Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/_J9fpCEFZA9385AIt4J4JD6IunQ.roa
File:                     _J9fpCEFZA9385AIt4J4JD6IunQ.roa (raw, json)
Hash identifier:          boqdnEu9yCu4Ap+l+xVGiLA7dvDe8wO3Q83rpLM068U=
Subject key identifier:   FC:9F:5F:A4:21:05:64:0F:77:F3:90:08:B7:82:78:24:3E:88:BA:74
Certificate issuer:       /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial:       018571D78E0B794C88E57322CAA1805D9C52
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/_J9fpCEFZA9385AIt4J4JD6IunQ.roa
Signing time:             Mon 02 Jan 2023 09:37:10 +0000
ROA not before:           Mon 02 Jan 2023 09:37:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13306
IP address blocks:        89.106.102.0/23 maxlen: 23
                          89.106.104.0/23 maxlen: 23
                          89.106.101.0/24 maxlen: 24
                          109.107.70.0/23 maxlen: 23
                          89.106.108.0/23 maxlen: 23
                          89.106.107.0/24 maxlen: 24
                          77.76.150.0/23 maxlen: 23
                          89.106.127.0/24 maxlen: 24
                          77.76.176.0/22 maxlen: 22
                          188.124.92.0/22 maxlen: 22
                          178.75.252.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:8e:0b:79:4c:88:e5:73:22:ca:a1:80:5d:9c:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
        Validity
            Not Before: Jan  2 09:37:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc9f5fa42105640f77f39008b78278243e88ba74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:10:52:84:55:22:45:6a:48:34:7c:71:1b:50:
                    4e:09:b0:2d:c6:8c:32:73:d8:4b:7b:df:27:15:8e:
                    c3:18:17:36:77:cd:90:be:55:90:66:5f:c2:c3:30:
                    cc:55:ba:69:60:e7:04:e1:ec:b9:c8:b9:00:f9:1f:
                    6a:7a:61:a5:64:59:6c:86:9a:bf:63:01:19:eb:b3:
                    e0:bc:e4:d2:1b:ce:bd:bc:38:1d:a2:81:18:ef:a7:
                    64:b2:c3:0c:b7:6f:98:b3:0b:f8:87:d5:7c:f1:6b:
                    df:d6:7c:76:da:97:72:87:16:cd:f0:cd:ee:11:cc:
                    28:6e:40:d3:ee:a7:8f:11:81:0f:fc:6c:6a:40:aa:
                    b6:ce:e2:3a:14:19:ba:dc:40:66:82:1f:31:ca:9c:
                    2c:51:b4:87:77:b9:34:2c:41:a2:8b:47:09:aa:78:
                    e1:59:7b:17:4b:cd:d2:6c:f7:29:96:71:5f:a8:de:
                    ba:3d:9e:74:fc:a7:09:3d:3e:61:f9:32:a8:8c:fa:
                    e7:0f:eb:52:33:81:b6:21:ec:0b:61:67:a1:ec:65:
                    d7:61:ba:4a:85:df:15:8e:1d:af:b3:68:f4:6c:7d:
                    85:6c:3e:58:e3:6c:20:13:ce:c5:6e:e9:74:90:46:
                    c1:91:00:bc:79:2e:0e:1a:68:bd:85:26:2e:6a:95:
                    f8:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:9F:5F:A4:21:05:64:0F:77:F3:90:08:B7:82:78:24:3E:88:BA:74
