Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SnBlBSCpZInM8iENTnPnNv7Tp54.roa
File:                     SnBlBSCpZInM8iENTnPnNv7Tp54.roa (raw, json)
Hash identifier:          FRBfTdjdA06ydt1isVA18tWfRQ87f8Hz1djmXeu5wFA=
Subject key identifier:   4A:70:65:05:20:A9:64:89:CC:F2:21:0D:4E:73:E7:36:FE:D3:A7:9E
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       018CA5C19D2B867F97B9EC8361974CDE4445
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SnBlBSCpZInM8iENTnPnNv7Tp54.roa
Signing time:             Tue 26 Dec 2023 10:52:58 +0000
ROA not before:           Tue 26 Dec 2023 10:52:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42861
IP address blocks:        77.91.66.0/24 maxlen: 24
                          77.91.65.0/24 maxlen: 24
                          77.91.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:a5:c1:9d:2b:86:7f:97:b9:ec:83:61:97:4c:de:44:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Dec 26 10:52:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a70650520a96489ccf2210d4e73e736fed3a79e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a5:1a:26:44:08:ac:d2:2b:6f:e9:36:47:ab:
                    21:8b:e9:d2:e5:a4:d0:f1:6b:bb:dd:26:ec:84:25:
                    b7:4c:2d:3a:4e:30:c2:55:8b:65:03:2f:61:b5:3f:
                    fb:26:e5:c9:05:4b:63:98:0f:2f:d0:0f:90:74:8b:
                    9e:32:c1:82:30:bc:05:88:7f:4a:ca:7a:98:6b:21:
                    bd:5b:cd:7c:4f:e6:73:b4:40:af:16:ef:b0:42:6f:
                    b5:68:04:76:4d:4c:13:ea:35:45:4a:62:f2:af:01:
                    da:bc:db:61:17:8f:80:70:f9:f4:4e:31:57:8a:39:
                    d9:27:a1:27:5a:69:f5:d1:6a:1a:a5:f9:c2:d6:a4:
                    7f:52:35:47:f2:bf:73:47:a1:f7:72:7b:30:9d:b9:
                    1c:74:be:64:5c:11:09:d7:47:e7:47:89:53:d1:6d:
                    5e:71:be:46:3c:e1:3b:03:a4:3e:8d:20:a1:85:31:
                    71:f1:ef:83:7c:3a:0e:44:af:46:94:c6:b1:36:88:
                    7f:6d:ae:f9:20:71:c4:41:b7:e0:a5:84:44:7a:ca:
                    38:68:00:43:f7:43:d6:10:98:cc:d9:66:2e:5b:ac:
                    78:ac:d1:7d:64:d7:0a:f1:e6:9e:f9:69:02:bb:03:
                    bb:1f:4f:da:df:d4:84:59:36:12:af:b5:6d:bc:f7:
                    47:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:70:65:05:20:A9:64:89:CC:F2:21:0D:4E:73:E7:36:FE:D3:A7:9E
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SnBlBSCpZInM8iENTnPnNv7Tp54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.65.0-77.91.66.255
                  77.91.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:84:8e:12:99:97:d5:05:87:d1:3f:3a:fc:95:0b:47:52:af:
         ce:22:fe:23:d8:15:72:82:a7:c2:12:f6:9c:b2:ec:86:1c:68:
         d4:57:d4:21:1c:45:1a:46:12:14:a5:7a:3e:cf:ef:74:7f:6d:
         ec:de:58:68:f7:4f:73:df:a0:8a:fb:f7:9d:99:8c:bf:29:6b:
         2a:83:6b:75:80:bd:b8:12:17:21:e1:51:7c:3b:91:68:4f:31:
         76:c3:a2:b5:d2:4b:45:95:df:53:2e:48:d3:5a:fd:50:58:be:
         ac:03:a4:8f:9f:7a:3b:29:ad:c9:94:b5:cc:19:6e:89:12:ba:
         06:7b:c0:7d:42:4d:a0:31:a3:36:41:48:e6:c9:14:17:71:34:
         16:b6:1b:55:bb:94:70:8c:81:14:f6:84:46:c8:f3:56:35:21:
         8a:f0:41:2c:c2:77:ad:cf:45:85:57:2e:16:9e:1a:ae:8b:7e:
         7f:83:c9:00:42:55:cd:1a:36:32:84:b5:a5:3d:16:8b:68:ed:
         b1:2a:8b:5b:c8:1f:84:cf:8b:0b:96:28:8b:2e:00:87:3e:19:
         2a:1e:91:b8:3e:ee:9d:47:df:d1:36:d7:8b:5e:e2:12:28:0f:
         be:7b:63:0d:99:3e:00:93:b6:49:74:e6:24:05:66:e8:80:b5:
         08:e6:10:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYylwZ0rhn+XueyDYZdM3kRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMxMjI2MTA1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTcwNjUwNTIwYTk2NDg5Y2NmMjIxMGQ0ZTczZTczNmZlZDNhNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6UaJkQIrNIrb+k2R6shi+nS5aTQ
8Wu73SbshCW3TC06TjDCVYtlAy9htT/7JuXJBUtjmA8v0A+QdIueMsGCMLwFiH9K
ynqYayG9W818T+ZztECvFu+wQm+1aAR2TUwT6jVFSmLyrwHavNthF4+AcPn0TjFX
ijnZJ6EnWmn10WoapfnC1qR/UjVH8r9zR6H3cnswnbkcdL5kXBEJ10fnR4lT0W1e
cb5GPOE7A6Q+jSChhTFx8e+DfDoORK9GlMaxNoh/ba75IHHEQbfgpYREeso4aABD
90PWEJjM2WYuW6x4rNF9ZNcK8eae+WkCuwO7H0/a39SEWTYSr7VtvPdH1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEpwZQUgqWSJzPIhDU5z5zb+06eeMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvU25CbEJTQ3BaSW5NOGlFTlRuUG5OdjdUcDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABNW0ED
BABNW0IDBABNW0wwDQYJKoZIhvcNAQELBQADggEBAGeEjhKZl9UFh9E/OvyVC0dS
r84i/iPYFXKCp8IS9pyy7IYcaNRX1CEcRRpGEhSlej7P73R/bezeWGj3T3PfoIr7
952ZjL8payqDa3WAvbgSFyHhUXw7kWhPMXbDorXSS0WV31MuSNNa/VBYvqwDpI+f
ejsprcmUtcwZbokSugZ7wH1CTaAxozZBSObJFBdxNBa2G1W7lHCMgRT2hEbI81Y1
IYrwQSzCd63PRYVXLhaeGq6Lfn+DyQBCVc0aNjKEtaU9Foto7bEqi1vIH4TPiwuW
KIsuAIc+GSoekbg+7p1H39E214te4hIoD757Yw2ZPgCTtkl05iQFZuiAtQjmEPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:42 2024 by rpki-client on console-ams.rpki-client.org