Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/t9PlIqOaIhZKBjkAsg5_m293vPo.roa
File:                     t9PlIqOaIhZKBjkAsg5_m293vPo.roa (raw, json)
Hash identifier:          TDuvidcRSZhnGXCfjTffz/E6tacWj3VLAuTw0QcJkx4=
Subject key identifier:   B7:D3:E5:22:A3:9A:22:16:4A:06:39:00:B2:0E:7F:9B:6F:77:BC:FA
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       01857355D8C344B833474A9A477A106A88A6
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/t9PlIqOaIhZKBjkAsg5_m293vPo.roa
Signing time:             Mon 02 Jan 2023 16:34:43 +0000
ROA not before:           Mon 02 Jan 2023 16:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20940
IP address blocks:        77.67.85.0/24 maxlen: 24
                          77.67.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 10:55:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:55:d8:c3:44:b8:33:47:4a:9a:47:7a:10:6a:88:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 16:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b7d3e522a39a22164a063900b20e7f9b6f77bcfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:00:a4:0b:99:82:ec:5b:07:17:0c:57:b1:14:
                    c3:59:c8:9f:7d:ef:1b:7a:9e:eb:f0:df:40:c8:2a:
                    d5:cc:49:b6:d0:53:36:4a:1f:bc:30:e4:06:e8:4e:
                    f5:65:93:78:dc:16:94:06:e4:2d:7d:65:27:d8:57:
                    a6:cb:4f:ea:39:03:d0:7a:7f:86:45:21:c4:97:74:
                    9e:be:10:10:f9:8b:f5:18:50:bd:3b:4d:48:41:89:
                    43:7e:60:9e:cc:e7:d7:a5:2e:66:0c:7a:12:40:47:
                    41:2d:ef:c1:df:2a:2b:64:72:b8:e9:e0:30:94:48:
                    7e:bc:1f:68:b9:ee:1d:df:2a:3a:62:7d:6b:d6:b7:
                    96:39:6a:59:83:53:8a:2a:6a:7d:18:12:4e:7a:65:
                    df:33:28:4b:e3:b8:57:ce:67:7a:53:6d:5b:cd:42:
                    87:33:44:45:ce:54:4e:08:bd:7d:87:23:8e:54:72:
                    4a:cd:90:3a:66:ea:9e:10:8a:07:96:79:b7:34:f6:
                    51:85:cc:e3:1a:7f:5b:12:77:de:99:b5:e9:a9:d7:
                    19:7a:21:32:ce:2e:af:04:f4:4a:57:c6:32:65:fe:
                    8f:8f:50:9a:fc:5b:58:d9:cb:85:6e:9d:db:85:bb:
                    ea:54:f2:59:5d:09:54:e7:20:da:03:0d:ae:e6:91:
                    5e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D3:E5:22:A3:9A:22:16:4A:06:39:00:B2:0E:7F:9B:6F:77:BC:FA
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/t9PlIqOaIhZKBjkAsg5_m293vPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.67.85.0/24
                  77.67.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:f2:78:25:c3:32:79:ee:a6:4b:f3:70:10:ae:66:99:84:77:
         c8:bf:a7:c9:39:ee:4d:9b:83:be:46:10:4a:15:37:56:24:d1:
         28:a8:2e:b5:73:20:b4:fc:83:ee:31:40:da:bc:41:68:96:68:
         e1:10:7d:b1:58:67:b9:07:62:b4:c5:aa:ba:5c:2f:76:51:48:
         ef:f9:b8:4d:f9:45:be:24:2f:61:f4:3e:80:2f:21:3e:f3:a3:
         c6:fd:4e:05:64:f0:e7:be:36:c8:23:c3:9d:cf:c4:c9:ee:59:
         4e:c9:76:53:87:61:2b:5f:e6:88:ba:f7:23:2c:62:f4:db:e6:
         a0:9e:f8:27:7d:2b:3e:87:44:46:20:f2:84:5c:0f:5d:96:bc:
         8e:cd:85:0e:7e:d2:68:90:6a:d3:33:33:63:f7:0b:1a:10:4f:
         fe:a7:cb:96:34:38:65:cb:65:05:97:3f:56:56:a1:0d:c7:d9:
         8e:e4:e1:17:99:58:2e:68:8e:15:c3:cd:fe:95:28:7c:b9:f9:
         00:8e:12:01:a3:d0:8f:13:28:fb:0a:47:5a:da:30:52:31:68:
         29:36:0c:a1:50:3b:9d:ec:d7:28:26:8b:b3:16:a1:a2:6f:8d:
         08:c4:c3:aa:0f:ce:01:4d:bf:ce:24:bb:1c:a8:25:19:e8:bd:
         42:ba:38:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzVdjDRLgzR0qaR3oQaoimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QzZTUyMmEzOWEyMjE2NGEwNjM5MDBiMjBlN2Y5YjZmNzdiY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQCkC5mC7FsHFwxXsRTDWciffe8b
ep7r8N9AyCrVzEm20FM2Sh+8MOQG6E71ZZN43BaUBuQtfWUn2Femy0/qOQPQen+G
RSHEl3SevhAQ+Yv1GFC9O01IQYlDfmCezOfXpS5mDHoSQEdBLe/B3yorZHK46eAw
lEh+vB9oue4d3yo6Yn1r1reWOWpZg1OKKmp9GBJOemXfMyhL47hXzmd6U21bzUKH
M0RFzlROCL19hyOOVHJKzZA6ZuqeEIoHlnm3NPZRhczjGn9bEnfembXpqdcZeiEy
zi6vBPRKV8YyZf6Pj1Ca/FtY2cuFbp3bhbvqVPJZXQlU5yDaAw2u5pFeAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfT5SKjmiIWSgY5ALIOf5tvd7z6MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvdDlQbElxT2FJaFpLQmprQXNnNV9tMjkzdlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUNVAwQA
TUN+MA0GCSqGSIb3DQEBCwUAA4IBAQBb8nglwzJ57qZL83AQrmaZhHfIv6fJOe5N
m4O+RhBKFTdWJNEoqC61cyC0/IPuMUDavEFolmjhEH2xWGe5B2K0xaq6XC92UUjv
+bhN+UW+JC9h9D6ALyE+86PG/U4FZPDnvjbII8Odz8TJ7llOyXZTh2ErX+aIuvcj
LGL02+agnvgnfSs+h0RGIPKEXA9dlryOzYUOftJokGrTMzNj9wsaEE/+p8uWNDhl
y2UFlz9WVqENx9mO5OEXmVguaI4Vw83+lSh8ufkAjhIBo9CPEyj7Ckda2jBSMWgp
NgyhUDud7NcoJouzFqGib40IxMOqD84BTb/OJLscqCUZ6L1CujjT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org