Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/w2hY-M1gzxwfFToiYN67eSoxIdQ.roa
File:                     w2hY-M1gzxwfFToiYN67eSoxIdQ.roa (raw, json)
Hash identifier:          IUMlSuZmmLgarxCWdzT+HxiAxPeTLeQeHAlbjCW4CBI=
Subject key identifier:   C3:68:58:F8:CD:60:CF:1C:1F:15:3A:22:60:DE:BB:79:2A:31:21:D4
Certificate issuer:       /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial:       01856F1D896B10DA5C50F6544EC5D1EB4DAF
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/w2hY-M1gzxwfFToiYN67eSoxIdQ.roa
Signing time:             Sun 01 Jan 2023 20:54:44 +0000
ROA not before:           Sun 01 Jan 2023 20:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3257
IP address blocks:        185.84.217.0/24 maxlen: 24
                          185.84.219.0/24 maxlen: 24
                          2a05:a882:de10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:89:6b:10:da:5c:50:f6:54:4e:c5:d1:eb:4d:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
        Validity
            Not Before: Jan  1 20:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c36858f8cd60cf1c1f153a2260debb792a3121d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d1:e0:d9:cb:29:0e:6b:6b:7f:f5:91:6d:43:
                    cb:d9:f5:9d:99:d4:e2:d3:19:6f:59:6e:b2:18:d1:
                    e1:76:71:df:d9:d7:a6:74:8b:de:5c:df:33:ca:3c:
                    ce:e8:88:4c:f9:27:2b:b6:de:a8:f2:2f:de:08:ef:
                    05:47:55:00:d9:e0:73:0f:ac:52:fb:be:2a:6d:bb:
                    1d:73:59:b2:a1:bf:00:dd:70:ca:f1:9a:2b:93:8c:
                    7b:10:b1:a0:15:37:66:1a:48:10:2e:62:cc:0e:af:
                    0b:c3:dd:62:98:9d:09:49:d4:61:f3:90:8c:77:c4:
                    eb:14:42:05:5f:9b:ba:2a:10:d0:e0:ef:ac:71:f3:
                    4e:af:5c:ad:d2:c2:35:1f:b7:f7:7e:08:92:24:47:
                    e5:e4:b1:33:b8:b3:3e:24:ba:6c:77:81:02:84:d4:
                    b0:8e:64:fb:fd:9e:e3:71:e5:54:ae:1d:2f:d9:8c:
                    9a:32:c0:37:15:ba:f9:f5:76:d7:32:85:fd:63:08:
                    54:34:40:f8:35:f3:25:e3:2e:35:a0:64:fe:ee:11:
                    cc:47:56:07:53:a5:bd:e4:c7:f5:64:20:fb:76:5f:
                    ba:34:e9:dc:d5:a0:07:a1:d3:73:b7:78:96:8e:8b:
                    95:03:6a:f5:8b:d3:74:8d:ba:a1:26:df:82:c6:41:
                    c6:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:68:58:F8:CD:60:CF:1C:1F:15:3A:22:60:DE:BB:79:2A:31:21:D4
            X509v3 Authority Key Identifier:
                keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/w2hY-M1gzxwfFToiYN67eSoxIdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.217.0/24
                  185.84.219.0/24
                IPv6:
                  2a05:a882:de10::/48

    Signature Algorithm: sha256WithRSAEncryption
         78:49:a4:10:d0:fe:c2:a2:f9:81:83:02:5c:60:ce:0f:df:d8:
         67:1e:8c:83:33:f2:01:41:68:d7:0e:f5:e4:46:96:51:83:3e:
         2f:a6:88:9b:09:d2:b2:3f:de:05:1a:9b:f2:36:8e:af:aa:f4:
         5c:e6:cb:e3:d3:9a:35:7b:1e:4b:ad:d0:9a:1a:fd:d9:dd:7f:
         02:2f:8d:82:77:8f:25:90:b9:28:9b:01:94:42:69:72:99:9f:
         c5:98:0d:55:02:6b:f2:8f:87:0d:4b:2d:97:3e:e2:55:32:6d:
         32:bb:39:07:28:b8:fb:7a:b9:03:f9:14:dd:c7:d8:7d:e6:bd:
         80:38:e0:7a:f4:8b:91:72:ea:5b:f3:80:18:eb:74:15:31:ae:
         83:38:c1:d1:29:6f:6b:1a:77:36:18:10:09:d7:d9:74:5b:f7:
         4b:3c:59:f8:29:27:75:ad:9b:6f:61:6c:36:0b:f3:14:cc:d7:
         43:c3:e6:86:ca:ed:6f:e2:18:37:88:88:2a:7d:63:ed:c5:62:
         25:94:79:63:69:49:b6:bc:61:63:80:11:5f:e8:5b:10:7b:46:
         68:d8:b4:a1:18:b1:e3:09:ce:b9:2a:a0:c6:f4:a0:62:a4:52:
         a4:ba:6f:97:69:68:96:3b:89:09:07:fa:2b:ff:43:9c:b0:65:
         f2:9f:26:e7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvHYlrENpcUPZUTsXR602vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjMwMTAxMjA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY4NThmOGNkNjBjZjFjMWYxNTNhMjI2MGRlYmI3OTJhMzEyMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtHg2cspDmtrf/WRbUPL2fWdmdTi
0xlvWW6yGNHhdnHf2demdIveXN8zyjzO6IhM+Scrtt6o8i/eCO8FR1UA2eBzD6xS
+74qbbsdc1myob8A3XDK8Zork4x7ELGgFTdmGkgQLmLMDq8Lw91imJ0JSdRh85CM
d8TrFEIFX5u6KhDQ4O+scfNOr1yt0sI1H7f3fgiSJEfl5LEzuLM+JLpsd4EChNSw
jmT7/Z7jceVUrh0v2YyaMsA3Fbr59XbXMoX9YwhUNED4NfMl4y41oGT+7hHMR1YH
U6W95Mf1ZCD7dl+6NOnc1aAHodNzt3iWjouVA2r1i9N0jbqhJt+CxkHGxwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMNoWPjNYM8cHxU6ImDeu3kqMSHUMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvdzJoWS1NMWd6eHdmRlRvaVlONjdlU294SWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuVTZAwQA
uVTbMA8EAgACMAkDBwAqBaiC3hAwDQYJKoZIhvcNAQELBQADggEBAHhJpBDQ/sKi
+YGDAlxgzg/f2GcejIMz8gFBaNcO9eRGllGDPi+miJsJ0rI/3gUam/I2jq+q9Fzm
y+PTmjV7Hkut0Joa/dndfwIvjYJ3jyWQuSibAZRCaXKZn8WYDVUCa/KPhw1LLZc+
4lUybTK7OQcouPt6uQP5FN3H2H3mvYA44Hr0i5Fy6lvzgBjrdBUxroM4wdEpb2sa
dzYYEAnX2XRb90s8WfgpJ3Wtm29hbDYL8xTM10PD5obK7W/iGDeIiCp9Y+3FYiWU
eWNpSba8YWOAEV/oWxB7RmjYtKEYseMJzrkqoMb0oGKkUqS6b5dpaJY7iQkH+iv/
Q5ywZfKfJuc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:42 2024 by rpki-client on console-fra.rpki-client.org