Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/dENwWg20YaL0an-wDJpHcu7FHWg.roa
File:                     dENwWg20YaL0an-wDJpHcu7FHWg.roa (raw, json)
Hash identifier:          u3MSQJXETF4UIVMjavGGcf1fcDcdvkU8ynD3mBqowpU=
Subject key identifier:   74:43:70:5A:0D:B4:61:A2:F4:6A:7F:B0:0C:9A:47:72:EE:C5:1D:68
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       01879ED880F9556ACE582328020291AAB1B8
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/dENwWg20YaL0an-wDJpHcu7FHWg.roa
Signing time:             Thu 20 Apr 2023 13:26:41 +0000
ROA not before:           Thu 20 Apr 2023 13:26:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199417
IP address blocks:        77.91.77.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:d8:80:f9:55:6a:ce:58:23:28:02:02:91:aa:b1:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Apr 20 13:26:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7443705a0db461a2f46a7fb00c9a4772eec51d68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ed:53:8c:1f:19:ef:f6:56:30:0b:34:3b:b9:
                    0e:bd:b0:e8:c1:88:1f:6d:32:f2:b2:dd:67:a8:84:
                    33:f6:fd:e3:55:8a:e7:d6:15:48:54:a1:93:52:01:
                    c6:13:98:e3:c4:c6:43:59:95:00:25:02:23:f9:85:
                    c8:99:50:03:53:48:99:d5:fd:31:c5:36:89:4d:0d:
                    6a:53:a1:1c:30:66:4c:52:32:d3:d8:d0:74:bf:7e:
                    67:a2:e9:ed:d5:d3:e9:41:86:ba:b5:19:45:a7:22:
                    20:dd:c8:47:03:0e:2e:98:78:d0:1a:05:04:45:72:
                    d1:ff:a6:7d:b0:3f:05:4f:5e:7e:6c:bf:25:56:7a:
                    89:4d:ea:c9:7c:8d:c7:10:a1:63:1d:be:c3:4c:7b:
                    0a:6a:76:00:bf:41:1c:ae:03:0a:37:ba:93:e3:d4:
                    cf:2d:47:9b:96:81:3d:22:62:e2:79:7b:8a:0e:30:
                    95:2d:fc:dc:a5:24:0f:5d:88:5f:db:de:9e:92:0d:
                    a9:50:47:83:03:55:52:cd:63:07:09:a8:7e:dc:be:
                    24:d6:2c:e8:3b:e0:7a:fe:8f:61:8a:b8:f4:81:17:
                    05:6f:2a:d2:13:27:29:90:8f:60:9f:ad:fc:b7:3a:
                    b7:18:c7:f1:8d:8f:ed:aa:6e:22:0e:bd:30:14:06:
                    cf:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:43:70:5A:0D:B4:61:A2:F4:6A:7F:B0:0C:9A:47:72:EE:C5:1D:68
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/dENwWg20YaL0an-wDJpHcu7FHWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:c4:f5:1d:11:96:bf:ae:22:ea:69:82:e2:b1:03:a2:d7:ce:
         b7:ab:fc:80:29:49:ed:73:78:e9:37:8f:99:3f:80:58:4b:25:
         55:6f:d8:63:1d:bd:04:41:d9:05:d1:b3:a2:96:9a:60:19:48:
         d1:c1:6e:32:11:e9:6f:de:2c:85:cf:d3:a3:c5:31:5e:6a:99:
         b8:e2:94:05:13:4a:34:a2:73:c9:9a:f1:cc:0e:79:a7:18:33:
         f8:25:77:2d:50:e9:61:52:f1:02:f0:1a:0e:1e:01:9f:4d:f2:
         0c:6d:a8:92:c7:bc:3b:18:5b:e5:33:61:d9:81:c2:c3:3a:fd:
         eb:43:47:99:00:f2:ff:d1:bd:3f:e0:c5:d6:f9:8d:5b:b1:4c:
         d2:2a:95:3f:e7:d7:54:2c:dc:d8:c2:99:9f:4e:75:94:bb:12:
         53:09:a0:d1:8a:57:be:1f:f1:b0:93:ca:b1:7a:90:83:bf:03:
         59:01:4e:95:4f:52:33:3c:01:c4:39:83:e1:07:83:be:fe:b3:
         af:d6:11:3d:6d:ae:1f:b0:80:8e:49:3b:fb:9c:3f:3f:19:dd:
         0f:83:d6:2b:9c:bf:ec:5b:61:cf:a0:04:0d:37:b3:9c:82:dd:
         6a:a2:68:bf:85:c9:66:c7:b4:e0:ec:75:8c:f0:a5:5f:68:25:
         91:e0:74:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYee2ID5VWrOWCMoAgKRqrG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMwNDIwMTMyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQzNzA1YTBkYjQ2MWEyZjQ2YTdmYjAwYzlhNDc3MmVlYzUxZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+1TjB8Z7/ZWMAs0O7kOvbDowYgf
bTLyst1nqIQz9v3jVYrn1hVIVKGTUgHGE5jjxMZDWZUAJQIj+YXImVADU0iZ1f0x
xTaJTQ1qU6EcMGZMUjLT2NB0v35nount1dPpQYa6tRlFpyIg3chHAw4umHjQGgUE
RXLR/6Z9sD8FT15+bL8lVnqJTerJfI3HEKFjHb7DTHsKanYAv0EcrgMKN7qT49TP
LUebloE9ImLieXuKDjCVLfzcpSQPXYhf296ekg2pUEeDA1VSzWMHCah+3L4k1izo
O+B6/o9hirj0gRcFbyrSEycpkI9gn638tzq3GMfxjY/tqm4iDr0wFAbPSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRDcFoNtGGi9Gp/sAyaR3LuxR1oMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvZEVOd1dnMjBZYUwwYW4td0RKcEhjdTdGSFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtNMA0G
CSqGSIb3DQEBCwUAA4IBAQCCxPUdEZa/riLqaYLisQOi1863q/yAKUntc3jpN4+Z
P4BYSyVVb9hjHb0EQdkF0bOilppgGUjRwW4yEelv3iyFz9OjxTFeapm44pQFE0o0
onPJmvHMDnmnGDP4JXctUOlhUvEC8BoOHgGfTfIMbaiSx7w7GFvlM2HZgcLDOv3r
Q0eZAPL/0b0/4MXW+Y1bsUzSKpU/59dULNzYwpmfTnWUuxJTCaDRile+H/Gwk8qx
epCDvwNZAU6VT1IzPAHEOYPhB4O+/rOv1hE9ba4fsICOSTv7nD8/Gd0Pg9YrnL/s
W2HPoAQNN7Ocgt1qomi/hclmx7Tg7HWM8KVfaCWR4HSC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org