Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/71FzIL2MxAByQuhlCuN_f8V_vKU.roa
File:                     71FzIL2MxAByQuhlCuN_f8V_vKU.roa (raw, json)
Hash identifier:          Lo70wzDN+DquigUzRSrEGnIauFiAv0dg57uCt6c144A=
Subject key identifier:   EF:51:73:20:BD:8C:C4:00:72:42:E8:65:0A:E3:7F:7F:C5:7F:BC:A5
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       01879ED8809168772132A72F7D14C5BC016F
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/71FzIL2MxAByQuhlCuN_f8V_vKU.roa
Signing time:             Thu 20 Apr 2023 13:26:41 +0000
ROA not before:           Thu 20 Apr 2023 13:26:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        77.91.67.0/24 maxlen: 24
                          77.91.71.0/24 maxlen: 24
                          77.91.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:d8:80:91:68:77:21:32:a7:2f:7d:14:c5:bc:01:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Apr 20 13:26:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef517320bd8cc4007242e8650ae37f7fc57fbca5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:10:e1:a2:60:e7:33:4d:e5:18:fb:e2:6a:03:
                    c4:bd:c9:78:01:35:46:49:99:89:92:e3:76:ee:d2:
                    1d:39:27:f0:47:99:86:ee:f1:c0:f2:e4:8b:78:21:
                    88:23:8a:ba:4b:9f:3b:d6:27:c6:47:c3:79:8e:6d:
                    be:70:32:ed:bc:70:db:aa:6a:b0:91:e3:98:f8:6b:
                    7b:23:b0:2e:c0:5a:de:1c:7e:52:d7:83:2c:57:82:
                    8b:e4:ff:5f:08:48:05:e5:8a:1e:57:47:15:41:76:
                    5c:40:25:eb:15:10:ee:d0:6b:d9:cf:3a:a7:9c:1c:
                    10:db:07:30:c7:5c:17:a5:fb:ed:19:a6:1f:da:b2:
                    d2:af:e8:9c:4c:4c:2a:54:06:89:11:6d:fa:a1:d8:
                    86:d5:f8:5e:21:35:e0:06:08:00:93:5b:73:c3:83:
                    11:51:89:d9:be:9d:c5:dc:56:e2:90:21:46:a6:aa:
                    ea:e8:c5:9d:4d:99:fb:0e:6c:2d:6e:fe:c1:21:ad:
                    09:03:9c:97:ee:44:b6:ec:ef:c2:bc:c5:23:10:f3:
                    23:8c:3c:e1:dc:c2:68:e1:01:e2:2f:f4:0e:68:84:
                    15:69:ca:e9:6b:aa:8e:fe:ef:b1:8d:2d:23:7e:e6:
                    88:f0:47:4b:46:86:4e:30:05:10:0b:60:19:0c:06:
                    35:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:51:73:20:BD:8C:C4:00:72:42:E8:65:0A:E3:7F:7F:C5:7F:BC:A5
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/71FzIL2MxAByQuhlCuN_f8V_vKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.67.0/24
                  77.91.71.0/24
                  77.91.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:9c:cf:47:b9:4c:00:49:48:04:ff:9d:1e:8c:15:62:dd:a4:
         8a:1a:03:64:d6:4b:98:f4:5d:54:44:0b:00:14:9e:6a:47:07:
         4c:32:6f:fb:da:f8:2d:9a:63:48:52:d1:6d:8e:35:3b:98:cd:
         dd:f5:df:d2:47:d9:29:cc:54:6b:dc:67:d9:17:34:ce:a7:32:
         56:2a:9d:bd:64:79:5a:17:31:49:1a:dd:14:22:26:06:83:17:
         87:9b:52:0b:7a:31:0c:75:85:6f:64:ba:67:71:fd:f9:cc:b9:
         2b:5f:16:bf:03:2b:a2:c3:ce:56:3b:14:c9:db:23:43:ef:07:
         b7:db:1a:24:ba:ba:e0:20:26:2f:02:88:80:72:5d:41:03:90:
         84:4e:db:37:a9:7e:c2:58:6b:3a:f7:06:9f:40:1e:e6:79:31:
         a2:b1:15:1e:c7:7a:f4:be:c5:20:ae:59:48:73:e2:4b:81:4d:
         00:a1:d5:03:75:2a:0b:02:4b:d1:82:2d:d4:f4:cd:61:b5:5c:
         5f:37:5f:5a:4d:ed:26:83:a1:95:38:14:e8:92:78:8e:c5:49:
         2e:01:40:f7:fb:e8:cd:88:c6:b2:b9:fb:63:b0:60:d5:d6:54:
         60:7e:c7:09:ce:c8:df:3d:c9:e5:36:bc:84:1c:53:56:25:e5:
         ac:9a:0d:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYee2ICRaHchMqcvfRTFvAFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMwNDIwMTMyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUxNzMyMGJkOGNjNDAwNzI0MmU4NjUwYWUzN2Y3ZmM1N2ZiY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BDhomDnM03lGPviagPEvcl4ATVG
SZmJkuN27tIdOSfwR5mG7vHA8uSLeCGII4q6S5871ifGR8N5jm2+cDLtvHDbqmqw
keOY+Gt7I7AuwFreHH5S14MsV4KL5P9fCEgF5YoeV0cVQXZcQCXrFRDu0GvZzzqn
nBwQ2wcwx1wXpfvtGaYf2rLSr+icTEwqVAaJEW36odiG1fheITXgBggAk1tzw4MR
UYnZvp3F3FbikCFGpqrq6MWdTZn7Dmwtbv7BIa0JA5yX7kS27O/CvMUjEPMjjDzh
3MJo4QHiL/QOaIQVacrpa6qO/u+xjS0jfuaI8EdLRoZOMAUQC2AZDAY1BwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO9RcyC9jMQAckLoZQrjf3/Ff7ylMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvNzFGeklMMk14QUJ5UXVobEN1Tl9mOFZfdktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVtDAwQA
TVtHAwQATVtPMA0GCSqGSIb3DQEBCwUAA4IBAQCGnM9HuUwASUgE/50ejBVi3aSK
GgNk1kuY9F1URAsAFJ5qRwdMMm/72vgtmmNIUtFtjjU7mM3d9d/SR9kpzFRr3GfZ
FzTOpzJWKp29ZHlaFzFJGt0UIiYGgxeHm1ILejEMdYVvZLpncf35zLkrXxa/Ayui
w85WOxTJ2yND7we32xokurrgICYvAoiAcl1BA5CETts3qX7CWGs69wafQB7meTGi
sRUex3r0vsUgrllIc+JLgU0AodUDdSoLAkvRgi3U9M1htVxfN19aTe0mg6GVOBTo
kniOxUkuAUD3++jNiMayuftjsGDV1lRgfscJzsjfPcnlNryEHFNWJeWsmg1D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org