Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/7ca3de-92c8-49fb-acae-9f1a5dbb41d6/1/4KJKThnM0rDbBIzFTWZ4NUFisvg.roa
File:                     4KJKThnM0rDbBIzFTWZ4NUFisvg.roa (raw, json)
Hash identifier:          iDLeUaQ2SELCULOHnOyrtmR6CT77Y4IMefaAp0xW3TU=
Subject key identifier:   E0:A2:4A:4E:19:CC:D2:B0:DB:04:8C:C5:4D:66:78:35:41:62:B2:F8
Certificate issuer:       /CN=02d6e8273f9051ac31cb95792cb51400dab714aa
Certificate serial:       01856BAEBAC3CE15D5FA4E94EFD40A83C72D
Authority key identifier: 02:D6:E8:27:3F:90:51:AC:31:CB:95:79:2C:B5:14:00:DA:B7:14:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AtboJz-QUawxy5V5LLUUANq3FKo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/7ca3de-92c8-49fb-acae-9f1a5dbb41d6/1/4KJKThnM0rDbBIzFTWZ4NUFisvg.roa
Signing time:             Sun 01 Jan 2023 04:54:51 +0000
ROA not before:           Sun 01 Jan 2023 04:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50656
IP address blocks:        77.73.169.0/24 maxlen: 24
                          77.73.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ae:ba:c3:ce:15:d5:fa:4e:94:ef:d4:0a:83:c7:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02d6e8273f9051ac31cb95792cb51400dab714aa
        Validity
            Not Before: Jan  1 04:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0a24a4e19ccd2b0db048cc54d6678354162b2f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:7e:28:69:3e:b9:f6:a4:c1:67:b9:9d:01:ab:
                    c6:79:b5:55:fe:00:4c:a3:85:97:49:21:79:94:1f:
                    c4:b4:3d:be:d9:3c:21:67:83:16:43:dd:e1:62:34:
                    cd:46:93:7d:86:f9:4d:c8:0f:e5:5e:c2:47:65:d9:
                    6b:9d:b5:af:41:10:16:32:5d:86:cd:6f:d1:63:6a:
                    92:18:4f:fe:a0:15:da:ae:24:66:6a:25:f4:3f:4c:
                    bf:5d:35:28:78:a1:49:2b:1e:50:87:1c:63:db:f5:
                    bd:5b:ac:52:04:94:31:78:9c:35:3b:cb:57:dc:6c:
                    1b:ae:0e:a6:2c:46:92:ae:2f:e9:6f:e9:f2:28:68:
                    bc:fb:e4:d0:cd:19:85:f5:68:49:ec:e1:4d:b9:0e:
                    70:8a:72:73:8c:e6:05:e0:3c:ee:51:7a:46:62:82:
                    2e:a5:f8:90:2b:c1:a7:1f:b2:fd:82:32:c1:54:88:
                    da:ca:2c:2d:88:84:dc:7b:84:a2:6c:40:6d:47:9e:
                    b4:50:91:bc:5c:20:ae:79:14:3e:05:f0:49:93:ec:
                    80:8a:6e:6f:96:f7:74:27:e4:7c:09:17:d7:fd:f6:
                    b5:0b:cb:f4:a4:6d:12:e3:11:7b:b2:53:6e:1e:7a:
                    8e:e6:e8:af:8d:9b:d4:04:51:64:8a:c5:a0:a5:3f:
                    13:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:A2:4A:4E:19:CC:D2:B0:DB:04:8C:C5:4D:66:78:35:41:62:B2:F8
            X509v3 Authority Key Identifier:
