Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/chp_2eJm67-WRRCixEFaNdjiVks.roa
File:                     chp_2eJm67-WRRCixEFaNdjiVks.roa (raw, json)
Hash identifier:          n4jxpNjIvIUVbtQ39mENKVwdidRnv4CtrWh8hSJIoe4=
Subject key identifier:   72:1A:7F:D9:E2:66:EB:BF:96:45:10:A2:C4:41:5A:35:D8:E2:56:4B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018ADB293BCC1FDAAC7C5774B99CDB169EFE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/chp_2eJm67-WRRCixEFaNdjiVks.roa
Signing time:             Thu 28 Sep 2023 09:40:27 +0000
ROA not before:           Thu 28 Sep 2023 09:40:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208485
IP address blocks:        77.90.188.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 04 Oct 2023 19:08:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:db:29:3b:cc:1f:da:ac:7c:57:74:b9:9c:db:16:9e:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Sep 28 09:40:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=721a7fd9e266ebbf964510a2c4415a35d8e2564b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ef:72:56:69:a5:2b:ea:5a:05:c4:2b:c0:7c:
                    aa:3d:df:cf:56:fc:a5:1c:37:47:1b:20:06:4e:ad:
                    5d:43:1b:45:08:1d:dc:9c:9b:57:31:c6:fd:b3:37:
                    b5:c4:79:63:76:39:7f:af:2d:d7:4f:5a:a8:e7:1e:
                    28:bd:1d:3f:27:e8:78:f8:54:42:8b:79:65:6c:b8:
                    6d:97:f9:e1:2d:2c:85:c4:10:55:ff:ef:ce:36:3b:
                    64:02:cc:a5:e4:89:b5:d6:c7:7e:2a:67:53:a2:8c:
                    b9:3e:11:4d:e5:76:e1:40:d6:3a:6b:c5:01:8a:30:
                    96:6b:8f:e4:ac:f7:63:5e:b3:fe:8e:ef:ef:27:97:
                    cf:9d:37:67:35:0f:a9:d3:d6:e5:b1:f3:b2:1e:78:
                    e6:8a:14:d8:88:79:89:b6:ef:53:a0:ed:af:f3:7a:
                    64:ba:7b:bf:cf:b6:22:bd:b0:be:4d:46:94:e8:f8:
                    51:06:af:6a:ae:65:30:bf:4c:e7:05:88:13:dd:f9:
                    98:a0:7e:60:15:b3:12:70:c2:a4:f6:95:06:1c:24:
                    66:d6:a3:ae:6c:1e:33:86:41:e7:14:ce:d4:71:4d:
                    bb:0a:75:5f:9b:6e:cf:8a:d7:01:f3:e3:13:f3:a2:
                    01:b0:44:74:df:84:f2:49:40:c7:e1:af:1a:ec:32:
                    2f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:1A:7F:D9:E2:66:EB:BF:96:45:10:A2:C4:41:5A:35:D8:E2:56:4B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/chp_2eJm67-WRRCixEFaNdjiVks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.188.0/24
                  185.230.14.0/24
                  213.209.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:3f:ae:8d:42:1b:35:fa:ca:f9:f3:3d:74:0b:ba:2f:1a:f4:
         4b:7b:2c:6c:ce:8c:73:30:75:fc:54:4c:58:65:b0:29:9d:95:
         8a:11:eb:fa:1a:e0:80:a0:d7:06:c2:47:f6:51:4a:7c:d6:f1:
         5e:9c:b1:00:4c:8e:74:14:da:48:61:88:ce:5d:05:12:6b:b6:
         75:32:51:bc:8d:33:a2:d8:de:f2:df:86:2a:0f:09:61:20:cf:
         18:17:59:c5:33:c0:02:e0:da:c6:ac:7f:96:12:ee:7b:53:1f:
         5b:4f:a0:74:36:4d:02:ba:4b:13:35:30:05:64:15:3c:90:29:
         7a:41:70:17:1e:85:36:37:a8:44:29:8a:8f:b9:ed:62:53:2a:
         cd:33:f6:b1:63:29:33:a8:24:32:09:b9:02:f2:d5:4d:9c:eb:
         be:77:29:f2:aa:0a:65:8e:95:40:7c:98:e4:a4:d0:3d:04:dd:
         6a:51:42:bf:6c:3a:81:90:71:96:d2:1b:66:b4:78:7e:83:db:
         70:80:15:5c:b5:da:8d:fc:f7:fd:fa:e5:05:c6:56:73:d1:3c:
         93:00:ae:c1:34:ad:64:b8:32:09:5a:a9:43:7e:48:34:f8:65:
         81:69:ea:a3:b6:65:80:34:16:ff:07:a0:34:88:8e:b9:72:1f:
         96:33:89:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrbKTvMH9qsfFd0uZzbFp7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTI4MDk0MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjFhN2ZkOWUyNjZlYmJmOTY0NTEwYTJjNDQxNWEzNWQ4ZTI1NjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe9yVmmlK+paBcQrwHyqPd/PVvyl
HDdHGyAGTq1dQxtFCB3cnJtXMcb9sze1xHljdjl/ry3XT1qo5x4ovR0/J+h4+FRC
i3llbLhtl/nhLSyFxBBV/+/ONjtkAsyl5Im11sd+KmdTooy5PhFN5XbhQNY6a8UB
ijCWa4/krPdjXrP+ju/vJ5fPnTdnNQ+p09blsfOyHnjmihTYiHmJtu9ToO2v83pk
unu/z7YivbC+TUaU6PhRBq9qrmUwv0znBYgT3fmYoH5gFbMScMKk9pUGHCRm1qOu
bB4zhkHnFM7UcU27CnVfm27PitcB8+MT86IBsER034TySUDH4a8a7DIvxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHIaf9niZuu/lkUQosRBWjXY4lZLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvY2hwXzJlSm02Ny1XUlJDaXhFRmFOZGppVmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVq8AwQA
ueYOAwQA1dGWMA0GCSqGSIb3DQEBCwUAA4IBAQAdP66NQhs1+sr58z10C7ovGvRL
eyxszoxzMHX8VExYZbApnZWKEev6GuCAoNcGwkf2UUp81vFenLEATI50FNpIYYjO
XQUSa7Z1MlG8jTOi2N7y34YqDwlhIM8YF1nFM8AC4NrGrH+WEu57Ux9bT6B0Nk0C
uksTNTAFZBU8kCl6QXAXHoU2N6hEKYqPue1iUyrNM/axYykzqCQyCbkC8tVNnOu+
dynyqgpljpVAfJjkpNA9BN1qUUK/bDqBkHGW0htmtHh+g9twgBVctdqN/Pf9+uUF
xlZz0TyTAK7BNK1kuDIJWqlDfkg0+GWBaeqjtmWANBb/B6A0iI65ch+WM4mF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org