Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MynmnZefEPi64iSzaVBIgbklyWU.roa
File:                     MynmnZefEPi64iSzaVBIgbklyWU.roa (raw, json)
Hash identifier:          4w0fcwElUG60eeFZXwFqn5IGUF3iZTgKSuV9D1RoLrs=
Subject key identifier:   33:29:E6:9D:97:9F:10:F8:BA:E2:24:B3:69:50:48:81:B9:25:C9:65
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0185A143F978EC526C7759CF3C8EF3786354
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MynmnZefEPi64iSzaVBIgbklyWU.roa
Signing time:             Wed 11 Jan 2023 14:37:44 +0000
ROA not before:           Wed 11 Jan 2023 14:37:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate revoked on Thu 09 Feb 2023 17:42:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a1:43:f9:78:ec:52:6c:77:59:cf:3c:8e:f3:78:63:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan 11 14:37:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3329e69d979f10f8bae224b369504881b925c965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c7:6a:eb:e3:87:3a:c3:87:f9:d5:0a:6e:3d:
                    00:b5:ae:4a:1c:67:13:a0:93:ec:2f:53:cb:68:ad:
                    99:16:8d:bc:99:55:60:fa:af:b7:5f:43:87:05:06:
                    f9:51:0d:17:0f:42:6f:49:16:63:7d:70:97:6f:11:
                    eb:ae:e1:e4:b4:e3:0a:97:df:51:cc:4b:7b:d6:2a:
                    16:58:45:3d:f2:f1:be:fa:0d:e7:ac:44:ed:b4:c8:
                    26:18:71:5b:76:48:cb:1a:d0:50:1d:3d:05:6f:1e:
                    c8:ec:34:c9:f4:67:e6:67:a8:67:2a:8f:46:20:59:
                    e0:d1:4b:89:3b:e4:45:bf:0d:6b:31:c0:23:c5:da:
                    bd:54:21:08:37:21:e4:a1:cd:df:40:cb:1d:bd:25:
                    90:e0:63:33:11:c0:73:51:90:ef:06:44:cb:88:b5:
                    0a:6c:e0:45:e0:6b:24:45:c9:d5:3b:f5:5f:36:c0:
                    be:2f:9c:76:2d:6d:e3:69:99:0a:28:b9:8f:87:ef:
                    57:ce:12:99:3a:c1:37:71:95:8f:e4:6c:a3:53:28:
                    ef:68:c7:50:42:5b:ff:97:e5:bd:c2:ce:71:28:12:
                    cf:03:71:7f:2c:f9:93:44:bc:a9:0d:6a:b2:97:a9:
                    80:f7:38:00:96:74:e5:6c:e1:88:f2:f7:32:45:7a:
                    b0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:29:E6:9D:97:9F:10:F8:BA:E2:24:B3:69:50:48:81:B9:25:C9:65
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MynmnZefEPi64iSzaVBIgbklyWU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.148.255
                  185.230.15.0/24
                  213.209.138.0/24
                  213.209.145.0-213.209.146.255
                  213.209.150.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         b6:5c:44:0a:a7:a0:55:91:f7:95:47:12:b4:d7:9e:e8:ae:40:
         8b:20:a7:e0:6c:3a:43:83:3c:10:fa:7f:87:ae:d0:7f:74:22:
         7f:2c:ed:1d:53:2a:51:72:3b:13:3f:23:3c:15:45:1f:d7:55:
         71:66:c7:5b:49:66:57:95:8c:c1:b1:7f:18:57:1e:13:e9:39:
         ca:56:b2:50:7a:4a:a8:ad:d9:86:c7:bc:0f:21:d1:51:9c:d6:
         73:6e:f6:7c:38:b4:4e:56:41:77:8b:c8:ee:76:a2:5d:1b:3d:
         94:2b:8a:0e:2e:9b:a1:8a:05:26:2b:1f:a9:90:af:0d:5c:0b:
         e7:b3:58:05:d0:12:06:8e:61:98:c0:42:b0:bf:22:cf:d2:8b:
         46:99:dc:3b:12:8f:65:6f:b3:c2:87:16:f6:cd:3d:87:fb:bc:
         e0:75:77:c1:b3:97:f6:42:92:3d:31:29:27:d8:d1:eb:1c:18:
         b7:48:27:cc:03:cb:0e:f1:29:1d:8e:73:b4:8d:c4:ae:d3:38:
         a2:d1:d4:26:bd:44:7e:0d:38:22:b2:b4:bf:d2:13:e3:90:0d:
         09:9e:a8:1b:1c:66:99:69:10:45:a9:19:4d:c5:be:dd:09:1b:
         7c:11:67:21:d7:25:ca:9c:fd:2d:19:f3:7f:20:9f:35:97:1e:
         36:c0:e6:77
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYWhQ/l47FJsd1nPPI7zeGNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTExMTQzNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzI5ZTY5ZDk3OWYxMGY4YmFlMjI0YjM2OTUwNDg4MWI5MjVjOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8dq6+OHOsOH+dUKbj0Ata5KHGcT
oJPsL1PLaK2ZFo28mVVg+q+3X0OHBQb5UQ0XD0JvSRZjfXCXbxHrruHktOMKl99R
zEt71ioWWEU98vG++g3nrETttMgmGHFbdkjLGtBQHT0Fbx7I7DTJ9GfmZ6hnKo9G
IFng0UuJO+RFvw1rMcAjxdq9VCEINyHkoc3fQMsdvSWQ4GMzEcBzUZDvBkTLiLUK
bOBF4GskRcnVO/VfNsC+L5x2LW3jaZkKKLmPh+9XzhKZOsE3cZWP5GyjUyjvaMdQ
Qlv/l+W9ws5xKBLPA3F/LPmTRLypDWqyl6mA9zgAlnTlbOGI8vcyRXqw6QIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFDMp5p2XnxD4uuIks2lQSIG5JcllMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTXlubW5aZWZFUGk2NGlTemFWQklnYmtseVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqS
AwQATVqUAwQAueYPAwQA1dGKMAwDBADV0ZEDBADV0ZIDBADV0ZYwFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQC2XEQKp6BVkfeVRxK0157o
rkCLIKfgbDpDgzwQ+n+HrtB/dCJ/LO0dUypRcjsTPyM8FUUf11VxZsdbSWZXlYzB
sX8YVx4T6TnKVrJQekqordmGx7wPIdFRnNZzbvZ8OLROVkF3i8judqJdGz2UK4oO
LpuhigUmKx+pkK8NXAvns1gF0BIGjmGYwEKwvyLP0otGmdw7Eo9lb7PChxb2zT2H
+7zgdXfBs5f2QpI9MSkn2NHrHBi3SCfMA8sO8SkdjnO0jcSu0zii0dQmvUR+DTgi
srS/0hPjkA0JnqgbHGaZaRBFqRlNxb7dCRt8EWch1yXKnP0tGfN/IJ81lx42wOZ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org