Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/Lc3ZgBcdVbxqTWD-1lGyCFmPeLg.roa
File:                     Lc3ZgBcdVbxqTWD-1lGyCFmPeLg.roa (raw, json)
Hash identifier:          cbY1CLcz2fkHKI+T0Ll/lfYWYsrBqd+H28Wc+988O4g=
Subject key identifier:   2D:CD:D9:80:17:1D:55:BC:6A:4D:60:FE:D6:51:B2:08:59:8F:78:B8
Certificate issuer:       /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial:       01889049224AA187C5990386AED05CEABFF0
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/Lc3ZgBcdVbxqTWD-1lGyCFmPeLg.roa
Signing time:             Tue 06 Jun 2023 10:38:11 +0000
ROA not before:           Tue 06 Jun 2023 10:38:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39273
IP address blocks:        77.92.165.0/24 maxlen: 24
                          77.92.166.0/24 maxlen: 24
                          77.92.163.0/24 maxlen: 24
                          77.92.164.0/24 maxlen: 24
                          77.92.161.0/24 maxlen: 24
                          77.92.160.0/21 maxlen: 21
                          77.92.162.0/24 maxlen: 24
                          77.92.160.0/19 maxlen: 19
                          77.92.160.0/24 maxlen: 24
                          77.92.172.0/24 maxlen: 24
                          77.92.170.0/24 maxlen: 24
                          77.92.171.0/24 maxlen: 24
                          77.92.168.0/24 maxlen: 24
                          77.92.169.0/24 maxlen: 24
                          77.92.167.0/24 maxlen: 24
                          77.92.168.0/21 maxlen: 21
                          77.92.173.0/24 maxlen: 24
                          77.92.179.0/24 maxlen: 24
                          77.92.177.0/24 maxlen: 24
                          77.92.178.0/24 maxlen: 24
                          77.92.175.0/24 maxlen: 24
                          77.92.176.0/24 maxlen: 24
                          77.92.176.0/21 maxlen: 21
                          77.92.174.0/24 maxlen: 24
                          77.92.186.0/24 maxlen: 24
                          77.92.184.0/21 maxlen: 21
                          77.92.184.0/24 maxlen: 24
                          77.92.185.0/24 maxlen: 24
                          77.92.182.0/24 maxlen: 24
                          77.92.183.0/24 maxlen: 24
                          77.92.181.0/24 maxlen: 24
                          77.92.180.0/24 maxlen: 24
                          77.92.187.0/24 maxlen: 24
                          77.92.191.0/24 maxlen: 24
                          77.92.189.0/24 maxlen: 24
                          77.92.190.0/24 maxlen: 24
                          77.92.188.0/24 maxlen: 24
                          78.110.79.0/24 maxlen: 24
                          81.22.25.0/24 maxlen: 24
                          81.22.26.0/24 maxlen: 24
                          81.22.30.0/24 maxlen: 24
                          81.22.31.0/24 maxlen: 24
                          81.22.28.0/24 maxlen: 24
                          81.22.29.0/24 maxlen: 24
                          81.22.27.0/24 maxlen: 24
                          81.22.16.0/20 maxlen: 20
                          81.22.16.0/24 maxlen: 24
                          81.22.17.0/24 maxlen: 24
                          81.22.23.0/24 maxlen: 24
                          81.22.24.0/24 maxlen: 24
                          81.22.21.0/24 maxlen: 24
                          81.22.22.0/24 maxlen: 24
