Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/cec311-8989-4f41-a499-b695a4ba0cb6/1/kdaH_MmF2u0c-o9rCJCfs_nwQzY.roa
File:                     kdaH_MmF2u0c-o9rCJCfs_nwQzY.roa (raw, json)
Hash identifier:          yh2qz9k1KS3PbotUEt7N5Aol0e93wGUhYemnsSCIkGI=
Subject key identifier:   91:D6:87:FC:C9:85:DA:ED:1C:FA:8F:6B:08:90:9F:B3:F9:F0:43:36
Certificate issuer:       /CN=80340326822530f943859c73e7df3d3655168b70
Certificate serial:       01856DD3F373E26F4B2A7D4B6ED599D41AE3
Authority key identifier: 80:34:03:26:82:25:30:F9:43:85:9C:73:E7:DF:3D:36:55:16:8B:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gDQDJoIlMPlDhZxz5989NlUWi3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/cec311-8989-4f41-a499-b695a4ba0cb6/1/kdaH_MmF2u0c-o9rCJCfs_nwQzY.roa
Signing time:             Sun 01 Jan 2023 14:54:44 +0000
ROA not before:           Sun 01 Jan 2023 14:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        77.75.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d3:f3:73:e2:6f:4b:2a:7d:4b:6e:d5:99:d4:1a:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80340326822530f943859c73e7df3d3655168b70
        Validity
            Not Before: Jan  1 14:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=91d687fcc985daed1cfa8f6b08909fb3f9f04336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:7e:43:42:23:fe:15:d3:43:13:7c:0d:44:b9:
                    4b:f4:dc:61:cb:98:74:a3:9e:c7:b2:ec:d8:b6:47:
                    9a:7d:cf:4f:21:0a:1e:f3:c7:21:3d:ab:e6:64:7a:
                    51:a4:7e:c4:bb:31:88:62:e1:8e:68:a3:52:b9:17:
                    6c:ca:e4:05:db:56:1f:e7:95:ad:8c:c7:49:da:93:
                    b4:ec:c7:f1:17:6e:79:c6:09:29:5e:76:c6:1b:5f:
                    40:cd:38:61:4a:f0:90:93:52:e1:94:32:b5:c8:7a:
                    14:4a:bb:0c:c5:8e:74:97:e5:bf:87:4e:45:9f:9d:
                    85:51:3b:37:dd:94:8c:23:af:10:ab:55:57:bc:15:
                    37:c5:b6:79:4d:6e:9b:58:80:84:e2:5f:96:85:75:
                    6b:71:ea:c6:d5:d8:20:b8:e6:2f:b1:45:bb:3a:b1:
                    75:98:47:d8:82:5f:06:8c:74:5f:7c:09:de:54:4e:
                    71:7d:20:ad:08:e3:dd:38:ab:c3:0c:5c:92:e8:bd:
                    03:7a:09:a9:e2:f3:42:3e:6c:9a:86:58:e1:9c:5d:
                    77:a2:14:be:04:19:8e:18:bc:c2:09:1f:d1:bc:62:
                    9b:5b:91:ef:2f:d5:9e:18:97:ac:e8:c3:ec:2b:29:
                    27:84:19:f4:c5:25:8d:42:dc:7e:70:65:97:05:eb:
                    ec:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D6:87:FC:C9:85:DA:ED:1C:FA:8F:6B:08:90:9F:B3:F9:F0:43:36
            X509v3 Authority Key Identifier:
