Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/U__dZY00PntVFewEPXljUQZIDYs.roa
File:                     U__dZY00PntVFewEPXljUQZIDYs.roa (raw, json)
Hash identifier:          pKwZq0ZijZQPo8QZEnL5PwPzJPPYZf4/5Otj0SDou50=
Subject key identifier:   53:FF:DD:65:8D:34:3E:7B:55:15:EC:04:3D:79:63:51:06:48:0D:8B
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       01879ED8819B7DDB28273B3E75EEC59E907E
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/U__dZY00PntVFewEPXljUQZIDYs.roa
Signing time:             Thu 20 Apr 2023 13:26:41 +0000
ROA not before:           Thu 20 Apr 2023 13:26:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206446
IP address blocks:        77.91.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:d8:81:9b:7d:db:28:27:3b:3e:75:ee:c5:9e:90:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Apr 20 13:26:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53ffdd658d343e7b5515ec043d79635106480d8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:4f:8e:84:35:9b:7c:34:51:b9:18:46:65:ab:
                    b3:fc:0e:78:dd:ed:f9:8f:86:ff:70:4d:d9:b8:05:
                    54:3e:01:08:9f:b5:86:cb:73:9e:6b:23:a4:52:a5:
                    a2:26:28:fd:01:a3:8b:b2:74:69:b3:c5:52:3a:7f:
                    26:59:ab:7f:44:5f:41:85:c3:3b:dc:19:4a:9f:00:
                    1d:09:4d:d1:54:27:81:97:78:0d:79:bd:dc:43:89:
                    e0:3e:4d:a9:51:e5:b2:b3:af:4b:4f:ec:d6:dc:dc:
                    b3:43:8b:48:07:fc:8d:7f:80:bd:81:56:33:a6:43:
                    0f:18:45:f4:54:6d:b4:b3:9d:0c:9a:9d:4d:f3:fc:
                    e2:8e:45:d3:72:61:fa:80:28:51:69:a2:5a:57:52:
                    5d:ce:8f:27:a7:99:12:e9:36:4b:dc:13:21:77:76:
                    2b:f5:84:03:88:c2:b9:55:6e:12:5a:2a:ed:88:2a:
                    ec:fd:04:ce:1d:b2:c8:3f:ee:0e:ff:79:81:0c:66:
                    f5:07:60:c8:5b:08:c1:2f:77:90:da:40:6a:51:33:
                    71:c9:61:d9:c4:23:db:b9:da:0c:28:a5:84:56:db:
                    bb:69:71:d9:ac:40:b1:0a:1f:16:6c:97:b2:41:0e:
                    f2:8b:30:40:82:c5:4d:16:21:c2:6a:e5:62:31:ad:
                    c7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:FF:DD:65:8D:34:3E:7B:55:15:EC:04:3D:79:63:51:06:48:0D:8B
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/U__dZY00PntVFewEPXljUQZIDYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:b9:ed:8e:2e:a9:2a:dd:b8:ba:79:fd:5c:ba:67:bf:41:56:
         19:71:d3:be:33:93:1a:b0:f9:71:62:b3:a0:54:2d:36:5e:ee:
         84:b2:16:dc:e6:6b:db:7d:58:51:9d:5e:c1:ab:79:ae:ca:0e:
         14:81:bd:7d:3f:cb:78:b4:e6:0e:f9:1f:b1:61:b2:4e:e8:9d:
         23:ac:8f:db:94:55:a1:43:1b:9b:e9:1b:fa:6f:80:3b:47:1b:
         8d:5b:71:4f:f9:95:df:6f:4e:22:05:57:9a:5d:7c:ff:fa:61:
         b8:0a:29:1a:a4:ee:d0:52:c7:cf:a9:7d:5e:10:cc:66:fb:d9:
         cd:e5:7b:e7:f5:78:0e:3c:de:da:71:6d:61:4b:35:57:2b:9d:
         0e:69:ad:84:4c:ff:9a:62:ca:68:77:d3:d2:c2:f5:51:84:cc:
         5f:54:ba:93:57:1f:72:8e:9a:cf:61:1d:59:ea:2f:96:85:1b:
         90:c8:63:9f:25:e3:24:05:7b:d5:7b:62:36:09:01:c9:31:8a:
         2e:3e:33:38:63:66:b1:43:81:e3:e2:df:d9:2d:c9:23:e9:9e:
         db:6c:b9:bb:d3:77:35:61:1c:a6:49:13:93:b3:67:a7:1a:e7:
         17:d1:32:66:18:66:d7:6d:ed:71:ad:a5:2f:0f:90:8d:05:1a:
         17:e0:8b:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYee2IGbfdsoJzs+de7FnpB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMwNDIwMTMyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZmZGQ2NThkMzQzZTdiNTUxNWVjMDQzZDc5NjM1MTA2NDgwZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0+OhDWbfDRRuRhGZauz/A543e35
j4b/cE3ZuAVUPgEIn7WGy3OeayOkUqWiJij9AaOLsnRps8VSOn8mWat/RF9BhcM7
3BlKnwAdCU3RVCeBl3gNeb3cQ4ngPk2pUeWys69LT+zW3NyzQ4tIB/yNf4C9gVYz
pkMPGEX0VG20s50Mmp1N8/zijkXTcmH6gChRaaJaV1Jdzo8np5kS6TZL3BMhd3Yr
9YQDiMK5VW4SWirtiCrs/QTOHbLIP+4O/3mBDGb1B2DIWwjBL3eQ2kBqUTNxyWHZ
xCPbudoMKKWEVtu7aXHZrECxCh8WbJeyQQ7yizBAgsVNFiHCauViMa3HZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFP/3WWNND57VRXsBD15Y1EGSA2LMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvVV9fZFpZMDBQbnRWRmV3RVBYbGpVUVpJRFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtFMA0G
CSqGSIb3DQEBCwUAA4IBAQAiue2OLqkq3bi6ef1cume/QVYZcdO+M5MasPlxYrOg
VC02Xu6Eshbc5mvbfVhRnV7Bq3muyg4Ugb19P8t4tOYO+R+xYbJO6J0jrI/blFWh
Qxub6Rv6b4A7RxuNW3FP+ZXfb04iBVeaXXz/+mG4CikapO7QUsfPqX1eEMxm+9nN
5Xvn9XgOPN7acW1hSzVXK50Oaa2ETP+aYspod9PSwvVRhMxfVLqTVx9yjprPYR1Z
6i+WhRuQyGOfJeMkBXvVe2I2CQHJMYouPjM4Y2axQ4Hj4t/ZLckj6Z7bbLm703c1
YRymSROTs2enGucX0TJmGGbXbe1xraUvD5CNBRoX4Itl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org