Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa
File:                     KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa (raw, json)
Hash identifier:          roWLKh74c+OTSpHHyjWgqMap3HlfDfD0j4KTnMkq3WE=
Subject key identifier:   29:35:5C:6F:CC:64:83:4F:A0:85:1E:CA:17:F3:9A:B1:A1:38:4F:1D
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018EBDAE7DAE436E46C0F47D5A0E5F63E262
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa
Signing time:             Mon 08 Apr 2024 12:28:33 +0000
ROA not before:           Mon 08 Apr 2024 12:28:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     64429
IP address blocks:        77.72.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Sep 2024 11:17:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:bd:ae:7d:ae:43:6e:46:c0:f4:7d:5a:0e:5f:63:e2:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr  8 12:28:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=29355c6fcc64834fa0851eca17f39ab1a1384f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7f:d5:1d:fc:6b:cb:74:4a:57:d0:ce:0b:3e:
                    98:e9:c1:8f:e9:42:55:e3:3a:07:fe:0c:a5:af:bd:
                    b6:c9:59:80:d1:82:4f:e9:94:c7:76:a8:41:98:e0:
                    7a:75:ef:2f:da:8c:27:18:f6:86:fb:3f:2d:9e:33:
                    d7:74:80:2b:00:9d:43:ab:95:cd:17:2b:b4:91:67:
                    a6:eb:53:40:05:6c:10:8f:5d:94:10:0a:fe:c4:7d:
                    46:90:23:89:75:0b:11:fa:6c:42:fc:fd:12:71:bb:
                    a1:2e:90:f4:9c:b9:f8:f8:f9:42:a8:92:ea:06:d9:
                    79:67:07:bd:1f:e7:48:71:f0:12:c0:6a:67:e9:a2:
                    0e:0d:26:c2:08:4e:20:23:9a:ce:a2:e3:3b:92:9c:
                    2d:ac:d5:e1:12:f8:5d:51:8a:23:36:9f:8a:38:c4:
                    48:8b:a0:34:36:40:b3:5e:46:c0:1b:c5:58:0f:44:
                    bf:f9:d2:6e:9d:f0:35:d9:ea:22:2f:76:4e:f1:26:
                    a4:c9:3d:c4:a4:0e:95:97:71:91:48:f4:a8:fc:22:
                    03:6d:19:70:de:51:47:86:63:27:f4:e2:25:5c:c4:
                    13:c0:76:2a:28:07:3c:53:8b:81:65:72:7a:eb:aa:
                    cc:57:15:c3:db:76:45:a8:ec:b3:3c:7c:4d:80:2b:
                    df:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:35:5C:6F:CC:64:83:4F:A0:85:1E:CA:17:F3:9A:B1:A1:38:4F:1D
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.72.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:ba:ef:ff:54:2c:91:44:57:ea:7f:a6:0c:00:71:88:71:57:
         68:e1:ef:8e:b7:3e:9d:fc:5f:53:74:2b:98:9e:d8:62:84:79:
         78:d2:97:8e:dd:5e:b3:c0:9e:2e:0a:d9:68:18:1f:57:45:af:
         ac:fc:d2:9f:81:db:80:cd:b2:a4:ac:53:95:8a:fe:a5:51:3e:
         88:5b:a3:34:09:bb:b4:c4:14:2b:10:83:c0:7d:a7:21:73:bd:
         5e:96:64:b3:6a:89:b1:0b:0b:53:e9:3c:bc:47:56:af:24:b2:
         89:27:14:f0:75:bf:8b:05:9b:ac:8a:d3:40:e6:d4:8f:b9:1c:
         e5:62:62:94:6d:fd:eb:eb:5b:b6:be:81:c5:e5:fd:26:c8:42:
         22:58:c4:e3:e0:8d:7a:b6:57:59:ce:cd:f6:82:f3:0f:a3:c0:
         ce:36:b7:79:bb:6e:22:88:15:54:98:ea:3e:9b:b4:f9:1b:29:
         b6:db:5e:7d:30:92:08:6d:78:cc:eb:8d:ad:fa:1d:29:47:f2:
         e0:95:8f:8f:2e:c4:7e:27:cf:18:80:5d:9e:7b:1a:b3:7f:c7:
         16:48:eb:ee:f5:77:9a:4a:c2:1e:af:ee:b2:ce:17:9b:5b:b3:
         82:2e:cd:68:6f:8d:dd:72:bf:24:78:40:f0:f4:ec:99:f5:51:
         0f:3b:31:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY69rn2uQ25GwPR9Wg5fY+JiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA4MTIyODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM1NWM2ZmNjNjQ4MzRmYTA4NTFlY2ExN2YzOWFiMWExMzg0ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3/VHfxry3RKV9DOCz6Y6cGP6UJV
4zoH/gylr722yVmA0YJP6ZTHdqhBmOB6de8v2ownGPaG+z8tnjPXdIArAJ1Dq5XN
Fyu0kWem61NABWwQj12UEAr+xH1GkCOJdQsR+mxC/P0ScbuhLpD0nLn4+PlCqJLq
Btl5Zwe9H+dIcfASwGpn6aIODSbCCE4gI5rOouM7kpwtrNXhEvhdUYojNp+KOMRI
i6A0NkCzXkbAG8VYD0S/+dJunfA12eoiL3ZO8SakyT3EpA6Vl3GRSPSo/CIDbRlw
3lFHhmMn9OIlXMQTwHYqKAc8U4uBZXJ666rMVxXD23ZFqOyzPHxNgCvfKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCk1XG/MZINPoIUeyhfzmrGhOE8dMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvS1RWY2I4eGtnMC1naFI3S0ZfT2FzYUU0VHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUhWMA0G
CSqGSIb3DQEBCwUAA4IBAQBouu//VCyRRFfqf6YMAHGIcVdo4e+Otz6d/F9TdCuY
nthihHl40peO3V6zwJ4uCtloGB9XRa+s/NKfgduAzbKkrFOViv6lUT6IW6M0Cbu0
xBQrEIPAfachc71elmSzaomxCwtT6Ty8R1avJLKJJxTwdb+LBZusitNA5tSPuRzl
YmKUbf3r61u2voHF5f0myEIiWMTj4I16tldZzs32gvMPo8DONrd5u24iiBVUmOo+
m7T5Gym22159MJIIbXjM642t+h0pR/LglY+PLsR+J88YgF2eexqzf8cWSOvu9Xea
SsIer+6yzhebW7OCLs1ob43dcr8keEDw9OyZ9VEPOzGw
-----END CERTIFICATE-----
Generated at Mon Sep 2 15:35:04 2024 by rpki-client on console-ams.rpki-client.org