Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/v9hPnzopqIQ0-_UyMZf4aps6vUY.roa
File:                     v9hPnzopqIQ0-_UyMZf4aps6vUY.roa (raw, json)
Hash identifier:          fWHqyqfegM1HMi6BNPwSQwoe3B8DXbVNPDj6a7Rlmhc=
Subject key identifier:   BF:D8:4F:9F:3A:29:A8:84:34:FB:F5:32:31:97:F8:6A:9B:3A:BD:46
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       01857355DA790629AFC4A4DCA0B0C2E9FF2A
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/v9hPnzopqIQ0-_UyMZf4aps6vUY.roa
Signing time:             Mon 02 Jan 2023 16:34:44 +0000
ROA not before:           Mon 02 Jan 2023 16:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     26476
IP address blocks:        77.67.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:55:da:79:06:29:af:c4:a4:dc:a0:b0:c2:e9:ff:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 16:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bfd84f9f3a29a88434fbf5323197f86a9b3abd46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:59:fb:9d:1b:7c:84:f6:42:4d:33:94:38:b2:
                    2d:99:5a:9b:3c:3f:d0:9c:de:36:2f:cf:b2:09:67:
                    d0:df:a8:ae:e9:f9:82:eb:cf:4f:e7:a4:c0:ff:5d:
                    bc:2f:9e:a2:58:74:6d:5b:c8:e5:b5:d7:b0:f3:77:
                    f5:2f:33:72:86:f7:cb:2f:b5:60:6a:b9:d9:12:f4:
                    20:62:39:4e:ac:b9:76:af:bf:d2:2b:bb:35:98:d6:
                    35:21:ec:49:b2:9b:49:a2:6a:fd:b7:aa:b0:4e:af:
                    ea:4f:f1:10:6e:c1:f8:9a:ed:bb:60:98:5d:8d:b2:
                    ce:dc:70:0f:6e:12:d5:dd:f4:49:ec:2b:bf:f4:e3:
                    d0:c2:be:07:f0:21:b2:da:cb:16:17:74:fa:46:20:
                    f9:75:53:ab:97:c3:d8:fb:93:80:f8:fe:ad:b9:59:
                    11:49:64:b4:28:72:73:03:95:94:d0:60:5a:06:0d:
                    b8:8a:6e:a4:7b:75:23:9a:ef:a4:6c:da:82:e1:3c:
                    d2:92:ed:3a:70:a2:b5:09:c6:c0:d1:2d:4e:5c:ca:
                    7c:8a:14:c4:3a:7f:73:9d:07:31:46:2d:df:32:28:
                    69:bf:47:ce:32:fe:bb:e4:8d:cd:9f:ce:16:50:3c:
                    82:df:ad:ba:0d:18:df:9e:5e:fb:e6:69:a0:ac:75:
                    3b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D8:4F:9F:3A:29:A8:84:34:FB:F5:32:31:97:F8:6A:9B:3A:BD:46
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/v9hPnzopqIQ0-_UyMZf4aps6vUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.67.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:12:85:bf:f0:4a:69:22:36:8d:51:0f:67:85:9b:02:3c:9d:
         8c:bf:d0:b6:e2:39:5f:7f:e3:b5:3d:4d:78:37:ba:57:0f:58:
         5d:bf:57:65:b6:82:0c:39:44:b7:44:ac:66:45:d9:40:9b:55:
         ca:25:1c:dc:b7:f7:89:37:25:21:a1:15:58:e0:67:7c:82:d1:
         66:4e:bf:22:eb:ab:be:eb:54:86:c5:be:d9:f3:00:6f:a6:88:
         bf:fd:1c:60:46:62:99:40:af:b3:04:24:cd:07:25:73:a9:24:
         f1:86:02:f7:1e:63:48:e9:97:5e:3c:22:58:1b:7f:89:7c:96:
         d8:81:af:ee:bf:7e:f4:09:a3:09:0a:c4:db:4c:6f:bc:39:2e:
         70:a2:c6:c0:a6:7f:58:6c:e4:73:8e:8b:c1:52:d8:58:7f:94:
         b9:0b:99:6f:a6:12:7b:ea:b7:75:81:1d:71:a7:37:e2:7b:6b:
         65:a2:8c:ae:d1:e6:f8:bd:b6:26:84:da:8a:68:6b:3b:a1:cf:
         d5:ab:59:0d:3f:b2:69:71:c6:78:bf:0b:30:34:ca:ff:72:ff:
         fb:23:70:b6:45:59:f4:56:a3:6f:e1:d4:75:8b:ac:8a:19:86:
         ba:3d:14:b0:9e:8b:44:2e:b7:84:64:03:53:e4:3e:33:2e:97:
         97:be:3f:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVdp5BimvxKTcoLDC6f8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQ4NGY5ZjNhMjlhODg0MzRmYmY1MzIzMTk3Zjg2YTliM2FiZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkln7nRt8hPZCTTOUOLItmVqbPD/Q
nN42L8+yCWfQ36iu6fmC689P56TA/128L56iWHRtW8jltdew83f1LzNyhvfLL7Vg
arnZEvQgYjlOrLl2r7/SK7s1mNY1IexJsptJomr9t6qwTq/qT/EQbsH4mu27YJhd
jbLO3HAPbhLV3fRJ7Cu/9OPQwr4H8CGy2ssWF3T6RiD5dVOrl8PY+5OA+P6tuVkR
SWS0KHJzA5WU0GBaBg24im6ke3Ujmu+kbNqC4TzSku06cKK1CcbA0S1OXMp8ihTE
On9znQcxRi3fMihpv0fOMv675I3Nn84WUDyC3626DRjfnl775mmgrHU7mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/YT586KaiENPv1MjGX+GqbOr1GMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvdjloUG56b3BxSVEwLV9VeU1aZjRhcHM2dlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUMmMA0G
CSqGSIb3DQEBCwUAA4IBAQBaEoW/8EppIjaNUQ9nhZsCPJ2Mv9C24jlff+O1PU14
N7pXD1hdv1dltoIMOUS3RKxmRdlAm1XKJRzct/eJNyUhoRVY4Gd8gtFmTr8i66u+
61SGxb7Z8wBvpoi//RxgRmKZQK+zBCTNByVzqSTxhgL3HmNI6ZdePCJYG3+JfJbY
ga/uv370CaMJCsTbTG+8OS5wosbApn9YbORzjovBUthYf5S5C5lvphJ76rd1gR1x
pzfie2tlooyu0eb4vbYmhNqKaGs7oc/Vq1kNP7JpccZ4vwswNMr/cv/7I3C2RVn0
VqNv4dR1i6yKGYa6PRSwnotELreEZANT5D4zLpeXvj8Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org