Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/PHtLbqCsKdNp_DI9jAz8wg-olw4.roa
File:                     PHtLbqCsKdNp_DI9jAz8wg-olw4.roa (raw, json)
Hash identifier:          qsbLD9/mxrq3z4k2dvu3HSADXj9nZ7QS3CpDAVwia1Y=
Subject key identifier:   3C:7B:4B:6E:A0:AC:29:D3:69:FC:32:3D:8C:0C:FC:C2:0F:A8:97:0E
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       018E2D3533F9778FC34DC1E5051DDBC63E1F
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/PHtLbqCsKdNp_DI9jAz8wg-olw4.roa
Signing time:             Mon 11 Mar 2024 11:10:45 +0000
ROA not before:           Mon 11 Mar 2024 11:10:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        77.47.148.0/24 maxlen: 24
                          77.47.149.0/24 maxlen: 24
                          77.47.150.0/24 maxlen: 24
                          77.47.151.0/24 maxlen: 24
                          77.47.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 May 2024 16:42:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2d:35:33:f9:77:8f:c3:4d:c1:e5:05:1d:db:c6:3e:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Mar 11 11:10:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3c7b4b6ea0ac29d369fc323d8c0cfcc20fa8970e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:bb:9e:29:aa:f6:0b:8a:c1:05:0c:c9:22:1b:
                    94:62:3a:3d:d9:4e:5b:8f:7d:1b:0d:b8:ac:ee:81:
                    23:ad:3c:42:38:3b:87:1a:d4:bf:06:0b:4e:c5:d2:
                    da:fb:77:1b:f9:a6:26:69:6f:43:15:38:94:14:00:
                    77:69:1e:aa:cd:4b:6d:7f:dc:86:3f:96:e6:88:8e:
                    7c:8a:74:e5:69:8c:a3:2d:be:34:61:cd:3f:50:ce:
                    15:c7:4c:54:ce:a4:da:81:be:a5:d7:2d:c4:39:f2:
                    bd:02:e7:3d:a2:c0:b1:dd:08:9a:ca:84:c0:59:f6:
                    fa:ca:a3:4b:85:46:22:1d:28:ce:af:7b:36:6b:f5:
                    e2:7d:74:60:26:f6:b3:12:af:90:32:7f:69:69:c0:
                    ea:ad:4b:28:94:af:73:70:12:e6:5f:48:a6:02:14:
                    5e:fa:8e:85:f2:de:9e:7f:6b:02:3d:e1:08:5c:30:
                    81:3c:80:8e:cb:0d:c3:d3:0a:8c:c9:01:da:9c:fd:
                    f4:4e:69:f6:c9:63:68:87:31:81:05:59:8d:cd:a2:
                    82:3b:a8:bc:4c:0b:26:4e:0b:20:47:e1:90:28:75:
                    dd:97:5c:ba:78:b7:60:ca:7a:88:cb:19:82:ef:53:
                    c6:99:8b:5f:ff:63:95:18:0f:e8:66:fc:d0:72:46:
                    07:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:7B:4B:6E:A0:AC:29:D3:69:FC:32:3D:8C:0C:FC:C2:0F:A8:97:0E
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/PHtLbqCsKdNp_DI9jAz8wg-olw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.47.148.0/22
                  77.47.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:59:f2:09:35:a2:53:7a:af:22:77:b3:47:93:7f:5a:1c:96:
         5e:c8:2f:1e:bb:be:af:76:c4:08:91:a6:7f:44:bc:ab:f7:8c:
         79:07:ed:69:86:f7:23:47:16:b2:15:a8:70:b0:13:13:41:54:
         b7:8d:5a:24:0f:d6:80:51:cd:fc:39:d2:0b:79:31:4c:72:43:
         26:52:a9:a6:13:3e:f5:a6:4d:5f:97:cd:4e:9a:5d:30:28:74:
         5b:03:62:73:3f:f1:4f:74:2e:15:25:98:c3:b8:57:ec:c9:80:
         f5:61:d5:50:e5:17:60:93:c8:7a:39:56:f8:da:57:f6:ef:61:
         7a:50:bd:45:1d:5f:a2:8b:03:c8:82:bb:66:b8:f5:20:16:52:
         90:43:d7:0e:cb:bd:cf:08:0d:7d:ee:5e:a1:6b:c5:f9:dd:ee:
         f2:33:55:0b:2b:94:2f:5a:a0:e3:c7:99:e4:87:ee:ec:e1:e0:
         c3:50:8e:91:78:e1:2b:42:b0:9b:77:c1:89:6f:85:da:c7:75:
         13:5c:3f:84:21:26:6e:68:eb:a3:da:28:c3:47:db:57:b2:80:
         87:58:9b:7f:fe:75:b1:cc:a3:ff:e0:31:65:62:fe:3d:ae:b2:
         41:10:19:90:68:02:d1:d7:86:1b:d0:ee:1b:50:d3:a2:49:5b:
         88:30:d1:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4tNTP5d4/DTcHlBR3bxj4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMzExMTExMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzdiNGI2ZWEwYWMyOWQzNjlmYzMyM2Q4YzBjZmNjMjBmYTg5NzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbueKar2C4rBBQzJIhuUYjo92U5b
j30bDbis7oEjrTxCODuHGtS/BgtOxdLa+3cb+aYmaW9DFTiUFAB3aR6qzUttf9yG
P5bmiI58inTlaYyjLb40Yc0/UM4Vx0xUzqTagb6l1y3EOfK9Auc9osCx3QiayoTA
Wfb6yqNLhUYiHSjOr3s2a/XifXRgJvazEq+QMn9pacDqrUsolK9zcBLmX0imAhRe
+o6F8t6ef2sCPeEIXDCBPICOyw3D0wqMyQHanP30Tmn2yWNohzGBBVmNzaKCO6i8
TAsmTgsgR+GQKHXdl1y6eLdgynqIyxmC71PGmYtf/2OVGA/oZvzQckYHPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDx7S26grCnTafwyPYwM/MIPqJcOMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvUEh0TGJxQ3NLZE5wX0RJOWpBejh3Zy1vbHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTS+UAwQA
TS+dMA0GCSqGSIb3DQEBCwUAA4IBAQCxWfIJNaJTeq8id7NHk39aHJZeyC8eu76v
dsQIkaZ/RLyr94x5B+1phvcjRxayFahwsBMTQVS3jVokD9aAUc38OdILeTFMckMm
UqmmEz71pk1fl81Oml0wKHRbA2JzP/FPdC4VJZjDuFfsyYD1YdVQ5Rdgk8h6OVb4
2lf272F6UL1FHV+iiwPIgrtmuPUgFlKQQ9cOy73PCA197l6ha8X53e7yM1ULK5Qv
WqDjx5nkh+7s4eDDUI6ReOErQrCbd8GJb4Xax3UTXD+EISZuaOuj2ijDR9tXsoCH
WJt//nWxzKP/4DFlYv49rrJBEBmQaALR14Yb0O4bUNOiSVuIMNHg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org