                keyid:02:D6:E8:27:3F:90:51:AC:31:CB:95:79:2C:B5:14:00:DA:B7:14:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AtboJz-QUawxy5V5LLUUANq3FKo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/7ca3de-92c8-49fb-acae-9f1a5dbb41d6/1/4KJKThnM0rDbBIzFTWZ4NUFisvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/7ca3de-92c8-49fb-acae-9f1a5dbb41d6/1/AtboJz-QUawxy5V5LLUUANq3FKo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.73.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:e1:5a:9a:b7:df:2a:86:fb:cd:3d:27:ea:54:f4:73:7e:c5:
         b4:f1:46:92:5e:8b:ce:bc:77:68:7d:ca:1f:8d:9b:70:43:5b:
         f7:30:4d:26:44:6f:60:39:1e:22:45:b5:a3:eb:f4:2a:3e:22:
         7c:87:82:4b:27:66:c6:9f:1f:31:94:cd:2b:b7:a5:ac:a0:0c:
         c7:c4:9e:e2:43:1a:f1:f6:93:3e:5d:ea:4b:4c:23:f2:74:9b:
         62:ea:d0:12:5d:68:51:19:85:19:b9:0d:39:54:d1:03:8e:cc:
         ff:d0:d3:ad:a5:71:2b:26:aa:33:c8:e1:bf:b2:69:ce:8b:ae:
         85:eb:64:21:b1:aa:63:25:6b:70:d3:86:ea:c7:7e:0f:25:44:
         5a:91:c7:32:3e:b7:87:0c:ed:20:eb:35:60:84:8b:e4:96:79:
         22:0b:2b:90:62:18:d7:95:bb:8f:0f:8d:51:5f:e4:c3:4e:0a:
         e0:16:0e:56:b5:44:e2:da:3d:2b:72:cd:e3:20:80:a1:ac:ed:
         ae:65:6c:46:6a:b8:2f:7e:5e:93:8f:ee:89:1a:c0:1a:11:67:
         93:0f:b6:da:4d:6b:34:35:6f:8e:1f:1c:ce:88:b3:7b:c0:69:
         89:de:54:76:66:f7:83:63:83:39:13:44:28:d8:88:2e:6c:ac:
         09:26:8d:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrrrrDzhXV+k6U79QKg8ctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZDZlODI3M2Y5MDUxYWMzMWNiOTU3OTJjYjUxNDAwZGFi
NzE0YWEwHhcNMjMwMTAxMDQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGEyNGE0ZTE5Y2NkMmIwZGIwNDhjYzU0ZDY2NzgzNTQxNjJiMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH4oaT659qTBZ7mdAavGebVV/gBM
o4WXSSF5lB/EtD2+2TwhZ4MWQ93hYjTNRpN9hvlNyA/lXsJHZdlrnbWvQRAWMl2G
zW/RY2qSGE/+oBXariRmaiX0P0y/XTUoeKFJKx5Qhxxj2/W9W6xSBJQxeJw1O8tX
3Gwbrg6mLEaSri/pb+nyKGi8++TQzRmF9WhJ7OFNuQ5winJzjOYF4DzuUXpGYoIu
pfiQK8GnH7L9gjLBVIjayiwtiITce4SibEBtR560UJG8XCCueRQ+BfBJk+yAim5v
lvd0J+R8CRfX/fa1C8v0pG0S4xF7slNuHnqO5uivjZvUBFFkisWgpT8TyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCiSk4ZzNKw2wSMxU1meDVBYrL4MB8GA1UdIwQY
MBaAFALW6Cc/kFGsMcuVeSy1FADatxSqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXRib0p6LVFVYXd4eTVWNUxMVVVBTnEzRktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83Y2EzZGUtOTJjOC00OWZiLWFjYWUt
OWYxYTVkYmI0MWQ2LzEvNEtKS1Robk0wckRiQkl6RlRXWjROVUZpc3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83Y2EzZGUtOTJjOC00OWZiLWFjYWUtOWYxYTVkYmI0MWQ2
LzEvQXRib0p6LVFVYXd4eTVWNUxMVVVBTnEzRktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTUmoMA0G
CSqGSIb3DQEBCwUAA4IBAQB04Vqat98qhvvNPSfqVPRzfsW08UaSXovOvHdofcof
jZtwQ1v3ME0mRG9gOR4iRbWj6/QqPiJ8h4JLJ2bGnx8xlM0rt6WsoAzHxJ7iQxrx
9pM+XepLTCPydJti6tASXWhRGYUZuQ05VNEDjsz/0NOtpXErJqozyOG/smnOi66F
62QhsapjJWtw04bqx34PJURakccyPreHDO0g6zVghIvklnkiCyuQYhjXlbuPD41R
X+TDTgrgFg5WtUTi2j0rcs3jIIChrO2uZWxGargvfl6Tj+6JGsAaEWeTD7baTWs0
NW+OHxzOiLN7wGmJ3lR2ZveDY4M5E0Qo2IgubKwJJo3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:37 2024 by rpki-client on console-fra.rpki-client.org