            X509v3 Authority Key Identifier:
                keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/_J9fpCEFZA9385AIt4J4JD6IunQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.76.150.0/23
                  77.76.176.0/22
                  89.106.101.0-89.106.105.255
                  89.106.107.0-89.106.109.255
                  89.106.127.0/24
                  109.107.70.0/23
                  178.75.252.0/22
                  188.124.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:60:3f:3d:8a:17:23:3c:f3:fa:85:ba:b0:99:8c:95:c5:27:
         d3:a1:55:2f:51:6b:46:d0:0a:0d:8f:67:b3:9f:00:6b:f6:c4:
         5f:ef:fd:32:4e:a0:cb:fe:4e:a0:ca:2e:19:2f:d8:f4:14:10:
         77:61:b6:8c:03:bf:8f:8b:2b:0b:37:a2:61:05:39:7e:6f:42:
         3a:8c:b8:9f:7f:1d:b3:42:85:16:91:6e:14:e5:88:57:67:a5:
         4e:ff:26:6f:08:6e:ec:1e:27:9f:02:da:a2:80:1e:ff:a2:bc:
         ef:3f:04:da:28:24:4e:52:cc:10:ab:d5:ef:24:03:ec:06:2c:
         b8:a2:84:15:c6:9c:79:06:9e:ad:ac:b4:33:f9:f6:a5:ae:03:
         44:d4:e0:d8:25:87:dc:52:6d:c9:17:44:a4:b1:8a:72:f2:61:
         df:d5:17:cd:fe:bd:d8:37:3d:2b:41:81:d7:1d:8e:c6:9e:d1:
         26:ec:c5:87:6b:47:f9:d2:8e:d6:a5:c4:44:f9:79:aa:42:a9:
         d8:95:ec:48:38:ca:02:18:bc:f0:14:78:96:14:17:2c:e6:df:
         4a:20:a5:3c:c9:01:f5:01:f1:c3:53:2b:4f:6c:99:bc:01:7b:
         5e:2c:bf:f4:74:e0:a2:76:58:8b:5d:b1:d3:4b:a9:83:89:f5:
         99:a8:66:d3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVx144LeUyI5XMiyqGAXZxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzlmNWZhNDIxMDU2NDBmNzdmMzkwMDhiNzgyNzgyNDNlODhiYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghBShFUiRWpINHxxG1BOCbAtxowy
c9hLe98nFY7DGBc2d82QvlWQZl/CwzDMVbppYOcE4ey5yLkA+R9qemGlZFlshpq/
YwEZ67PgvOTSG869vDgdooEY76dkssMMt2+Yswv4h9V88Wvf1nx22pdyhxbN8M3u
EcwobkDT7qePEYEP/GxqQKq2zuI6FBm63EBmgh8xypwsUbSHd7k0LEGii0cJqnjh
WXsXS83SbPcplnFfqN66PZ50/KcJPT5h+TKojPrnD+tSM4G2IewLYWeh7GXXYbpK
hd8Vjh2vs2j0bH2FbD5Y42wgE87Fbul0kEbBkQC8eS4OGmi9hSYuapX48wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPyfX6QhBWQPd/OQCLeCeCQ+iLp0MB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvX0o5ZnBDRUZaQTkzODVBSXQ0SjRKRDZJdW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBTUyWAwQC
TUywMAwDBABZamUDBAFZamgwDAMEAFlqawMEAVlqbAMEAFlqfwMEAW1rRgMEArJL
/AMEArx8XDANBgkqhkiG9w0BAQsFAAOCAQEAPGA/PYoXIzzz+oW6sJmMlcUn06FV
L1FrRtAKDY9ns58Aa/bEX+/9Mk6gy/5OoMouGS/Y9BQQd2G2jAO/j4srCzeiYQU5
fm9COoy4n38ds0KFFpFuFOWIV2elTv8mbwhu7B4nnwLaooAe/6K87z8E2igkTlLM
EKvV7yQD7AYsuKKEFcaceQaeray0M/n2pa4DRNTg2CWH3FJtyRdEpLGKcvJh39UX
zf692Dc9K0GB1x2Oxp7RJuzFh2tH+dKO1qXERPl5qkKp2JXsSDjKAhi88BR4lhQX
LObfSiClPMkB9QHxw1MrT2yZvAF7Xiy/9HTgonZYi12x00upg4n1mahm0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org