                          81.22.20.0/24 maxlen: 24
                          81.22.18.0/24 maxlen: 24
                          81.22.19.0/24 maxlen: 24
                          78.110.64.0/24 maxlen: 24
                          78.110.64.0/20 maxlen: 20
                          78.110.64.0/21 maxlen: 21
                          78.110.70.0/24 maxlen: 24
                          78.110.71.0/24 maxlen: 24
                          78.110.68.0/24 maxlen: 24
                          78.110.69.0/24 maxlen: 24
                          78.110.67.0/24 maxlen: 24
                          78.110.65.0/24 maxlen: 24
                          78.110.66.0/24 maxlen: 24
                          78.110.75.0/24 maxlen: 24
                          78.110.77.0/24 maxlen: 24
                          77.83.91.0/24 maxlen: 24
                          78.110.78.0/24 maxlen: 24
                          77.83.89.0/24 maxlen: 24
                          78.110.76.0/24 maxlen: 24
                          77.83.90.0/24 maxlen: 24
                          78.110.74.0/24 maxlen: 24
                          77.83.88.0/24 maxlen: 24
                          77.83.88.0/22 maxlen: 22
                          78.110.72.0/21 maxlen: 21
                          78.110.72.0/24 maxlen: 24
                          78.110.73.0/24 maxlen: 24
                          87.236.50.0/24 maxlen: 24
                          87.236.48.0/21 maxlen: 21
                          87.236.51.0/24 maxlen: 24
                          87.236.48.0/22 maxlen: 22
                          87.236.48.0/24 maxlen: 24
                          87.236.49.0/24 maxlen: 24
                          185.33.178.0/24 maxlen: 24
                          185.33.179.0/24 maxlen: 24
                          185.33.177.0/24 maxlen: 24
                          185.33.176.0/24 maxlen: 24
                          185.33.176.0/22 maxlen: 22
                          87.236.54.0/24 maxlen: 24
                          87.236.52.0/22 maxlen: 22
                          87.236.52.0/24 maxlen: 24
                          87.236.53.0/24 maxlen: 24
                          87.236.55.0/24 maxlen: 24
                          2a04:8ac0::/29 maxlen: 29
                          2a00:6600::/29 maxlen: 29
                          2a00:6600::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:90:49:22:4a:a1:87:c5:99:03:86:ae:d0:5c:ea:bf:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
        Validity
            Not Before: Jun  6 10:38:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2dcdd980171d55bc6a4d60fed651b208598f78b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:be:3e:ae:5d:a4:79:8b:85:bc:6c:57:ea:dc:
                    a6:90:64:a1:6b:e6:af:33:e3:be:fb:04:83:f0:1c:
                    ae:51:3d:14:ee:46:be:90:52:5f:35:fe:1d:28:3a:
                    7f:3b:55:08:91:3a:18:a1:0e:93:f7:a9:86:44:cd:
                    b4:08:2a:49:40:b1:5c:8e:6f:a8:bf:94:e2:07:43:
                    16:21:68:6c:31:6f:71:9c:01:66:fa:82:09:d3:21:
                    d9:0d:58:86:8a:e2:a3:90:07:eb:89:d0:74:4b:c7:
                    f2:52:5e:8b:12:c6:36:f1:f4:3c:ed:c9:d7:ba:c7:
                    79:39:3a:54:d4:1e:60:e9:4d:7f:83:7a:3b:4a:4b:
                    04:d9:46:d4:2d:e7:ad:e2:9b:ba:58:e4:ff:73:b4:
                    b5:ea:fe:26:52:32:ff:fe:a9:45:66:be:97:75:a1:
