Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/x3mXtU2IudKBogf_kRBcY6CwkeY.roa
File:                     x3mXtU2IudKBogf_kRBcY6CwkeY.roa (raw, json)
Hash identifier:          RuFK3sfc/OImGu6TY6oFIXdxgGtUP8ZEYXRtys9ERYg=
Subject key identifier:   C7:79:97:B5:4D:88:B9:D2:81:A2:07:FF:91:10:5C:63:A0:B0:91:E6
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018CB0F24B7F8F262EA1F6E0971550E16746
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/x3mXtU2IudKBogf_kRBcY6CwkeY.roa
Signing time:             Thu 28 Dec 2023 15:01:58 +0000
ROA not before:           Thu 28 Dec 2023 15:01:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        213.209.143.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b0:f2:4b:7f:8f:26:2e:a1:f6:e0:97:15:50:e1:67:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Dec 28 15:01:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c77997b54d88b9d281a207ff91105c63a0b091e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e0:0b:91:72:52:4e:71:63:9e:85:6f:19:62:
                    45:9d:9c:23:54:ab:87:56:c6:4d:d2:1a:16:fd:43:
                    8d:38:f5:a1:a3:23:45:04:8a:3d:7c:7a:4c:34:a8:
                    30:a5:63:a2:bb:01:93:4b:71:e7:fe:62:cf:d2:5d:
                    f2:4f:29:63:20:c0:76:b6:09:14:b3:84:41:e8:a4:
                    6b:81:54:b8:13:9c:73:40:f7:36:ef:75:bc:41:ff:
                    d6:8e:15:07:f5:cb:30:96:00:99:dc:d6:73:3f:98:
                    59:f1:dd:a0:f0:b9:13:d0:89:db:aa:81:00:69:b8:
                    5c:59:21:c8:2e:c8:b5:0f:51:f2:47:8c:4e:d3:d8:
                    32:ff:70:4d:54:dd:ec:c8:fd:77:5d:2f:d4:b9:a1:
                    9d:06:8e:fb:4f:78:89:33:a0:53:44:c4:da:a2:ad:
                    3c:00:8e:9c:ec:67:ad:9e:38:45:2b:77:f6:83:ae:
                    98:5b:8b:c6:7a:9c:7e:f6:e7:01:17:48:f5:38:16:
                    e5:a5:02:e9:f2:82:7d:ae:9b:e2:83:66:c7:61:80:
                    8a:c4:92:0e:09:da:e5:0c:c3:33:78:2e:3d:dd:2a:
                    2e:de:53:51:bb:2d:29:31:ed:fc:d5:4a:0b:a8:42:
                    c2:7b:bb:99:6f:81:39:6d:d5:d4:af:e6:99:8f:30:
                    4a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:79:97:B5:4D:88:B9:D2:81:A2:07:FF:91:10:5C:63:A0:B0:91:E6
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/x3mXtU2IudKBogf_kRBcY6CwkeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.138.0/24
                  213.209.143.0/24
                  213.209.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:d6:79:cb:af:0a:4d:02:0c:05:a3:fe:e3:fb:62:69:df:ea:
         de:d8:eb:7c:3c:e2:3c:a4:8c:02:40:15:23:da:5e:59:d9:b2:
         85:40:9e:de:cc:b4:a0:cd:55:b8:18:78:5a:5e:31:c7:34:85:
         52:68:c7:f7:ad:c8:19:54:6c:44:d9:06:de:24:80:93:2a:0b:
         04:01:26:00:96:86:b4:2f:0a:f8:5f:05:2b:23:f3:e0:7f:e6:
         75:74:fe:1b:8f:28:4e:b4:fc:f8:35:3e:4d:06:fa:2b:a4:cc:
         3a:eb:a2:da:92:36:32:df:36:8e:ba:8c:76:2f:e2:88:ce:8c:
         de:c7:d2:00:2e:fa:34:c6:92:ca:57:f2:4b:80:de:10:39:81:
         bc:af:a8:ca:34:92:5e:1f:44:7c:1c:77:17:ac:23:7a:db:65:
         e8:1d:75:58:dc:af:00:e1:d4:97:df:c9:39:de:13:69:89:af:
         d0:47:7d:c1:4c:19:6e:53:bd:a1:6f:02:f9:5e:b8:2e:c4:18:
         aa:1f:1b:f2:a4:01:7a:2a:58:f9:0a:fa:07:23:78:70:5f:08:
         0c:c6:74:42:8c:38:86:3e:b6:5d:8d:77:82:56:20:e9:e8:15:
         67:61:38:1d:49:3c:83:41:27:58:5c:03:79:a6:e2:a7:97:0f:
         80:3e:3b:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyw8kt/jyYuofbglxVQ4WdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMjI4MTUwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzc5OTdiNTRkODhiOWQyODFhMjA3ZmY5MTEwNWM2M2EwYjA5MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieALkXJSTnFjnoVvGWJFnZwjVKuH
VsZN0hoW/UONOPWhoyNFBIo9fHpMNKgwpWOiuwGTS3Hn/mLP0l3yTyljIMB2tgkU
s4RB6KRrgVS4E5xzQPc273W8Qf/WjhUH9cswlgCZ3NZzP5hZ8d2g8LkT0InbqoEA
abhcWSHILsi1D1HyR4xO09gy/3BNVN3syP13XS/UuaGdBo77T3iJM6BTRMTaoq08
AI6c7GetnjhFK3f2g66YW4vGepx+9ucBF0j1OBblpQLp8oJ9rpvig2bHYYCKxJIO
CdrlDMMzeC493Sou3lNRuy0pMe381UoLqELCe7uZb4E5bdXUr+aZjzBKewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMd5l7VNiLnSgaIH/5EQXGOgsJHmMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveDNtWHRVMkl1ZEtCb2dmX2tSQmNZNkN3a2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqKAwQA
1dGPAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQCA1nnLrwpNAgwFo/7j+2Jp3+re
2Ot8POI8pIwCQBUj2l5Z2bKFQJ7ezLSgzVW4GHhaXjHHNIVSaMf3rcgZVGxE2Qbe
JICTKgsEASYAloa0Lwr4XwUrI/Pgf+Z1dP4bjyhOtPz4NT5NBvorpMw666LakjYy
3zaOuox2L+KIzozex9IALvo0xpLKV/JLgN4QOYG8r6jKNJJeH0R8HHcXrCN622Xo
HXVY3K8A4dSX38k53hNpia/QR33BTBluU72hbwL5XrguxBiqHxvypAF6Klj5CvoH
I3hwXwgMxnRCjDiGPrZdjXeCViDp6BVnYTgdSTyDQSdYXAN5puKnlw+APjtJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org