Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IUuc5QBO44fP0lxUzfSJEuZxEcg.roa
File:                     IUuc5QBO44fP0lxUzfSJEuZxEcg.roa (raw, json)
Hash identifier:          HfNfJFZEVdQaGdMHGCa37OpV0Xf55SmvPXooLwlr8R8=
Subject key identifier:   21:4B:9C:E5:00:4E:E3:87:CF:D2:5C:54:CD:F4:89:12:E6:71:11:C8
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01856F825B83EB2816FA402F8B1E68709F9A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IUuc5QBO44fP0lxUzfSJEuZxEcg.roa
Signing time:             Sun 01 Jan 2023 22:44:52 +0000
ROA not before:           Sun 01 Jan 2023 22:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200019
IP address blocks:        77.90.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:82:5b:83:eb:28:16:fa:40:2f:8b:1e:68:70:9f:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan  1 22:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=214b9ce5004ee387cfd25c54cdf48912e67111c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6e:0b:f2:6b:ec:19:49:be:16:f3:63:1f:98:
                    34:14:61:4c:ce:f5:aa:fe:6b:65:68:22:50:2a:36:
                    ec:fb:03:6d:ce:de:87:02:83:a0:02:2f:b0:0c:de:
                    25:c4:b9:d9:34:ab:55:60:7d:02:7e:55:cb:73:f7:
                    bb:ae:93:1d:78:71:39:3c:ab:96:b5:c2:4e:db:67:
                    d7:ae:25:14:00:4b:97:62:c1:61:7a:a8:d8:5a:2d:
                    03:49:d8:37:5e:93:86:c1:9b:62:ea:0d:b5:57:9d:
                    02:7e:30:e3:3a:a7:f2:0d:b7:b3:29:41:55:11:2d:
                    1e:b3:77:fb:58:ad:03:9f:d8:a4:2b:63:47:58:d0:
                    a9:61:97:d2:93:3a:46:e6:2b:fc:d2:ee:b3:7e:ad:
                    71:6a:df:0d:9b:bb:f7:e7:85:01:0b:ee:b9:d6:61:
                    1c:d5:29:df:04:5f:09:63:eb:06:8a:60:e2:7a:d8:
                    dd:1c:e7:a7:8c:fc:40:b2:42:fb:b0:25:bb:de:6d:
                    d4:7d:c6:a3:3f:d0:a1:ae:58:73:e4:00:43:22:24:
                    7f:af:95:a6:78:78:13:13:73:f3:08:c2:44:c1:86:
                    4f:8f:eb:3f:a5:ff:c8:7c:8d:f4:ab:84:d5:da:f1:
                    74:4e:7f:d0:30:3c:62:52:b6:7c:08:6b:f4:ff:2d:
                    41:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:4B:9C:E5:00:4E:E3:87:CF:D2:5C:54:CD:F4:89:12:E6:71:11:C8
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IUuc5QBO44fP0lxUzfSJEuZxEcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:75:af:10:3c:7b:64:a0:3b:14:a4:f8:b5:b2:b3:12:d5:28:
         f3:f4:d1:72:b2:b4:0c:ab:33:67:c5:22:1f:e8:28:fd:bc:39:
         cc:3c:2c:98:c3:9b:16:2f:74:25:6c:04:90:22:89:88:7a:a7:
         bc:3d:8f:67:7b:b9:4f:dc:ff:34:49:27:ba:ff:ce:64:ff:86:
         a6:70:cf:02:59:61:5e:1d:51:5e:b6:09:7d:bf:62:c7:d9:81:
         29:ef:cd:49:25:e1:f5:46:b3:40:69:d7:e3:4f:72:ee:15:d0:
         66:4e:b4:0f:1a:e8:ba:d3:97:1e:d5:1d:b7:66:a7:05:9a:77:
         f5:f4:9c:bc:b1:c1:6c:83:a0:97:80:82:ce:25:42:77:24:d6:
         3b:9b:8a:72:bb:9a:af:0f:5f:d2:7f:7f:f8:f6:b3:ee:fc:a9:
         39:a3:13:2b:59:50:bd:76:37:18:83:78:dd:92:05:e0:75:eb:
         b0:fd:5b:4a:36:98:8d:df:e3:87:c8:ce:07:27:9c:61:95:b9:
         e6:04:1a:43:e2:0a:f0:a4:53:8a:eb:c3:3c:10:78:68:b8:51:
         22:d0:24:d9:d8:13:1f:fd:64:3f:7f:2e:fd:bd:6d:81:5b:68:
         51:08:80:38:6d:1b:b8:bf:f7:cc:f7:6d:9c:a9:a0:4a:a7:41:
         48:35:27:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgluD6ygW+kAvix5ocJ+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRiOWNlNTAwNGVlMzg3Y2ZkMjVjNTRjZGY0ODkxMmU2NzExMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq24L8mvsGUm+FvNjH5g0FGFMzvWq
/mtlaCJQKjbs+wNtzt6HAoOgAi+wDN4lxLnZNKtVYH0CflXLc/e7rpMdeHE5PKuW
tcJO22fXriUUAEuXYsFheqjYWi0DSdg3XpOGwZti6g21V50CfjDjOqfyDbezKUFV
ES0es3f7WK0Dn9ikK2NHWNCpYZfSkzpG5iv80u6zfq1xat8Nm7v354UBC+651mEc
1SnfBF8JY+sGimDietjdHOenjPxAskL7sCW73m3UfcajP9Chrlhz5ABDIiR/r5Wm
eHgTE3PzCMJEwYZPj+s/pf/IfI30q4TV2vF0Tn/QMDxiUrZ8CGv0/y1BNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFLnOUATuOHz9JcVM30iRLmcRHIMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSVV1YzVRQk80NGZQMGx4VXpmU0pFdVp4RWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqkMA0G
CSqGSIb3DQEBCwUAA4IBAQA9da8QPHtkoDsUpPi1srMS1Sjz9NFysrQMqzNnxSIf
6Cj9vDnMPCyYw5sWL3QlbASQIomIeqe8PY9ne7lP3P80SSe6/85k/4amcM8CWWFe
HVFetgl9v2LH2YEp781JJeH1RrNAadfjT3LuFdBmTrQPGui605ce1R23ZqcFmnf1
9Jy8scFsg6CXgILOJUJ3JNY7m4pyu5qvD1/Sf3/49rPu/Kk5oxMrWVC9djcYg3jd
kgXgdeuw/VtKNpiN3+OHyM4HJ5xhlbnmBBpD4grwpFOK68M8EHhouFEi0CTZ2BMf
/WQ/fy79vW2BW2hRCIA4bRu4v/fM922cqaBKp0FINSee
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:10 2024 by rpki-client on console-fra.rpki-client.org