Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qfcgyh32ZR3_zU4bn16PCmovfVs.roa
File:                     qfcgyh32ZR3_zU4bn16PCmovfVs.roa (raw, json)
Hash identifier:          LPf0yciSFSn1DUVd7KjACMUpuA0WNMuH6OPjZlT45FE=
Subject key identifier:   A9:F7:20:CA:1D:F6:65:1D:FF:CD:4E:1B:9F:5E:8F:0A:6A:2F:7D:5B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01856F825ED60091A261F4794600B46D205B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qfcgyh32ZR3_zU4bn16PCmovfVs.roa
Signing time:             Sun 01 Jan 2023 22:44:53 +0000
ROA not before:           Sun 01 Jan 2023 22:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        77.90.145.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Jul 2023 08:57:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:82:5e:d6:00:91:a2:61:f4:79:46:00:b4:6d:20:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan  1 22:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a9f720ca1df6651dffcd4e1b9f5e8f0a6a2f7d5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6c:82:de:1a:0c:30:d7:18:71:9d:09:70:ad:
                    77:4a:25:e4:38:cf:b3:18:b5:f6:63:97:26:18:60:
                    ad:9e:1c:b2:c6:d3:18:0d:da:b0:4f:2d:11:b6:49:
                    f5:e3:ef:f7:31:8e:9f:21:f7:cc:11:d3:d3:e6:41:
                    83:ef:ab:36:e9:7d:1c:c9:b5:b8:54:03:a9:37:67:
                    9b:66:dc:b7:8d:9e:ec:18:99:b9:a8:ec:ca:fa:83:
                    c0:ab:07:5f:97:2a:55:aa:cc:16:97:2f:62:1c:8d:
                    9f:18:f7:f0:e5:99:8b:0a:01:05:2a:aa:ef:ee:de:
                    69:3a:7b:6f:b5:39:33:ed:35:33:c2:9c:2a:60:1e:
                    3e:09:35:68:43:84:73:9c:ae:e2:0d:9b:dd:56:04:
                    c9:0e:e2:1d:22:e8:81:1a:05:b7:e8:9a:21:91:c8:
                    00:d9:9f:d4:7c:42:58:93:ff:46:76:53:50:50:02:
                    42:08:1c:cc:8b:23:e4:77:59:31:a1:97:53:bf:71:
                    63:12:21:2e:60:fe:37:c8:7f:34:04:e4:41:27:33:
                    61:03:13:86:20:80:50:86:26:5a:f6:a8:c3:59:a4:
                    71:c7:36:1e:44:d5:dc:88:88:17:7a:63:89:29:9b:
                    22:0f:72:0e:86:76:8e:19:df:c6:c2:e4:26:c4:de:
                    e8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F7:20:CA:1D:F6:65:1D:FF:CD:4E:1B:9F:5E:8F:0A:6A:2F:7D:5B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qfcgyh32ZR3_zU4bn16PCmovfVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.145.0/24
                  77.90.154.0/24
                  185.230.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:fa:0d:cf:4f:db:b6:37:00:f3:87:96:fe:3b:1f:c6:4b:e3:
         89:ef:c0:f6:32:7c:a0:02:0a:13:30:1e:4b:25:45:6c:fb:04:
         ab:b5:79:17:9f:e7:ac:9f:50:f4:f9:57:44:7c:12:8a:d3:d0:
         92:fb:5f:86:26:5b:d8:6c:40:83:4c:ce:6c:24:65:6d:f9:2d:
         18:e1:93:61:66:2e:78:78:10:c8:88:74:03:f9:ae:9a:2d:55:
         36:4c:ec:67:63:72:6e:b2:8e:b8:67:a2:2e:7e:48:24:bd:92:
         cf:0b:42:44:de:06:5c:bc:cb:5d:4e:a7:7c:85:51:33:7a:e5:
         4c:c0:ce:1a:66:8d:96:37:1e:a7:8d:d5:25:e0:0d:b9:ad:49:
         6a:24:d7:b2:d0:41:b3:c4:8f:ae:d0:bf:17:a7:a6:81:37:fa:
         0f:81:cc:bf:38:c1:6e:fa:a5:ca:f1:bc:33:eb:a8:d8:39:e5:
         a7:c3:29:ad:db:6a:88:7c:f5:53:ef:13:3c:dc:45:44:b8:4a:
         d4:c7:37:f9:e7:85:c7:78:6b:4e:33:39:79:0b:51:88:67:19:
         16:5e:c3:34:a2:ef:75:be:2f:2e:5a:f6:d7:95:01:3b:38:0f:
         7c:2c:8a:be:f9:2d:f6:81:56:21:3a:f7:58:6e:0e:6e:a7:91:
         c7:50:cc:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvgl7WAJGiYfR5RgC0bSBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY3MjBjYTFkZjY2NTFkZmZjZDRlMWI5ZjVlOGYwYTZhMmY3ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWyC3hoMMNcYcZ0JcK13SiXkOM+z
GLX2Y5cmGGCtnhyyxtMYDdqwTy0Rtkn14+/3MY6fIffMEdPT5kGD76s26X0cybW4
VAOpN2ebZty3jZ7sGJm5qOzK+oPAqwdflypVqswWly9iHI2fGPfw5ZmLCgEFKqrv
7t5pOntvtTkz7TUzwpwqYB4+CTVoQ4RznK7iDZvdVgTJDuIdIuiBGgW36JohkcgA
2Z/UfEJYk/9GdlNQUAJCCBzMiyPkd1kxoZdTv3FjEiEuYP43yH80BORBJzNhAxOG
IIBQhiZa9qjDWaRxxzYeRNXciIgXemOJKZsiD3IOhnaOGd/GwuQmxN7oYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKn3IMod9mUd/81OG59ejwpqL31bMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvcWZjZ3loMzJaUjNfelU0Ym4xNlBDbW92ZlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqRAwQA
TVqaAwQAueYNMA0GCSqGSIb3DQEBCwUAA4IBAQC0+g3PT9u2NwDzh5b+Ox/GS+OJ
78D2MnygAgoTMB5LJUVs+wSrtXkXn+esn1D0+VdEfBKK09CS+1+GJlvYbECDTM5s
JGVt+S0Y4ZNhZi54eBDIiHQD+a6aLVU2TOxnY3Juso64Z6IufkgkvZLPC0JE3gZc
vMtdTqd8hVEzeuVMwM4aZo2WNx6njdUl4A25rUlqJNey0EGzxI+u0L8Xp6aBN/oP
gcy/OMFu+qXK8bwz66jYOeWnwymt22qIfPVT7xM83EVEuErUxzf554XHeGtOMzl5
C1GIZxkWXsM0ou91vi8uWvbXlQE7OA98LIq++S32gVYhOvdYbg5up5HHUMzB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org