Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/hfPRmCE74vLfHrA1gIwQjg2bTu4.roa
File:                     hfPRmCE74vLfHrA1gIwQjg2bTu4.roa (raw, json)
Hash identifier:          5hlmylXwREPBct1Iqwu0UtFfD44YqP++BIx9Zo7DCTg=
Subject key identifier:   85:F3:D1:98:21:3B:E2:F2:DF:1E:B0:35:80:8C:10:8E:0D:9B:4E:EE
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       01879ED8803AC5251F992CC20E956A49E94A
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/hfPRmCE74vLfHrA1gIwQjg2bTu4.roa
Signing time:             Thu 20 Apr 2023 13:26:41 +0000
ROA not before:           Thu 20 Apr 2023 13:26:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        77.91.75.0/24 maxlen: 24
                          77.91.74.0/24 maxlen: 24
                          77.91.73.0/24 maxlen: 24
                          77.91.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:d8:80:3a:c5:25:1f:99:2c:c2:0e:95:6a:49:e9:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Apr 20 13:26:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85f3d198213be2f2df1eb035808c108e0d9b4eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:af:86:7a:66:10:d1:65:97:02:d0:cf:6f:32:
                    71:32:1d:7c:de:86:28:e6:0f:db:3e:87:58:bd:4e:
                    1d:59:75:3c:2d:3b:69:26:05:ac:d1:6e:ff:42:3b:
                    11:ca:f7:d4:00:b0:5f:d1:a2:d5:66:1a:2d:f2:f5:
                    b7:23:d2:f0:92:9d:39:8e:f4:1b:7b:32:a1:21:69:
                    83:96:29:be:da:35:f1:b8:77:98:4d:2c:4f:a2:2a:
                    34:d2:a0:c4:36:4f:e8:a8:e1:6f:8a:2f:64:7f:0f:
                    f8:83:ea:ff:50:d1:45:c1:2a:35:37:3c:b3:67:6e:
                    f2:5b:f2:28:42:bd:fc:49:4d:08:97:53:e7:2c:a2:
                    df:da:f7:38:11:6e:85:7c:e1:ee:42:d7:f8:94:b2:
                    fc:31:13:86:ee:02:67:f1:49:e9:b5:48:6e:4a:fe:
                    e7:59:c8:11:11:e7:7b:61:a5:f5:85:b0:2b:09:ae:
                    25:ac:09:78:b7:0e:5f:23:50:ad:37:aa:56:05:28:
                    c4:88:63:b2:cb:ff:b7:76:3d:80:31:b5:cc:60:7e:
                    a6:20:35:71:7d:50:93:55:1e:95:0d:45:22:56:e8:
                    5f:92:4c:73:3d:4e:a5:0e:ff:09:b8:0e:66:29:54:
                    c1:29:f6:34:f1:1f:02:67:03:d6:1d:3e:30:ef:c5:
                    70:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:F3:D1:98:21:3B:E2:F2:DF:1E:B0:35:80:8C:10:8E:0D:9B:4E:EE
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/hfPRmCE74vLfHrA1gIwQjg2bTu4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:f2:c5:38:8d:17:61:ce:2d:2a:c9:68:44:77:78:20:97:8b:
         f6:38:24:98:54:84:2a:ee:a7:78:54:1e:97:ea:cf:90:2f:fe:
         a8:f2:fa:08:12:d3:e5:8d:ae:60:9d:ed:b6:b2:18:9f:b0:94:
         6e:90:04:d8:0b:eb:f5:e7:6e:88:c9:4b:79:75:00:1f:81:f1:
         ea:7a:fc:5b:6c:09:48:78:37:68:fe:e7:42:2e:dc:40:25:86:
         e2:4f:a5:88:bf:88:e0:c9:42:b7:9b:52:56:e7:95:43:ae:c0:
         58:42:ce:c3:44:ef:74:89:db:50:c0:77:80:25:eb:15:fa:c8:
         30:97:27:84:4c:ab:17:4d:5e:a3:0f:14:22:14:21:9d:b2:5e:
         00:1d:ef:c4:a7:cc:c4:37:59:a6:d6:0f:fa:68:8c:bf:d4:90:
         b3:e7:71:6c:e0:b5:45:1e:36:2f:d1:6e:06:18:64:7c:b5:c7:
         99:5c:89:15:f5:51:1b:94:e0:b1:77:24:aa:80:28:07:8b:59:
         bc:fd:44:a1:c1:1d:59:32:21:ff:fd:f7:77:35:29:c8:b1:61:
         85:8d:95:eb:d5:dd:f5:59:93:d1:c7:ed:89:da:00:86:09:24:
         85:53:a5:3d:cd:93:15:86:16:26:62:93:ea:a6:0e:db:17:9e:
         f5:7a:83:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYee2IA6xSUfmSzCDpVqSelKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMwNDIwMTMyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWYzZDE5ODIxM2JlMmYyZGYxZWIwMzU4MDhjMTA4ZTBkOWI0ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq+GemYQ0WWXAtDPbzJxMh183oYo
5g/bPodYvU4dWXU8LTtpJgWs0W7/QjsRyvfUALBf0aLVZhot8vW3I9Lwkp05jvQb
ezKhIWmDlim+2jXxuHeYTSxPoio00qDENk/oqOFvii9kfw/4g+r/UNFFwSo1Nzyz
Z27yW/IoQr38SU0Il1PnLKLf2vc4EW6FfOHuQtf4lLL8MROG7gJn8UnptUhuSv7n
WcgREed7YaX1hbArCa4lrAl4tw5fI1CtN6pWBSjEiGOyy/+3dj2AMbXMYH6mIDVx
fVCTVR6VDUUiVuhfkkxzPU6lDv8JuA5mKVTBKfY08R8CZwPWHT4w78Vw1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXz0ZghO+Ly3x6wNYCMEI4Nm07uMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvaGZQUm1DRTc0dkxmSHJBMWdJd1FqZzJiVHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTVtIMA0G
CSqGSIb3DQEBCwUAA4IBAQBK8sU4jRdhzi0qyWhEd3ggl4v2OCSYVIQq7qd4VB6X
6s+QL/6o8voIEtPlja5gne22shifsJRukATYC+v1526IyUt5dQAfgfHqevxbbAlI
eDdo/udCLtxAJYbiT6WIv4jgyUK3m1JW55VDrsBYQs7DRO90idtQwHeAJesV+sgw
lyeETKsXTV6jDxQiFCGdsl4AHe/Ep8zEN1mm1g/6aIy/1JCz53Fs4LVFHjYv0W4G
GGR8tceZXIkV9VEblOCxdySqgCgHi1m8/UShwR1ZMiH//fd3NSnIsWGFjZXr1d31
WZPRx+2J2gCGCSSFU6U9zZMVhhYmYpPqpg7bF571eoND
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org