Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/dRHsax7eaE5fUe713IKLLDo1nmA.roa
File:                     dRHsax7eaE5fUe713IKLLDo1nmA.roa (raw, json)
Hash identifier:          BScjw6m0W5B/hTDUSKqghAw7ZoRudAsTGZbZS/2pYpc=
Subject key identifier:   75:11:EC:6B:1E:DE:68:4E:5F:51:EE:F5:DC:82:8B:2C:3A:35:9E:60
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       0187FADE5D77647E291F4BC9A411BC72222B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/dRHsax7eaE5fUe713IKLLDo1nmA.roa
Signing time:             Mon 08 May 2023 10:18:09 +0000
ROA not before:           Mon 08 May 2023 10:18:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3319
IP address blocks:        77.47.240.0/23 maxlen: 24
                          77.47.244.0/22 maxlen: 24
                          77.47.143.0/24 maxlen: 24
                          195.178.140.0/24 maxlen: 24
                          195.178.142.0/23 maxlen: 24
                          195.178.144.0/23 maxlen: 23
                          77.47.156.0/22 maxlen: 24
                          185.143.56.0/22 maxlen: 24
                          195.178.152.0/22 maxlen: 22
                          77.47.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 May 2023 10:12:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fa:de:5d:77:64:7e:29:1f:4b:c9:a4:11:bc:72:22:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: May  8 10:18:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7511ec6b1ede684e5f51eef5dc828b2c3a359e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:eb:17:22:db:64:05:91:40:0c:ec:2f:7f:6a:
                    48:24:f7:23:c1:1e:09:91:e4:ae:e3:fa:c8:96:11:
                    86:83:41:e3:72:57:05:97:1c:e0:f1:53:ad:fd:33:
                    51:df:60:ea:25:6d:34:1c:16:02:a2:1c:cf:0f:47:
                    3c:ed:c7:6c:5d:ce:80:fd:8f:95:50:2b:5b:1d:c3:
                    0b:71:41:87:70:39:af:de:87:55:58:bd:03:85:74:
                    73:c6:4d:4c:71:c6:0e:f0:6a:a9:ff:3e:7c:d2:71:
                    6d:74:bb:12:18:f8:2e:80:bd:0e:f3:a6:35:c9:3e:
                    90:06:6f:0f:95:35:45:8c:20:47:ba:c2:e1:ce:cf:
                    7e:4c:8c:d2:32:b5:68:1c:7f:ce:ee:91:e4:72:95:
                    6e:70:f2:6d:b5:f2:9f:3d:0b:08:91:5c:2c:25:1f:
                    7c:cf:f5:1e:cc:69:6a:b1:d7:be:a7:7b:8a:ba:d0:
                    37:f9:0d:d1:81:20:df:88:46:18:08:a0:82:00:81:
                    96:4e:74:ef:93:81:4a:a2:a5:44:65:60:b1:82:7e:
                    98:a1:fb:d9:7b:9e:8a:52:ea:67:1f:0c:03:71:9b:
                    10:d5:38:ac:e0:42:02:65:28:ca:e2:ef:c1:f8:41:
                    30:cc:9f:7d:02:56:1c:d5:d9:09:92:be:30:12:9d:
                    0c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:11:EC:6B:1E:DE:68:4E:5F:51:EE:F5:DC:82:8B:2C:3A:35:9E:60
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/dRHsax7eaE5fUe713IKLLDo1nmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.47.143.0/24
                  77.47.156.0/22
                  77.47.178.0/24
                  77.47.240.0/23
                  77.47.244.0/22
                  185.143.56.0/22
                  195.178.140.0/24
                  195.178.142.0-195.178.145.255
                  195.178.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:c1:6a:65:c6:86:7a:91:a6:b5:f9:f0:e0:87:48:42:17:68:
         72:5b:c6:eb:52:fe:e4:d4:0b:49:81:ac:45:d2:d6:f9:13:05:
         ad:15:66:f0:9a:50:ae:02:47:be:ad:1c:62:67:42:4b:d8:42:
         d0:f6:43:57:2a:44:2a:4f:8e:95:8a:93:6b:6b:e1:1c:cb:5c:
         2f:b3:b2:82:d1:8b:6e:dd:3e:4f:ca:d1:e9:3d:19:41:d2:4e:
         5a:4b:2b:19:52:02:32:31:fa:34:6e:43:b5:a9:99:14:fb:a3:
         b4:37:cf:9e:5e:d2:e3:04:e6:36:0b:60:d7:e4:00:ae:fe:75:
         56:e3:85:c0:19:df:03:a2:88:e4:ec:25:9d:49:43:6d:bd:e8:
         82:f1:3c:d5:9c:a6:c0:fd:30:48:b2:e1:f2:4a:19:01:89:eb:
         4e:f3:71:4d:53:f0:7f:f6:bd:9a:23:14:12:02:7d:ff:70:18:
         32:d9:38:73:a9:ce:6b:25:54:26:2e:77:13:07:d9:28:68:16:
         87:7c:36:3c:70:29:cf:2b:3b:8f:66:fb:7f:6a:49:bf:be:c3:
         40:47:a5:63:45:19:1e:3b:0b:46:c1:8c:c6:90:76:6b:19:87:
         50:09:2e:6b:b6:48:f9:d8:5f:00:fc:ac:26:47:36:d3:8d:4e:
         f1:fc:5e:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYf63l13ZH4pH0vJpBG8ciIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwNTA4MTAxODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTExZWM2YjFlZGU2ODRlNWY1MWVlZjVkYzgyOGIyYzNhMzU5ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmusXIttkBZFADOwvf2pIJPcjwR4J
keSu4/rIlhGGg0HjclcFlxzg8VOt/TNR32DqJW00HBYCohzPD0c87cdsXc6A/Y+V
UCtbHcMLcUGHcDmv3odVWL0DhXRzxk1MccYO8Gqp/z580nFtdLsSGPgugL0O86Y1
yT6QBm8PlTVFjCBHusLhzs9+TIzSMrVoHH/O7pHkcpVucPJttfKfPQsIkVwsJR98
z/UezGlqsde+p3uKutA3+Q3RgSDfiEYYCKCCAIGWTnTvk4FKoqVEZWCxgn6YofvZ
e56KUupnHwwDcZsQ1Tis4EICZSjK4u/B+EEwzJ99AlYc1dkJkr4wEp0MzQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHUR7Gse3mhOX1Hu9dyCiyw6NZ5gMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvZFJIc2F4N2VhRTVmVWU3MTNJS0xMRG8xbm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATS+PAwQC
TS+cAwQATS+yAwQBTS/wAwQCTS/0AwQCuY84AwQAw7KMMAwDBAHDso4DBAHDspAD
BALDspgwDQYJKoZIhvcNAQELBQADggEBADDBamXGhnqRprX58OCHSEIXaHJbxutS
/uTUC0mBrEXS1vkTBa0VZvCaUK4CR76tHGJnQkvYQtD2Q1cqRCpPjpWKk2tr4RzL
XC+zsoLRi27dPk/K0ek9GUHSTlpLKxlSAjIx+jRuQ7WpmRT7o7Q3z55e0uME5jYL
YNfkAK7+dVbjhcAZ3wOiiOTsJZ1JQ2296ILxPNWcpsD9MEiy4fJKGQGJ607zcU1T
8H/2vZojFBICff9wGDLZOHOpzmslVCYudxMH2ShoFod8NjxwKc8rO49m+39qSb++
w0BHpWNFGR47C0bBjMaQdmsZh1AJLmu2SPnYXwD8rCZHNtONTvH8XuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org