Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/o53fr0779P_4Q_EvWq27Ahjf7G0.roa
File:                     o53fr0779P_4Q_EvWq27Ahjf7G0.roa (raw, json)
Hash identifier:          QVVtY4Aa925bEgeRZiL0JcrdbnuhAwshUauCqsT7W2I=
Subject key identifier:   A3:9D:DF:AF:4E:FB:F4:FF:F8:43:F1:2F:5A:AD:BB:02:18:DF:EC:6D
Certificate issuer:       /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial:       01872FBBCC67564E66DA9AFF629BDA426AE4
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/o53fr0779P_4Q_EvWq27Ahjf7G0.roa
Signing time:             Wed 29 Mar 2023 23:37:29 +0000
ROA not before:           Wed 29 Mar 2023 23:37:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200220
IP address blocks:        79.132.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Mar 2023 20:38:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2f:bb:cc:67:56:4e:66:da:9a:ff:62:9b:da:42:6a:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
        Validity
            Not Before: Mar 29 23:37:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a39ddfaf4efbf4fff843f12f5aadbb0218dfec6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:99:01:45:f2:6a:bb:a7:1b:66:dd:f7:97:ea:
                    19:a1:84:ab:2a:04:c3:8a:39:dc:01:61:ff:e8:c3:
                    4b:67:61:64:72:2f:f6:15:8b:3e:ed:91:0d:61:59:
                    f1:df:ae:9d:34:90:71:c9:f5:30:88:4c:5c:d4:72:
                    6e:65:8d:88:0d:3b:06:c5:06:d8:2a:d9:e3:7f:f4:
                    22:e0:f1:39:1d:04:13:21:ba:2e:bd:f3:13:31:dd:
                    c2:8f:51:a1:c4:9f:f2:a9:6b:40:12:0b:8b:00:fe:
                    01:62:14:03:26:1c:dd:e9:23:05:84:a8:12:dc:84:
                    9d:b4:93:d0:b1:6b:b2:b8:e0:be:59:02:2b:a2:db:
                    4e:17:47:33:e1:a5:1e:05:00:35:8d:4f:d7:01:19:
                    02:5e:6a:ab:15:97:0d:97:01:d0:45:70:3a:f2:67:
                    e4:5b:35:e5:c4:d1:b4:7a:79:c8:4b:da:c4:47:fb:
                    ae:bc:1c:40:48:a0:6c:9e:cd:11:66:62:c1:99:90:
                    34:f4:ec:84:e1:6f:2a:b5:85:ed:f2:a7:a8:6e:e1:
                    a2:cf:6a:a5:e1:4a:1b:cf:1c:ea:f2:b2:ab:b3:be:
                    01:f0:1d:b8:31:b2:a1:19:6d:53:5a:29:73:74:5c:
                    0d:ef:4b:b1:b0:6b:d0:16:27:59:8f:c8:9e:15:b0:
                    a8:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:9D:DF:AF:4E:FB:F4:FF:F8:43:F1:2F:5A:AD:BB:02:18:DF:EC:6D
            X509v3 Authority Key Identifier:
                keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/o53fr0779P_4Q_EvWq27Ahjf7G0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.132.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:46:6a:84:cb:5d:33:8e:f1:80:21:95:1b:2f:31:19:1f:4f:
         e0:af:c9:10:04:92:da:a3:10:df:d9:23:16:b2:d7:6a:55:fd:
         7e:28:93:1b:8d:3a:12:57:2c:62:7e:d4:ef:43:33:84:09:35:
         bd:ac:78:f4:36:7c:6e:e5:80:5a:f5:73:a4:be:e7:d5:b4:6a:
         f9:d8:a7:c6:8c:0d:8d:36:80:a1:aa:e7:32:fd:6b:a9:1f:b1:
         cd:36:93:14:68:b2:f6:21:97:2c:2d:2c:37:fc:32:4d:7b:16:
         6d:c4:1f:6e:5f:65:d1:0e:13:be:ea:a0:8d:02:7a:56:9d:96:
         8d:1a:df:ea:ab:e2:87:65:66:18:44:7c:66:5c:65:3c:a2:79:
         ec:fb:10:dc:14:ff:96:6e:7c:76:94:cc:00:00:50:c6:b7:ec:
         1e:27:a4:bc:17:b1:75:17:17:5f:02:73:78:c1:7c:d1:61:53:
         2e:24:e8:b9:9a:9c:b5:dc:f4:97:e1:fd:18:5e:78:fa:90:ed:
         4b:54:ca:e7:cd:0f:5c:10:7e:cd:a1:8d:5a:c4:46:1c:5f:d5:
         bc:53:6c:95:31:3d:f7:b8:0e:af:cc:f4:2d:17:c7:4a:af:a8:
         33:13:51:05:e5:e5:00:cc:e1:3a:ba:d7:c6:c3:f5:af:76:3f:
         dd:40:64:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcvu8xnVk5m2pr/YpvaQmrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMzI5MjMzNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzlkZGZhZjRlZmJmNGZmZjg0M2YxMmY1YWFkYmIwMjE4ZGZlYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpkBRfJqu6cbZt33l+oZoYSrKgTD
ijncAWH/6MNLZ2Fkci/2FYs+7ZENYVnx366dNJBxyfUwiExc1HJuZY2IDTsGxQbY
Ktnjf/Qi4PE5HQQTIbouvfMTMd3Cj1GhxJ/yqWtAEguLAP4BYhQDJhzd6SMFhKgS
3ISdtJPQsWuyuOC+WQIrottOF0cz4aUeBQA1jU/XARkCXmqrFZcNlwHQRXA68mfk
WzXlxNG0ennIS9rER/uuvBxASKBsns0RZmLBmZA09OyE4W8qtYXt8qeobuGiz2ql
4Uobzxzq8rKrs74B8B24MbKhGW1TWilzdFwN70uxsGvQFidZj8ieFbCoZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOd369O+/T/+EPxL1qtuwIY3+xtMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvbzUzZnIwNzc5UF80UV9FdldxMjdBaGpmN0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT4SHMA0G
CSqGSIb3DQEBCwUAA4IBAQAORmqEy10zjvGAIZUbLzEZH0/gr8kQBJLaoxDf2SMW
stdqVf1+KJMbjToSVyxiftTvQzOECTW9rHj0Nnxu5YBa9XOkvufVtGr52KfGjA2N
NoChqucy/WupH7HNNpMUaLL2IZcsLSw3/DJNexZtxB9uX2XRDhO+6qCNAnpWnZaN
Gt/qq+KHZWYYRHxmXGU8onns+xDcFP+Wbnx2lMwAAFDGt+weJ6S8F7F1FxdfAnN4
wXzRYVMuJOi5mpy13PSX4f0YXnj6kO1LVMrnzQ9cEH7NoY1axEYcX9W8U2yVMT33
uA6vzPQtF8dKr6gzE1EF5eUAzOE6utfGw/Wvdj/dQGSb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org