                    2c:ad:03:21:ba:69:09:f1:db:42:a2:33:02:ca:71:
                    0d:dc:7e:50:15:75:7f:64:e6:ad:2d:3c:b4:58:2b:
                    f5:65:be:ee:99:a3:b5:4f:18:2b:19:d9:d3:38:b5:
                    31:86:e4:1b:3f:8e:af:de:a9:89:5f:17:ba:bc:ea:
                    7d:50:7e:cf:ab:25:58:a7:a0:c8:1f:e7:76:9d:6c:
                    c5:ea:01:34:6a:8e:0e:b7:fa:cd:54:a7:d8:33:a1:
                    02:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:CD:D9:80:17:1D:55:BC:6A:4D:60:FE:D6:51:B2:08:59:8F:78:B8
            X509v3 Authority Key Identifier:
                keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/Lc3ZgBcdVbxqTWD-1lGyCFmPeLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.88.0/22
                  77.92.160.0/19
                  78.110.64.0/20
                  81.22.16.0/20
                  87.236.48.0/21
                  185.33.176.0/22
                IPv6:
                  2a00:6600::/29
                  2a04:8ac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         05:d8:dc:ea:a2:d0:91:c8:76:bd:80:92:39:43:cf:5b:28:ec:
         25:85:5c:51:08:fe:46:70:00:57:c7:e0:61:54:2b:1d:6b:9c:
         24:f5:aa:c8:64:5a:7b:fd:09:31:bc:f3:9e:cc:df:94:c9:e6:
         1d:92:38:db:41:b6:8b:5e:9d:6a:3b:f3:9a:9b:c8:00:c0:b3:
         e6:8c:4f:41:ac:f2:1f:1f:49:56:c2:df:d1:9f:8c:8d:07:3e:
         b4:35:ba:8f:31:38:89:2e:2c:d3:cd:29:6f:9f:46:d1:93:20:
         af:07:bb:30:0b:44:8d:a7:9b:a0:55:96:c6:7f:50:fb:33:aa:
         55:79:3b:43:bb:21:74:5a:17:28:82:40:58:74:49:6f:cc:25:
         ce:b4:e7:7d:77:08:2c:18:94:04:53:08:ce:8a:49:3a:ab:81:
         76:8e:5b:b1:3a:a0:e6:f0:23:ee:c2:60:f6:c3:8c:c5:d6:b4:
         66:9d:59:12:5e:65:76:6a:34:16:2c:28:92:ce:bc:c1:86:67:
         6e:c7:1b:3f:1e:73:45:14:4b:60:04:e2:4d:8c:0c:fd:45:32:
         b0:ad:96:57:a6:a3:57:d8:1f:a3:9e:d8:49:fc:1a:4f:b1:a6:
         c0:6d:62:9b:9d:91:0f:79:d4:93:4c:50:8f:f4:e7:49:15:2f:
         4e:21:ee:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYiQSSJKoYfFmQOGrtBc6r/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjMwNjA2MTAzODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNkZDk4MDE3MWQ1NWJjNmE0ZDYwZmVkNjUxYjIwODU5OGY3OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb4+rl2keYuFvGxX6tymkGSha+av
M+O++wSD8ByuUT0U7ka+kFJfNf4dKDp/O1UIkToYoQ6T96mGRM20CCpJQLFcjm+o
v5TiB0MWIWhsMW9xnAFm+oIJ0yHZDViGiuKjkAfridB0S8fyUl6LEsY28fQ87cnX
usd5OTpU1B5g6U1/g3o7SksE2UbULeet4pu6WOT/c7S16v4mUjL//qlFZr6XdaEs
rQMhumkJ8dtCojMCynEN3H5QFXV/ZOatLTy0WCv1Zb7umaO1TxgrGdnTOLUxhuQb
P46v3qmJXxe6vOp9UH7PqyVYp6DIH+d2nWzF6gE0ao4Ot/rNVKfYM6ECsQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFC3N2YAXHVW8ak1g/tZRsghZj3i4MB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvTGMzWmdCY2RWYnhxVFdELTFsR3lDRm1QZUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCTVNYAwQF
TVygAwQETm5AAwQEURYQAwQDV+wwAwQCuSGwMBQEAgACMA4DBQMqAGYAAwUDKgSK
wDANBgkqhkiG9w0BAQsFAAOCAQEABdjc6qLQkch2vYCSOUPPWyjsJYVcUQj+RnAA
V8fgYVQrHWucJPWqyGRae/0JMbzznszflMnmHZI420G2i16dajvzmpvIAMCz5oxP
QazyHx9JVsLf0Z+MjQc+tDW6jzE4iS4s080pb59G0ZMgrwe7MAtEjaeboFWWxn9Q
+zOqVXk7Q7shdFoXKIJAWHRJb8wlzrTnfXcILBiUBFMIzopJOquBdo5bsTqg5vAj
7sJg9sOMxda0Zp1ZEl5ldmo0Fiwoks68wYZnbscbPx5zRRRLYATiTYwM/UUysK2W
V6ajV9gfo57YSfwaT7GmwG1im52RD3nUk0xQj/TnSRUvTiHuFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:03 2024 by rpki-client on console-ams.rpki-client.org