Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/AsDuhWI86Hjf7CV9N6bfVu93MxU.roa
File:                     AsDuhWI86Hjf7CV9N6bfVu93MxU.roa (raw, json)
Hash identifier:          ClgP0jX48ROJN+/nFUco5BWtsObOFvBhouVisJQsdNE=
Subject key identifier:   02:C0:EE:85:62:3C:E8:78:DF:EC:25:7D:37:A6:DF:56:EF:77:33:15
Certificate issuer:       /CN=9f2bc3c5564d434381cb78ba47ad58be4d3deaa8
Certificate serial:       01856B2551002F473B952B4960F32E3FA40D
Authority key identifier: 9F:2B:C3:C5:56:4D:43:43:81:CB:78:BA:47:AD:58:BE:4D:3D:EA:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyvDxVZNQ0OBy3i6R61Yvk096qg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/AsDuhWI86Hjf7CV9N6bfVu93MxU.roa
Signing time:             Sun 01 Jan 2023 02:24:45 +0000
ROA not before:           Sun 01 Jan 2023 02:24:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43024
IP address blocks:        77.95.16.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:25:51:00:2f:47:3b:95:2b:49:60:f3:2e:3f:a4:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2bc3c5564d434381cb78ba47ad58be4d3deaa8
        Validity
            Not Before: Jan  1 02:24:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02c0ee85623ce878dfec257d37a6df56ef773315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f7:18:ab:5d:1f:8f:b1:71:e1:8b:bc:c3:91:
                    33:98:af:d0:c0:7d:4e:0d:3f:63:76:bc:49:0c:2e:
                    d9:b5:b8:88:d3:aa:12:7a:0e:a7:91:cd:7f:ff:fc:
                    ed:ff:5c:d6:89:16:fe:d6:51:e4:af:b4:e0:d4:99:
                    f8:8a:89:ed:8d:f4:aa:21:23:ee:35:b3:8b:f2:62:
                    00:37:9a:f1:30:3e:18:53:e9:06:d1:a7:44:8e:fb:
                    92:81:af:08:a5:c5:a4:f5:e8:4e:1a:aa:76:a2:91:
                    94:bd:b6:3e:44:41:2d:22:af:04:ff:0c:b9:c8:0f:
                    20:b8:a8:71:34:95:c8:7c:4f:ef:21:22:89:be:7f:
                    90:af:93:e6:3d:9f:8a:26:b7:f3:46:fb:b8:c7:eb:
                    4d:86:e9:af:c1:bd:a5:73:c2:c7:8b:34:9e:bd:a9:
                    66:03:5d:68:ea:31:b6:66:04:9b:cd:f5:fa:95:d1:
                    30:8e:5e:7e:18:6e:c0:f8:6b:ee:3a:d4:e8:d3:d2:
                    f7:1b:1a:8f:9d:30:c7:5d:b6:9c:b7:e7:7e:b2:a4:
                    9b:a9:73:87:a6:04:bf:ec:1e:ff:13:63:15:8e:52:
                    bd:65:69:94:c3:34:88:51:41:3c:a6:ab:c8:aa:7f:
                    77:f0:f6:dc:5b:4c:ff:9a:e8:b9:20:fa:c6:ba:ca:
                    dc:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:C0:EE:85:62:3C:E8:78:DF:EC:25:7D:37:A6:DF:56:EF:77:33:15
            X509v3 Authority Key Identifier:
                keyid:9F:2B:C3:C5:56:4D:43:43:81:CB:78:BA:47:AD:58:BE:4D:3D:EA:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyvDxVZNQ0OBy3i6R61Yvk096qg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/AsDuhWI86Hjf7CV9N6bfVu93MxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/nyvDxVZNQ0OBy3i6R61Yvk096qg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.95.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:2a:4b:68:8e:e4:a3:3e:5e:6a:c8:1f:ce:c5:f2:db:fc:7b:
