Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SsqH1fj8EiOumXve7figt5DRMRo.roa
File:                     SsqH1fj8EiOumXve7figt5DRMRo.roa (raw, json)
Hash identifier:          hPr4GO/pDF3ZH7/UXJ38nIsJJGvc4u4nWklRHrffWOo=
Subject key identifier:   4A:CA:87:D5:F8:FC:12:23:AE:99:7B:DE:ED:F8:A0:B7:90:D1:31:1A
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       01879ED2188D596251E3020B0D3A8F1FBE8B
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SsqH1fj8EiOumXve7figt5DRMRo.roa
Signing time:             Thu 20 Apr 2023 13:19:41 +0000
ROA not before:           Thu 20 Apr 2023 13:19:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203727
IP address blocks:        77.91.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:d2:18:8d:59:62:51:e3:02:0b:0d:3a:8f:1f:be:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Apr 20 13:19:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4aca87d5f8fc1223ae997bdeedf8a0b790d1311a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:a4:c2:1c:0a:ff:cf:96:56:c8:e0:4c:db:87:
                    05:12:a4:e1:66:6c:19:31:5d:c4:81:7c:fd:ea:49:
                    0f:3a:7d:3f:9d:95:2f:80:58:79:70:b4:9f:1c:ee:
                    46:4a:2a:dd:7b:a5:b9:15:b4:b1:f5:93:65:2e:fb:
                    46:c4:cd:96:de:87:60:1a:72:f4:cd:c1:42:d0:f6:
                    73:fc:58:35:1d:4e:f9:da:4c:2b:19:9d:c6:ef:03:
                    fe:09:80:2b:4c:b0:e4:78:10:df:76:03:b5:0a:ab:
                    68:84:0d:23:01:91:a0:09:5b:4e:92:7d:90:a9:a2:
                    ca:16:97:2c:cb:db:9b:18:d9:af:8f:fa:5d:13:ef:
                    8f:e5:e3:c9:fa:25:a5:d0:6d:68:85:ae:79:c5:af:
                    ea:01:87:0b:c8:b0:7d:2b:25:2e:10:a6:a5:4f:2b:
                    7d:ba:6e:ad:9f:f0:bd:ca:f9:33:a0:62:c4:3f:37:
                    8d:ca:8c:54:e1:7d:a6:75:6a:27:6f:e6:25:bc:19:
                    da:97:4b:9a:56:ec:d4:b6:58:7b:a9:b0:5b:52:c8:
                    30:77:04:f6:92:2b:db:e3:69:61:32:58:0a:1e:6d:
                    8f:d7:df:ab:ec:53:1a:d9:93:3e:4f:73:71:da:67:
                    6c:9b:a4:6e:24:e2:34:f1:e8:74:84:eb:e3:0b:7f:
                    e4:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:CA:87:D5:F8:FC:12:23:AE:99:7B:DE:ED:F8:A0:B7:90:D1:31:1A
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SsqH1fj8EiOumXve7figt5DRMRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:b6:07:17:28:7d:c1:a8:70:1a:b7:e3:ff:70:00:de:7e:c6:
         3b:13:6f:cb:c5:27:7f:99:83:c3:7a:4f:74:30:7a:f0:ed:bf:
         3e:d8:05:1b:bf:20:4d:79:d0:01:57:0e:f0:e0:ab:ea:93:50:
         55:c9:25:e4:28:0c:ca:35:79:9e:a5:d0:2b:d7:68:5f:d9:d3:
         c9:c5:e8:ef:3a:24:3b:32:cc:02:e8:fc:22:f7:53:fa:b1:02:
         2a:c5:41:59:9c:0d:7e:5d:53:fe:f3:c9:00:75:a9:7f:5a:64:
         07:33:75:6f:51:a8:49:37:a7:85:71:15:d7:22:09:ac:23:19:
         89:07:4f:67:7c:55:e5:d4:21:f4:c6:9c:ea:72:db:c8:10:6c:
         1b:f7:5a:ca:73:f8:3b:07:3f:63:7d:50:74:f9:ce:f3:6f:a9:
         6e:a0:4b:73:6a:c5:68:50:b2:21:94:4b:2c:cb:12:a1:53:d1:
         67:e8:4d:8a:df:55:9d:77:de:39:63:c9:e1:ca:ba:26:6e:c5:
         00:1b:66:bf:8e:4d:84:cb:ee:22:cd:91:2d:5b:9d:94:71:67:
         98:97:ac:d6:43:b6:78:2b:bc:74:70:db:a1:3f:1e:4f:d4:4b:
         27:c9:a4:70:81:8c:88:7a:d6:69:9c:2b:a7:5f:bf:5f:25:34:
         90:38:d5:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYee0hiNWWJR4wILDTqPH76LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMwNDIwMTMxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNhODdkNWY4ZmMxMjIzYWU5OTdiZGVlZGY4YTBiNzkwZDEzMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqTCHAr/z5ZWyOBM24cFEqThZmwZ
MV3EgXz96kkPOn0/nZUvgFh5cLSfHO5GSirde6W5FbSx9ZNlLvtGxM2W3odgGnL0
zcFC0PZz/Fg1HU752kwrGZ3G7wP+CYArTLDkeBDfdgO1CqtohA0jAZGgCVtOkn2Q
qaLKFpcsy9ubGNmvj/pdE++P5ePJ+iWl0G1oha55xa/qAYcLyLB9KyUuEKalTyt9
um6tn/C9yvkzoGLEPzeNyoxU4X2mdWonb+YlvBnal0uaVuzUtlh7qbBbUsgwdwT2
kivb42lhMlgKHm2P19+r7FMa2ZM+T3Nx2mdsm6RuJOI08eh0hOvjC3/k2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErKh9X4/BIjrpl73u34oLeQ0TEaMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvU3NxSDFmajhFaU91bVh2ZTdmaWd0NURSTVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtEMA0G
CSqGSIb3DQEBCwUAA4IBAQCdtgcXKH3BqHAat+P/cADefsY7E2/LxSd/mYPDek90
MHrw7b8+2AUbvyBNedABVw7w4Kvqk1BVySXkKAzKNXmepdAr12hf2dPJxejvOiQ7
MswC6Pwi91P6sQIqxUFZnA1+XVP+88kAdal/WmQHM3VvUahJN6eFcRXXIgmsIxmJ
B09nfFXl1CH0xpzqctvIEGwb91rKc/g7Bz9jfVB0+c7zb6luoEtzasVoULIhlEss
yxKhU9Fn6E2K31Wdd945Y8nhyrombsUAG2a/jk2Ey+4izZEtW52UcWeYl6zWQ7Z4
K7x0cNuhPx5P1EsnyaRwgYyIetZpnCunX79fJTSQONUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org