Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/40s8-vSfzTu5ijTP_FMlNU04Rio.roa
File:                     40s8-vSfzTu5ijTP_FMlNU04Rio.roa (raw, json)
Hash identifier:          1zpxO74PxVHmbbhecxCJTQDKlaOeD5ELQ8LBYLdXTZk=
Subject key identifier:   E3:4B:3C:FA:F4:9F:CD:3B:B9:8A:34:CF:FC:53:25:35:4D:38:46:2A
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018611DA127B8178E8001440A14AB6486915
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/40s8-vSfzTu5ijTP_FMlNU04Rio.roa
Signing time:             Thu 02 Feb 2023 11:19:09 +0000
ROA not before:           Thu 02 Feb 2023 11:19:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208911
IP address blocks:        77.90.138.0/24 maxlen: 24
                          77.90.151.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:11:da:12:7b:81:78:e8:00:14:40:a1:4a:b6:48:69:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Feb  2 11:19:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e34b3cfaf49fcd3bb98a34cffc5325354d38462a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7f:9f:2f:61:2a:30:fc:83:9e:cf:91:a0:78:
                    f9:5d:a6:12:09:54:0a:bc:5f:03:27:a0:cc:26:e4:
                    2f:8d:b8:b9:2e:69:98:6d:fe:73:4c:e8:bf:92:c2:
                    ea:e4:e0:3c:af:56:99:18:d4:95:05:1f:4a:a7:8e:
                    35:bc:89:00:51:fe:44:06:3e:9b:97:0b:c8:51:45:
                    af:c4:91:92:47:4c:ae:15:9f:3d:45:f1:26:f0:8e:
                    d1:1c:83:b6:60:ef:d8:8c:2d:ab:8e:1c:0a:38:8a:
                    91:2c:a7:1e:46:f8:60:ca:e0:93:5c:75:f0:60:6a:
                    42:cf:96:d0:73:78:b0:26:40:13:3e:6d:43:bc:94:
                    d4:b6:a2:8c:b4:c4:57:2c:ec:6f:11:4d:a0:b4:b7:
                    14:7a:a8:b8:71:f7:01:42:5c:92:99:0b:60:82:cb:
                    c4:5f:2e:b4:17:0a:c2:ce:1d:07:d5:a2:c8:98:a7:
                    c3:ee:ef:af:04:25:c6:33:ad:96:80:54:a9:88:78:
                    e4:fe:03:d2:23:de:12:ba:4d:41:c4:11:91:6b:e1:
                    9f:5a:fa:f8:7b:7b:66:6c:cc:9d:93:a8:82:1a:04:
                    7c:45:e1:26:35:2a:ac:b8:ea:88:b5:24:5e:b6:02:
                    74:a2:df:b4:46:88:ba:dd:59:9e:77:dc:53:f2:b4:
                    f8:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:4B:3C:FA:F4:9F:CD:3B:B9:8A:34:CF:FC:53:25:35:4D:38:46:2A
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/40s8-vSfzTu5ijTP_FMlNU04Rio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.138.0/24
                  77.90.151.0/24
                  77.90.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:52:f6:9d:3b:42:b2:a2:44:8f:b8:82:66:2f:0c:ba:99:e0:
         03:d3:c8:2b:f9:04:6e:66:2a:46:a6:e9:af:1b:b3:3e:9d:d0:
         c5:a7:32:eb:8f:c2:de:74:82:d9:2a:b9:28:ba:eb:90:a6:48:
         4a:16:19:7a:61:30:c9:4f:35:31:68:fb:cf:79:7c:7b:7f:22:
         b5:15:b7:88:b0:fe:9f:56:90:be:d3:da:d2:c6:77:3e:ca:92:
         40:24:89:a7:f4:54:ec:08:35:78:71:ac:63:14:9b:4c:0d:8a:
         9b:84:a5:a5:1e:79:ef:67:69:04:c0:36:5b:8e:cc:96:6e:34:
         42:59:4a:3e:44:fe:72:4d:b8:13:53:40:ab:2e:6f:61:a8:81:
         5e:c8:a9:be:a6:c8:fc:d3:ff:7e:1f:e4:41:03:5d:c0:b7:63:
         60:02:28:d9:60:56:0c:b3:cc:f9:21:e3:a2:79:58:bd:34:33:
         13:54:56:34:18:fd:a7:ca:f1:ce:24:1e:ea:ed:a7:05:ec:c5:
         c1:b6:85:b1:09:6f:48:78:de:72:11:7c:62:c2:22:68:84:f7:
         65:43:5b:d4:1d:c7:ad:95:3b:89:99:ca:e6:c3:18:c4:81:de:
         41:dc:40:b1:c1:c1:f1:1f:24:7f:fd:a8:f3:d6:c7:a7:29:ec:
         db:bf:c9:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYR2hJ7gXjoABRAoUq2SGkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMjAyMTExOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRiM2NmYWY0OWZjZDNiYjk4YTM0Y2ZmYzUzMjUzNTRkMzg0NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX+fL2EqMPyDns+RoHj5XaYSCVQK
vF8DJ6DMJuQvjbi5LmmYbf5zTOi/ksLq5OA8r1aZGNSVBR9Kp441vIkAUf5EBj6b
lwvIUUWvxJGSR0yuFZ89RfEm8I7RHIO2YO/YjC2rjhwKOIqRLKceRvhgyuCTXHXw
YGpCz5bQc3iwJkATPm1DvJTUtqKMtMRXLOxvEU2gtLcUeqi4cfcBQlySmQtggsvE
Xy60FwrCzh0H1aLImKfD7u+vBCXGM62WgFSpiHjk/gPSI94Suk1BxBGRa+GfWvr4
e3tmbMydk6iCGgR8ReEmNSqsuOqItSRetgJ0ot+0Roi63Vmed9xT8rT45wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFONLPPr0n807uYo0z/xTJTVNOEYqMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNDBzOC12U2Z6VHU1aWpUUF9GTWxOVTA0UmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqKAwQA
TVqXAwQATVq5MA0GCSqGSIb3DQEBCwUAA4IBAQA8UvadO0KyokSPuIJmLwy6meAD
08gr+QRuZipGpumvG7M+ndDFpzLrj8LedILZKrkouuuQpkhKFhl6YTDJTzUxaPvP
eXx7fyK1FbeIsP6fVpC+09rSxnc+ypJAJImn9FTsCDV4caxjFJtMDYqbhKWlHnnv
Z2kEwDZbjsyWbjRCWUo+RP5yTbgTU0CrLm9hqIFeyKm+psj80/9+H+RBA13At2Ng
AijZYFYMs8z5IeOieVi9NDMTVFY0GP2nyvHOJB7q7acF7MXBtoWxCW9IeN5yEXxi
wiJohPdlQ1vUHcetlTuJmcrmwxjEgd5B3ECxwcHxHyR//ajz1senKezbv8lC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org