Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/P2OMnHU_CIqJ-HfOXOTwa4m5X0Q.roa
File:                     P2OMnHU_CIqJ-HfOXOTwa4m5X0Q.roa (raw, json)
Hash identifier:          FlwLrG3AC7Mmct49E+c88cd4aDo3JyozHIJReeMRiBM=
Subject key identifier:   3F:63:8C:9C:75:3F:08:8A:89:F8:77:CE:5C:E4:F0:6B:89:B9:5F:44
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018A039D71FF3EE6F1EE8BB3CE80FE5EB242
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/P2OMnHU_CIqJ-HfOXOTwa4m5X0Q.roa
Signing time:             Thu 17 Aug 2023 13:09:24 +0000
ROA not before:           Thu 17 Aug 2023 13:09:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1300:24::/64 maxlen: 64
                          2a04:29c7:1280:24::/64 maxlen: 64

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 08:39:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:03:9d:71:ff:3e:e6:f1:ee:8b:b3:ce:80:fe:5e:b2:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Aug 17 13:09:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f638c9c753f088a89f877ce5ce4f06b89b95f44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:fd:c4:28:4d:b3:f3:5e:b4:17:a3:10:eb:fd:
                    c2:a0:9d:11:c3:ef:5e:b8:fd:3f:70:5e:5c:b3:7a:
                    47:5d:03:ca:75:37:cb:61:57:1c:80:c9:61:9e:de:
                    72:4a:47:e8:ce:4a:2d:25:41:3c:bd:6f:41:3d:c3:
                    41:fa:7b:7e:c1:69:52:91:4d:e3:b6:20:73:29:2e:
                    a2:a8:fa:85:e7:c6:88:5e:57:89:dc:9d:36:f5:7c:
                    94:19:89:77:e3:99:72:b5:c8:9b:50:0c:04:dd:b6:
                    e4:dd:83:91:25:da:44:c2:e4:8a:92:d9:02:bf:d0:
                    e1:a5:e0:32:7f:5f:08:91:65:08:a2:58:73:20:c6:
                    cb:b8:92:7d:a4:8a:13:50:4c:dd:5e:62:37:41:ec:
                    85:d0:d8:44:ce:4e:75:8f:ef:e2:55:96:14:27:ca:
                    d2:8a:fc:a2:20:ed:6a:24:5e:3b:19:af:fa:1f:d5:
                    fb:67:62:f4:96:19:26:0b:ae:da:ac:c7:4e:a9:3a:
                    82:03:6f:0e:b3:5e:b3:6f:67:c9:21:60:eb:68:a5:
                    d9:7e:23:5c:aa:87:74:d3:82:0d:76:4d:3a:74:d9:
                    f0:a0:aa:15:ff:1c:87:3b:5d:47:ac:70:fe:6e:e3:
                    c9:5d:0f:e7:22:61:96:57:3c:df:1c:07:c6:d8:82:
                    b7:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:63:8C:9C:75:3F:08:8A:89:F8:77:CE:5C:E4:F0:6B:89:B9:5F:44
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/P2OMnHU_CIqJ-HfOXOTwa4m5X0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.134.255
                  77.90.136.0/23
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.153.0-77.90.154.255
                  77.90.188.0/24
                  185.230.13.0-185.230.15.255
                  213.209.138.0/24
                  213.209.146.0/24
                  213.209.151.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:2e:90:f0:55:3d:59:06:33:ac:e4:4e:a0:ab:25:3f:b6:5d:
         d3:dd:a0:46:9e:24:b5:f5:b0:d1:97:be:8b:ad:38:fa:a7:e7:
         08:71:d9:e1:ec:05:a2:b9:01:8d:13:5e:d5:1e:89:64:f8:8c:
         8f:c4:67:51:d4:3e:46:50:69:55:ae:a3:a9:4b:c3:18:f7:31:
         35:a2:3c:95:67:b9:c7:a3:e2:64:60:d6:d6:48:06:c5:22:bc:
         62:c6:05:a1:31:85:d7:1b:9a:6e:f6:41:51:ff:a8:bb:9d:dd:
         1f:9b:45:4f:d8:df:f5:70:db:9e:74:da:25:76:ab:8f:8b:91:
         90:07:87:ea:5c:a8:fc:5c:37:6e:8e:0a:d8:ff:7d:c1:7a:fc:
         ad:36:11:48:92:93:4a:bc:bc:1f:98:af:58:f9:db:6c:d6:12:
         f6:60:39:f8:f8:be:24:6a:80:0a:ba:f9:29:fd:79:4c:1b:ca:
         48:60:a2:45:bd:88:1a:5e:66:80:25:54:e7:3b:f0:f9:2c:c1:
         01:00:71:fe:97:f6:7b:82:4d:e3:3c:ac:54:2f:df:73:02:85:
         5e:8a:9d:98:53:4e:1d:c9:09:92:58:ff:a5:00:6e:2a:59:ed:
         2a:50:b0:48:eb:92:a0:98:6b:99:28:04:81:f6:a7:1d:b6:7b:
         1c:72:c7:57
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYoDnXH/Pubx7ouzzoD+XrJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODE3MTMwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjYzOGM5Yzc1M2YwODhhODlmODc3Y2U1Y2U0ZjA2Yjg5Yjk1ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv3EKE2z8160F6MQ6/3CoJ0Rw+9e
uP0/cF5cs3pHXQPKdTfLYVccgMlhnt5ySkfozkotJUE8vW9BPcNB+nt+wWlSkU3j
tiBzKS6iqPqF58aIXleJ3J029XyUGYl345lytcibUAwE3bbk3YORJdpEwuSKktkC
v9DhpeAyf18IkWUIolhzIMbLuJJ9pIoTUEzdXmI3QeyF0NhEzk51j+/iVZYUJ8rS
ivyiIO1qJF47Ga/6H9X7Z2L0lhkmC67arMdOqTqCA28Os16zb2fJIWDraKXZfiNc
qod004INdk06dNnwoKoV/xyHO11HrHD+buPJXQ/nImGWVzzfHAfG2IK30wIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFD9jjJx1PwiKifh3zlzk8GuJuV9EMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUDJPTW5IVV9DSXFKLUhmT1hPVHdhNG01WDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqU
MAwDBABNWpkDBABNWpoDBABNWrwwDAMEALnmDQMEBLnmAAMEANXRigMEANXRkgME
ANXRlzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBABYu
kPBVPVkGM6zkTqCrJT+2XdPdoEaeJLX1sNGXvoutOPqn5whx2eHsBaK5AY0TXtUe
iWT4jI/EZ1HUPkZQaVWuo6lLwxj3MTWiPJVnucej4mRg1tZIBsUivGLGBaExhdcb
mm72QVH/qLud3R+bRU/Y3/Vw25502iV2q4+LkZAHh+pcqPxcN26OCtj/fcF6/K02
EUiSk0q8vB+Yr1j522zWEvZgOfj4viRqgAq6+Sn9eUwbykhgokW9iBpeZoAlVOc7
8PkswQEAcf6X9nuCTeM8rFQv33MChV6KnZhTTh3JCZJY/6UAbipZ7SpQsEjrkqCY
a5koBIH2px22exxyx1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org