Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uznFU4F3QHDQ9us-y3ZhJBPM60s.roa
File:                     uznFU4F3QHDQ9us-y3ZhJBPM60s.roa (raw, json)
Hash identifier:          ZSsafewU9c1fN1g/8Jnp9Y97vqv+lPIMKsoly2tbJT0=
Subject key identifier:   BB:39:C5:53:81:77:40:70:D0:F6:EB:3E:CB:76:61:24:13:CC:EB:4B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018CD66F9D4E37F64EB547ECEAD1A2C6CE59
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uznFU4F3QHDQ9us-y3ZhJBPM60s.roa
Signing time:             Thu 04 Jan 2024 21:44:48 +0000
ROA not before:           Thu 04 Jan 2024 21:44:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          213.209.129.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 20:36:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d6:6f:9d:4e:37:f6:4e:b5:47:ec:ea:d1:a2:c6:ce:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan  4 21:44:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb39c55381774070d0f6eb3ecb76612413cceb4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:25:56:d0:23:1b:30:38:c7:61:ac:7f:94:3f:
                    b1:12:7e:4e:25:6a:ad:98:9d:95:ae:c5:b1:56:68:
                    e2:af:24:7b:d6:e1:05:19:8a:17:79:b3:c9:34:22:
                    ee:67:37:d3:1d:05:04:87:d8:81:df:1d:fb:40:2b:
                    d6:62:0a:1d:43:e8:80:aa:29:08:00:75:e6:15:4a:
                    6b:74:c4:c0:d0:68:33:c6:b5:3d:c2:c4:bb:b6:be:
                    00:6a:70:a2:ae:08:91:51:84:cf:f4:c2:7e:bb:8c:
                    ba:3c:d2:bb:64:8c:d2:48:87:20:bb:0e:a9:05:75:
                    51:ad:28:2c:ce:fd:e2:67:e9:a9:2c:87:5e:2e:08:
                    da:9c:cb:f3:23:31:7b:25:88:64:77:03:3c:de:54:
                    99:20:3e:c6:fd:79:6c:10:69:39:f3:5b:fd:df:fc:
                    f4:63:8c:b9:d4:8c:cc:2f:bb:5d:05:34:b6:1d:ba:
                    8c:f6:0c:81:47:ce:00:92:36:b7:90:ce:05:82:6c:
                    59:0b:28:f2:b7:37:c6:cf:1f:10:ae:29:86:7d:fc:
                    38:ba:85:ba:7a:14:78:d8:80:4d:bc:cd:a2:4f:f2:
                    58:37:17:2b:46:12:0b:f7:55:57:c5:e9:8d:3b:5f:
                    41:0b:19:f1:29:f0:9c:a0:98:f1:a5:2f:98:0e:83:
                    a0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:39:C5:53:81:77:40:70:D0:F6:EB:3E:CB:76:61:24:13:CC:EB:4B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uznFU4F3QHDQ9us-y3ZhJBPM60s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.134.255
                  77.90.136.0/23
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.148.255
                  77.90.153.0-77.90.154.255
                  77.90.188.0/24
                  185.230.13.0-185.230.15.255
                  213.209.129.0/24
                  213.209.138.0/24
                  213.209.145.0-213.209.146.255
                  213.209.150.0/24
                  213.209.157.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:76:56:15:85:c1:e1:b9:0f:38:32:c5:3e:08:d7:b5:47:76:
         83:3e:7a:71:29:0a:b2:f8:24:ab:d7:ce:58:54:c8:4c:26:ee:
         0f:13:c3:35:8e:db:72:02:62:e5:c4:10:20:ed:f1:d2:23:bd:
         84:28:c9:d6:01:06:f4:67:f2:70:4b:4d:c1:90:61:ae:05:f6:
         1b:2b:d9:0b:8e:92:26:65:3e:26:f1:4e:b7:7d:1a:b0:8e:73:
         bd:8e:c4:dd:c0:b7:dc:63:42:70:62:ed:ce:ea:48:42:5a:2e:
         b1:8e:38:0a:af:45:56:1d:dc:ee:f8:f4:d2:ef:6a:d3:64:2a:
         b9:1e:a6:3d:df:73:91:23:4e:84:3a:0c:67:ac:71:f5:ef:e0:
         07:91:54:60:25:5b:c5:22:cf:38:3b:09:d1:a7:54:0f:78:82:
         10:91:0d:eb:dd:eb:80:11:0f:df:66:db:9b:6b:e6:2e:7d:37:
         f2:57:4d:f0:7d:4e:9e:55:38:61:e0:ce:f6:9a:21:4e:26:0d:
         eb:38:04:35:7f:14:1d:e8:58:0f:5e:a5:56:b0:1b:16:58:b5:
         84:e1:9c:94:1e:bb:3c:9e:da:1c:6b:82:b5:3b:33:5c:82:9d:
         8e:5b:89:3b:e8:2e:52:93:94:54:05:9e:40:8c:31:e5:ba:6a:
         f0:56:36:90
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYzWb51ON/ZOtUfs6tGixs5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTA0MjE0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM5YzU1MzgxNzc0MDcwZDBmNmViM2VjYjc2NjEyNDEzY2NlYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyVW0CMbMDjHYax/lD+xEn5OJWqt
mJ2VrsWxVmjiryR71uEFGYoXebPJNCLuZzfTHQUEh9iB3x37QCvWYgodQ+iAqikI
AHXmFUprdMTA0GgzxrU9wsS7tr4AanCirgiRUYTP9MJ+u4y6PNK7ZIzSSIcguw6p
BXVRrSgszv3iZ+mpLIdeLgjanMvzIzF7JYhkdwM83lSZID7G/XlsEGk581v93/z0
Y4y51IzML7tdBTS2HbqM9gyBR84Akja3kM4FgmxZCyjytzfGzx8QrimGffw4uoW6
ehR42IBNvM2iT/JYNxcrRhIL91VXxemNO19BCxnxKfCcoJjxpS+YDoOgPQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFLs5xVOBd0Bw0PbrPst2YSQTzOtLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdXpuRlU0RjNRSERROXVzLXkzWmhKQlBNNjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBkwQCAAEwgYwwDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqGAwQBTVqIAwQATVqMMAwDBAFNWo4DBABN
WpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQATVq8MAwDBAC55g0DBAS5
5gADBADV0YEDBADV0YowDAMEANXRkQMEANXRkgMEANXRlgMEANXRnTAUBAIAAjAO
AwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAA12VhWFweG5DzgyxT4I
17VHdoM+enEpCrL4JKvXzlhUyEwm7g8TwzWO23ICYuXEECDt8dIjvYQoydYBBvRn
8nBLTcGQYa4F9hsr2QuOkiZlPibxTrd9GrCOc72OxN3At9xjQnBi7c7qSEJaLrGO
OAqvRVYd3O749NLvatNkKrkepj3fc5EjToQ6DGescfXv4AeRVGAlW8Uizzg7CdGn
VA94ghCRDevd64ARD99m25tr5i59N/JXTfB9Tp5VOGHgzvaaIU4mDes4BDV/FB3o
WA9epVawGxZYtYThnJQeuzye2hxrgrU7M1yCnY5biTvoLlKTlFQFnkCMMeW6avBW
NpA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org