c9:e4:
                    60:3c:69:35:5b:f8:14:5c:d2:63:95:71:de:ef:72:
                    62:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:3F:EB:41:54:ED:9A:94:B0:02:77:0D:5D:2B:76:77:60:5C:F5:39
            X509v3 Authority Key Identifier:
                keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.216.0/22
                  193.96.96.0/21
                  194.115.4.0/24
                IPv6:
                  2a05:a880:de10::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:8a:46:b2:41:d0:03:43:f8:72:95:67:1a:40:80:7c:e9:90:
         8b:8d:69:59:21:40:c4:b7:a5:98:95:96:61:31:eb:ea:b8:26:
         9f:47:81:69:4c:41:9e:29:b7:81:27:79:d0:98:51:de:9b:04:
         69:a5:9f:9c:f1:0a:d2:83:d5:31:41:69:20:5e:3d:60:76:d6:
         30:86:64:3e:d8:f0:e8:64:77:03:4a:05:f2:51:93:4e:b5:44:
         4f:0a:ee:11:e4:6d:29:00:d2:87:2f:b8:72:68:93:7d:c5:be:
         73:63:47:75:6b:4e:ab:42:75:3c:97:8b:6d:d4:11:de:84:d1:
         d5:21:c8:40:5a:26:88:b9:bf:02:9d:e0:8f:97:33:a5:56:cc:
         77:ec:3d:bd:3e:5d:c7:01:f5:fd:f8:7c:11:9c:2b:7c:79:af:
         ed:15:c6:1f:0b:76:59:38:2b:19:b6:5f:31:a4:2c:2c:02:fb:
         d8:10:0c:92:11:f1:cf:75:6c:f6:04:64:63:df:3a:89:a4:79:
         c5:a1:12:8c:cf:5c:ef:35:cb:fe:90:36:31:2e:1e:b2:53:06:
         1c:34:08:d5:da:a9:4b:41:50:a2:5d:0b:3d:c2:ee:ad:10:8f:
         09:62:ef:6e:1c:e1:d6:1b:9c:c4:5b:23:66:90:bf:72:1d:94:
         1c:50:53:11
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvHYqang/xdHUR7pMOpkl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjMwMTAxMjA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNmZWI0MTU0ZWQ5YTk0YjAwMjc3MGQ1ZDJiNzY3NzYwNWNmNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEfTBTx3VNz7aoQ4mHibMRMY2BEq
10HPzRVcAt/Jcglp0mXITFNThCpK2R9xDPsNXKnXr8wNAlnOoZSkvsZvq/UUk12B
by/70Cs0+Veqvc6U7oNdkdxu0WlKF824k+0gcEwHcPFmPzbzKCCWB0tcX/jbUHak
CmHBsEPWLQnTxkdgJuWOpoHFEc/ootvSBeLhHBovS3rxgkI0o75BtGOO1b5p65Z/
43kJIheD74GZlC27LidRtlblWgQtcidbaYFVwSlOCYYZ/oLan83AyMpX+CAUUFOQ
22/g9kcHJXaEHvDv1TjYGYCqkjRCRvyzyeRgPGk1W/gUXNJjlXHe73JiGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB8/60FU7ZqUsAJ3DV0rdndgXPU5MB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvSHpfclFWVHRtcFN3QW5jTlhTdDJkMkJjOVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuVTYAwQD
wWBgAwQAwnMEMA8EAgACMAkDBwAqBaiA3hAwDQYJKoZIhvcNAQELBQADggEBAJyK
RrJB0AND+HKVZxpAgHzpkIuNaVkhQMS3pZiVlmEx6+q4Jp9HgWlMQZ4pt4EnedCY
Ud6bBGmln5zxCtKD1TFBaSBePWB21jCGZD7Y8OhkdwNKBfJRk061RE8K7hHkbSkA
0ocvuHJok33FvnNjR3VrTqtCdTyXi23UEd6E0dUhyEBaJoi5vwKd4I+XM6VWzHfs
Pb0+XccB9f34fBGcK3x5r+0Vxh8Ldlk4Kxm2XzGkLCwC+9gQDJIR8c91bPYEZGPf
OomkecWhEozPXO81y/6QNjEuHrJTBhw0CNXaqUtBUKJdCz3C7q0Qjwli724c4dYb
nMRbI2aQv3IdlBxQUxE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:42 2024 by rpki-client on console-fra.rpki-client.org