                keyid:80:34:03:26:82:25:30:F9:43:85:9C:73:E7:DF:3D:36:55:16:8B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gDQDJoIlMPlDhZxz5989NlUWi3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/cec311-8989-4f41-a499-b695a4ba0cb6/1/kdaH_MmF2u0c-o9rCJCfs_nwQzY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/cec311-8989-4f41-a499-b695a4ba0cb6/1/gDQDJoIlMPlDhZxz5989NlUWi3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.75.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:c2:90:16:62:26:53:9a:fa:33:33:b6:0f:78:6b:15:de:b7:
         6b:6c:6a:67:1c:30:70:fc:df:0b:20:23:1b:85:41:66:a5:c1:
         61:55:14:46:20:df:33:1e:6d:14:48:cb:eb:63:e5:af:5a:d7:
         e2:bb:3f:0b:77:ea:ae:8f:06:c0:67:5c:6e:18:68:97:f8:65:
         75:87:3d:db:ec:e9:02:13:43:8d:28:6b:70:6d:98:d0:ef:0a:
         13:36:0c:b4:47:82:fe:04:e5:e5:3e:84:96:57:02:95:a7:8d:
         ed:78:0a:ae:32:fa:69:9b:3f:68:24:69:fd:1d:ee:8f:8a:cf:
         82:91:fc:a5:50:8c:39:52:19:33:3e:86:12:2c:aa:8a:0a:d7:
         45:0c:7f:ae:e1:5b:26:7e:1b:5c:f5:74:c5:18:85:e2:61:8e:
         fe:94:17:de:a5:01:1c:b7:77:32:3e:c4:46:18:fe:29:e6:87:
         78:a1:bd:8a:0c:0f:49:19:02:d5:af:ba:b3:c5:69:c5:36:79:
         a8:06:0c:d7:b7:d2:62:1e:36:14:20:53:46:a3:eb:aa:99:da:
         8f:d6:44:ab:b9:ea:d4:54:8b:c5:55:8d:d9:4c:6f:67:11:f2:
         e6:09:93:6a:00:41:93:5e:74:d6:d6:39:e2:48:2d:02:39:08:
         79:26:40:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0/Nz4m9LKn1LbtWZ1BrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMzQwMzI2ODIyNTMwZjk0Mzg1OWM3M2U3ZGYzZDM2NTUx
NjhiNzAwHhcNMjMwMTAxMTQ1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ2ODdmY2M5ODVkYWVkMWNmYThmNmIwODkwOWZiM2Y5ZjA0MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH5DQiP+FdNDE3wNRLlL9Nxhy5h0
o57HsuzYtkeafc9PIQoe88chPavmZHpRpH7EuzGIYuGOaKNSuRdsyuQF21Yf55Wt
jMdJ2pO07MfxF255xgkpXnbGG19AzThhSvCQk1LhlDK1yHoUSrsMxY50l+W/h05F
n52FUTs33ZSMI68Qq1VXvBU3xbZ5TW6bWICE4l+WhXVrcerG1dgguOYvsUW7OrF1
mEfYgl8GjHRffAneVE5xfSCtCOPdOKvDDFyS6L0Degmp4vNCPmyahljhnF13ohS+
BBmOGLzCCR/RvGKbW5HvL9WeGJes6MPsKyknhBn0xSWNQtx+cGWXBevsKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHWh/zJhdrtHPqPawiQn7P58EM2MB8GA1UdIwQY
MBaAFIA0AyaCJTD5Q4Wcc+ffPTZVFotwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0RRREpvSWxNUGxEaFp4ejU5ODlObFVXaTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9jZWMzMTEtODk4OS00ZjQxLWE0OTkt
YjY5NWE0YmEwY2I2LzEva2RhSF9NbUYydTBjLW85ckNKQ2ZzX253UXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9jZWMzMTEtODk4OS00ZjQxLWE0OTktYjY5NWE0YmEwY2I2
LzEvZ0RRREpvSWxNUGxEaFp4ejU5ODlObFVXaTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUvlMA0G
CSqGSIb3DQEBCwUAA4IBAQC3wpAWYiZTmvozM7YPeGsV3rdrbGpnHDBw/N8LICMb
hUFmpcFhVRRGIN8zHm0USMvrY+WvWtfiuz8Ld+qujwbAZ1xuGGiX+GV1hz3b7OkC
E0ONKGtwbZjQ7woTNgy0R4L+BOXlPoSWVwKVp43teAquMvppmz9oJGn9He6Pis+C
kfylUIw5UhkzPoYSLKqKCtdFDH+u4Vsmfhtc9XTFGIXiYY7+lBfepQEct3cyPsRG
GP4p5od4ob2KDA9JGQLVr7qzxWnFNnmoBgzXt9JiHjYUIFNGo+uqmdqP1kSruerU
VIvFVY3ZTG9nEfLmCZNqAEGTXnTW1jniSC0COQh5JkAJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:47 2023 by rpki-client on console-ams.rpki-client.org