Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Vg5p4bTbzEEsNsNaszTU-1qOs0o.roa
File:                     Vg5p4bTbzEEsNsNaszTU-1qOs0o.roa (raw, json)
Hash identifier:          //6+Ojkk935YbxuCup76s4BXKdEFo78RmYBDkXedOFo=
Subject key identifier:   56:0E:69:E1:B4:DB:CC:41:2C:36:C3:5A:B3:34:D4:FB:5A:8E:B3:4A
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       01856BEEE75C9F86AE16BC146DF69AF8EBEA
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Vg5p4bTbzEEsNsNaszTU-1qOs0o.roa
Signing time:             Sun 01 Jan 2023 06:04:56 +0000
ROA not before:           Sun 01 Jan 2023 06:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212915
IP address blocks:        77.65.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:e7:5c:9f:86:ae:16:bc:14:6d:f6:9a:f8:eb:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 06:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=560e69e1b4dbcc412c36c35ab334d4fb5a8eb34a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fe:e8:59:0e:f5:ca:d7:47:e4:5a:5b:2a:79:
                    f2:0e:5f:44:1f:94:54:a2:74:1c:7b:5c:58:13:6e:
                    f1:86:3f:0c:c3:8d:fb:77:06:d7:10:da:1a:ef:39:
                    31:c4:37:ad:6e:83:3c:d1:00:f0:85:41:50:0f:01:
                    0d:5f:28:30:02:ac:fe:10:8e:ed:d1:4b:34:c3:61:
                    ac:d4:1d:61:ef:30:5f:1d:1a:90:7e:1a:29:e1:eb:
                    7c:c4:45:e2:e0:a7:91:74:2f:32:e0:bb:64:fc:f0:
                    a5:10:3c:f4:8e:89:6b:c1:32:46:02:95:e1:aa:80:
                    54:09:68:30:13:81:0c:bd:93:05:45:27:e9:98:53:
                    3e:97:e6:9e:67:19:71:04:f2:53:77:50:31:a4:5c:
                    c5:f5:4e:a3:ab:9d:4d:cb:f8:a3:2a:84:56:e9:99:
                    dc:d7:54:75:b2:5d:c2:d3:b0:9d:31:6c:d5:56:c7:
                    d9:1c:14:7d:0c:48:dd:94:26:79:13:4a:25:5e:6d:
                    11:31:f5:24:30:3e:78:5e:05:4e:59:7c:d4:6e:76:
                    bc:6e:83:fc:1d:78:9a:2d:93:d9:73:3b:45:1f:96:
                    13:11:75:04:3b:ce:44:cf:65:aa:05:7a:88:38:46:
                    fe:42:1a:41:ad:da:b2:6e:e6:30:2d:0c:57:6e:f7:
                    84:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0E:69:E1:B4:DB:CC:41:2C:36:C3:5A:B3:34:D4:FB:5A:8E:B3:4A
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Vg5p4bTbzEEsNsNaszTU-1qOs0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.65.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:ba:67:d2:0f:c1:34:05:88:db:77:d8:ea:2a:c8:95:a5:f7:
         1c:3c:b8:8c:f6:69:a6:4c:ed:c6:1a:81:f3:55:45:26:1f:ea:
         4f:36:7c:74:c0:9e:e3:96:ed:27:20:37:0e:63:c0:64:f4:bb:
         48:e6:63:6c:02:ca:b5:f7:3f:2f:25:ea:4f:fe:bd:88:6d:86:
         23:da:9c:63:f0:83:a2:ef:f4:d4:41:fb:40:83:c6:34:5e:29:
         17:a6:9c:ea:70:19:28:4c:23:be:f5:c0:0d:74:08:e3:9e:ff:
         7e:82:f4:30:3a:1f:63:62:57:0c:d2:af:4f:d6:ad:c5:a9:c9:
         5f:0d:b2:1c:2b:24:f7:bb:26:01:00:9a:dc:4a:86:79:1a:46:
         81:8c:4a:5a:e6:8c:37:f5:bc:bd:da:f7:23:94:fd:8c:ff:64:
         34:c8:c3:7e:b5:47:18:d9:df:53:a1:44:9a:07:7d:28:ea:aa:
         a4:60:00:38:1f:2e:fb:27:84:41:67:8d:f6:e5:96:64:ec:2f:
         3c:6f:96:96:cb:12:58:ba:13:7e:46:37:d5:69:96:5d:5a:ee:
         d0:70:07:5e:fe:f4:fc:a9:79:e3:29:f6:10:ad:f2:b6:28:9a:
         03:3c:cc:44:16:12:83:8d:b8:d9:af:d6:c5:c4:d6:d0:50:a9:
         0b:48:f7:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7udcn4auFrwUbfaa+OvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBlNjllMWI0ZGJjYzQxMmMzNmMzNWFiMzM0ZDRmYjVhOGViMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/7oWQ71ytdH5FpbKnnyDl9EH5RU
onQce1xYE27xhj8Mw437dwbXENoa7zkxxDetboM80QDwhUFQDwENXygwAqz+EI7t
0Us0w2Gs1B1h7zBfHRqQfhop4et8xEXi4KeRdC8y4Ltk/PClEDz0jolrwTJGApXh
qoBUCWgwE4EMvZMFRSfpmFM+l+aeZxlxBPJTd1AxpFzF9U6jq51Ny/ijKoRW6Znc
11R1sl3C07CdMWzVVsfZHBR9DEjdlCZ5E0olXm0RMfUkMD54XgVOWXzUbna8boP8
HXiaLZPZcztFH5YTEXUEO85Ez2WqBXqIOEb+QhpBrdqybuYwLQxXbveExQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYOaeG028xBLDbDWrM01PtajrNKMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvVmc1cDRiVGJ6RUVzTnNOYXN6VFUtMXFPczBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUGqMA0G
CSqGSIb3DQEBCwUAA4IBAQAbumfSD8E0BYjbd9jqKsiVpfccPLiM9mmmTO3GGoHz
VUUmH+pPNnx0wJ7jlu0nIDcOY8Bk9LtI5mNsAsq19z8vJepP/r2IbYYj2pxj8IOi
7/TUQftAg8Y0XikXppzqcBkoTCO+9cANdAjjnv9+gvQwOh9jYlcM0q9P1q3Fqclf
DbIcKyT3uyYBAJrcSoZ5GkaBjEpa5ow39by92vcjlP2M/2Q0yMN+tUcY2d9ToUSa
B30o6qqkYAA4Hy77J4RBZ4325ZZk7C88b5aWyxJYuhN+RjfVaZZdWu7QcAde/vT8
qXnjKfYQrfK2KJoDPMxEFhKDjbjZr9bFxNbQUKkLSPdd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org