Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/vBvOoXG7hLe9KWSAFsblBpz9Zhg.roa
File:                     vBvOoXG7hLe9KWSAFsblBpz9Zhg.roa (raw, json)
Hash identifier:          Szn3UDdeJggg5P0v4nzwNnY9TC7HGIMDY0+qdfgJnyw=
Subject key identifier:   BC:1B:CE:A1:71:BB:84:B7:BD:29:64:80:16:C6:E5:06:9C:FD:66:18
Certificate issuer:       /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial:       01889169C7DE6CCA8248CAB3710E7CC75920
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/vBvOoXG7hLe9KWSAFsblBpz9Zhg.roa
Signing time:             Tue 06 Jun 2023 15:53:28 +0000
ROA not before:           Tue 06 Jun 2023 15:53:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51765
IP address blocks:        178.20.215.0/24 maxlen: 24
                          178.20.214.0/24 maxlen: 24
                          77.243.88.0/22 maxlen: 24
                          185.101.20.0/23 maxlen: 24
                          178.20.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:91:69:c7:de:6c:ca:82:48:ca:b3:71:0e:7c:c7:59:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
        Validity
            Not Before: Jun  6 15:53:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc1bcea171bb84b7bd29648016c6e5069cfd6618
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:72:64:c4:41:c8:13:9e:1b:18:13:30:97:47:
                    99:b5:a0:06:2e:03:95:d1:4d:2b:e0:26:99:42:7b:
                    59:6c:36:25:8f:13:6f:b7:32:87:0b:f8:23:06:ae:
                    64:23:8b:f1:db:7c:e2:ad:ce:f8:9a:00:89:79:b6:
                    21:0b:3d:83:2e:ab:38:26:1f:5c:a7:cd:b0:fe:ff:
                    27:b4:f6:e7:9e:70:13:3b:d6:2e:ce:ba:e8:c3:fa:
                    a7:24:a2:23:83:1c:4c:74:13:c5:10:72:d5:94:fa:
                    27:54:cc:4a:3c:12:37:0a:d9:4c:70:82:27:1b:a3:
                    47:e1:a5:4e:72:8b:26:03:d3:c9:6f:fc:39:2d:e0:
                    3a:f7:f2:98:ae:7f:c4:1a:b4:e6:b1:a2:f5:78:9a:
                    0e:a3:ec:68:74:af:6c:6f:0f:57:7a:f0:48:e7:26:
                    2f:d0:4a:9a:4e:a4:c7:ba:6e:fc:17:4e:de:fa:7a:
                    13:a3:22:46:3d:8a:86:5a:17:0b:85:b0:28:b4:06:
                    7f:3c:df:d6:d1:a9:34:85:5c:51:ac:8e:95:53:14:
                    ee:f9:71:6a:d8:50:ba:f0:38:92:e2:ef:d3:39:6e:
                    0f:ff:b4:b3:21:4b:49:37:ad:ff:59:2b:5a:0a:f0:
                    d5:19:df:1f:07:f8:58:e3:f4:bd:00:5a:77:81:1a:
                    e2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:1B:CE:A1:71:BB:84:B7:BD:29:64:80:16:C6:E5:06:9C:FD:66:18
            X509v3 Authority Key Identifier:
                keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/vBvOoXG7hLe9KWSAFsblBpz9Zhg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.243.88.0/22
                  178.20.213.0-178.20.215.255
                  185.101.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:49:4f:03:b1:64:5a:45:0c:a4:bc:5c:31:fd:66:27:cb:42:
         72:fc:53:74:6d:f4:1a:ae:7a:5e:56:32:17:c4:f7:c4:ef:39:
         ea:fc:13:7e:be:d3:65:ee:48:ae:20:a4:23:27:22:44:be:35:
         0b:72:13:3d:96:5d:b5:58:08:8e:ad:26:e9:04:db:c3:bb:5e:
         ea:c7:98:ce:65:17:2e:f2:cf:88:4a:b1:b3:a9:b6:5a:f6:d3:
         04:70:5e:a8:16:9d:b0:aa:09:83:44:22:27:b2:a0:40:e1:3e:
         7c:2a:e6:48:bd:76:12:14:c3:72:c9:2b:9c:9f:39:6c:6b:34:
         cc:00:73:80:52:de:54:e5:4d:67:b9:27:9e:f7:2b:54:ef:bb:
         ef:7d:23:da:49:19:7e:4d:f7:ad:93:99:12:5c:69:57:4f:f5:
         85:cb:c5:cc:12:bb:ba:7a:d7:84:e0:76:ec:c4:55:4f:c5:98:
         cd:05:58:a7:da:ec:25:f0:e3:79:78:f4:ec:5e:75:86:7c:41:
         12:03:3a:a7:c6:78:ce:24:cc:07:53:87:e5:a2:f9:a0:02:e9:
         d4:74:64:26:23:aa:c5:c7:81:6b:8d:48:81:8b:5f:43:ac:4e:
         7e:80:e9:6b:cf:65:44:70:ad:77:2a:a6:67:ec:fc:8f:37:bf:
         c6:43:bd:5d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYiRacfebMqCSMqzcQ58x1kgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjMwNjA2MTU1MzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFiY2VhMTcxYmI4NGI3YmQyOTY0ODAxNmM2ZTUwNjljZmQ2NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3JkxEHIE54bGBMwl0eZtaAGLgOV
0U0r4CaZQntZbDYljxNvtzKHC/gjBq5kI4vx23zirc74mgCJebYhCz2DLqs4Jh9c
p82w/v8ntPbnnnATO9Yuzrrow/qnJKIjgxxMdBPFEHLVlPonVMxKPBI3CtlMcIIn
G6NH4aVOcosmA9PJb/w5LeA69/KYrn/EGrTmsaL1eJoOo+xodK9sbw9XevBI5yYv
0EqaTqTHum78F07e+noToyJGPYqGWhcLhbAotAZ/PN/W0ak0hVxRrI6VUxTu+XFq
2FC68DiS4u/TOW4P/7SzIUtJN63/WStaCvDVGd8fB/hY4/S9AFp3gRriowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLwbzqFxu4S3vSlkgBbG5Qac/WYYMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvdkJ2T29YRzdoTGU5S1dTQUZzYmxCcHo5WmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfNYMAwD
BACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBACJJTwOxZFpFDKS8
XDH9ZifLQnL8U3Rt9Bquel5WMhfE98TvOer8E36+02XuSK4gpCMnIkS+NQtyEz2W
XbVYCI6tJukE28O7XurHmM5lFy7yz4hKsbOptlr20wRwXqgWnbCqCYNEIieyoEDh
Pnwq5ki9dhIUw3LJK5yfOWxrNMwAc4BS3lTlTWe5J573K1Tvu+99I9pJGX5N962T
mRJcaVdP9YXLxcwSu7p614TgduzEVU/FmM0FWKfa7CXw43l49OxedYZ8QRIDOqfG
eM4kzAdTh+Wi+aAC6dR0ZCYjqsXHgWuNSIGLX0OsTn6A6WvPZURwrXcqpmfs/I83
v8ZDvV0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:41 2024 by rpki-client on console-fra.rpki-client.org