         d2:80:52:a7:a2:44:57:de:85:13:5d:b5:9f:91:15:82:a3:bf:
         1d:b2:a4:57:d3:99:74:90:c2:d7:ec:14:b7:60:08:97:5d:8f:
         61:46:4d:e1:f1:56:4e:7d:48:b0:2d:8b:77:6f:1a:a7:c4:15:
         4a:9c:ef:d9:79:36:c4:85:e8:74:ca:72:bc:e2:bf:c0:76:ea:
         74:7b:96:67:48:69:06:42:ab:2c:20:d6:49:ab:fb:b3:d5:fb:
         25:52:40:88:78:db:67:a0:5d:74:d7:fd:9d:69:53:e0:ce:5a:
         77:19:af:30:01:e2:40:2f:de:21:5f:3a:aa:da:b2:81:54:7b:
         b3:ff:4d:1c:f2:65:55:bd:28:fd:53:b1:4d:f6:41:77:7a:33:
         35:fe:66:d8:e4:be:6a:36:e0:fc:39:be:6b:a9:c3:79:a4:17:
         7f:d2:4e:ec:8b:21:32:9e:9c:2b:03:20:0e:41:4f:b0:44:2c:
         c2:0e:fa:6a:d5:ed:0c:07:0a:6b:80:78:41:19:d8:aa:7a:ab:
         c3:a5:14:ce:ac:42:54:a5:85:4e:eb:1e:e5:ad:cc:d8:1b:41:
         da:1c:c9:a8:05:f2:67:5e:29:82:a1:7f:82:64:ba:5a:05:86:
         1d:a3:ba:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJVEAL0c7lStJYPMuP6QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmJjM2M1NTY0ZDQzNDM4MWNiNzhiYTQ3YWQ1OGJlNGQz
ZGVhYTgwHhcNMjMwMTAxMDIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmMwZWU4NTYyM2NlODc4ZGZlYzI1N2QzN2E2ZGY1NmVmNzczMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfcYq10fj7Fx4Yu8w5EzmK/QwH1O
DT9jdrxJDC7ZtbiI06oSeg6nkc1///zt/1zWiRb+1lHkr7Tg1Jn4iontjfSqISPu
NbOL8mIAN5rxMD4YU+kG0adEjvuSga8IpcWk9ehOGqp2opGUvbY+REEtIq8E/wy5
yA8guKhxNJXIfE/vISKJvn+Qr5PmPZ+KJrfzRvu4x+tNhumvwb2lc8LHizSevalm
A11o6jG2ZgSbzfX6ldEwjl5+GG7A+GvuOtTo09L3GxqPnTDHXbact+d+sqSbqXOH
pgS/7B7/E2MVjlK9ZWmUwzSIUUE8pqvIqn938PbcW0z/mui5IPrGusrcLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALA7oViPOh43+wlfTem31bvdzMVMB8GA1UdIwQY
MBaAFJ8rw8VWTUNDgct4uketWL5NPeqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnl2RHhWWk5RME9CeTNpNlI2MVl2azA5NnFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zNmJiNmQtZmM3My00NDQ5LWE1Mjct
NTU0MjYzODE5NTNjLzEvQXNEdWhXSTg2SGpmN0NWOU42YmZWdTkzTXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zNmJiNmQtZmM3My00NDQ5LWE1MjctNTU0MjYzODE5NTNj
LzEvbnl2RHhWWk5RME9CeTNpNlI2MVl2azA5NnFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTV8QMA0G
CSqGSIb3DQEBCwUAA4IBAQAtKktojuSjPl5qyB/OxfLb/HvSgFKnokRX3oUTXbWf
kRWCo78dsqRX05l0kMLX7BS3YAiXXY9hRk3h8VZOfUiwLYt3bxqnxBVKnO/ZeTbE
heh0ynK84r/Adup0e5ZnSGkGQqssINZJq/uz1fslUkCIeNtnoF101/2daVPgzlp3
Ga8wAeJAL94hXzqq2rKBVHuz/00c8mVVvSj9U7FN9kF3ejM1/mbY5L5qNuD8Ob5r
qcN5pBd/0k7siyEynpwrAyAOQU+wRCzCDvpq1e0MBwprgHhBGdiqeqvDpRTOrEJU
pYVO6x7lrczYG0HaHMmoBfJnXimCoX+CZLpaBYYdo7ot
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:23 2024 by rpki-client on console-fra.rpki-client.org