Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/mz2KtsoRCDr6KvEGAP8wK6uYnxo.roa
File:                     mz2KtsoRCDr6KvEGAP8wK6uYnxo.roa (raw, json)
Hash identifier:          gABZl1vmrZiHQ5GiQ3endD9mFyA+njpe34yRSgflXlw=
Subject key identifier:   9B:3D:8A:B6:CA:11:08:3A:FA:2A:F1:06:00:FF:30:2B:AB:98:9F:1A
Certificate issuer:       /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial:       01856D0AEB81C496A14C131E0AEA432E755A
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/mz2KtsoRCDr6KvEGAP8wK6uYnxo.roa
Signing time:             Sun 01 Jan 2023 11:15:10 +0000
ROA not before:           Sun 01 Jan 2023 11:15:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60484
IP address blocks:        79.173.77.0/24 maxlen: 24
                          185.159.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Mar 2023 10:07:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:eb:81:c4:96:a1:4c:13:1e:0a:ea:43:2e:75:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
        Validity
            Not Before: Jan  1 11:15:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b3d8ab6ca11083afa2af10600ff302bab989f1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:36:db:d5:bf:c7:54:b0:cf:08:ec:bd:59:57:
                    96:66:97:8e:98:dc:0a:3b:3e:41:c1:71:a9:78:cd:
                    22:1e:1e:ad:6a:50:88:2e:90:bd:ca:4d:91:fb:91:
                    8c:09:e7:a5:9d:b3:2b:25:c8:8f:e3:04:4c:a2:47:
                    10:26:dc:4a:bc:7f:11:24:db:39:fc:36:a6:30:f3:
                    6b:a8:2c:ed:c0:ec:f2:42:1b:63:48:f0:ee:1e:af:
                    2c:07:d2:46:0d:d8:0d:d9:f2:06:b1:b6:ee:da:44:
                    b8:2e:d8:37:07:92:08:2d:c7:11:8e:b5:e0:57:6e:
                    51:d8:28:99:c0:2f:eb:7b:2a:49:78:14:11:84:1b:
                    f6:5a:33:a1:23:7e:64:98:a8:76:01:88:76:a7:16:
                    6a:9d:06:a6:9c:bd:ab:04:85:2d:72:7c:96:f4:75:
                    5a:20:1e:4d:f6:8a:89:24:b9:a1:26:a8:85:21:ec:
                    e0:cf:cf:b0:4e:c3:52:f1:71:c8:a4:8f:35:33:73:
                    ce:60:e3:fe:10:96:06:3b:af:f6:0e:09:98:e0:a6:
                    e5:69:af:e1:d8:78:b3:f3:ea:f0:c0:03:ae:5b:97:
                    37:1e:f7:97:12:20:7d:b9:38:d7:eb:49:b7:30:b5:
                    75:ef:e2:9b:00:c9:ae:19:48:d5:63:77:b9:37:13:
                    88:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:3D:8A:B6:CA:11:08:3A:FA:2A:F1:06:00:FF:30:2B:AB:98:9F:1A
            X509v3 Authority Key Identifier:
                keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/mz2KtsoRCDr6KvEGAP8wK6uYnxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.173.77.0/24
                  185.159.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:e3:90:f0:d7:a4:14:9a:0e:10:a5:21:e6:b6:6d:7d:f2:50:
         16:cc:c1:7f:91:11:88:6b:d9:c1:fd:f0:57:a8:f6:6c:a8:5c:
         8d:3f:bd:bc:3f:1d:c6:49:63:f6:5e:31:9e:97:bb:29:ca:59:
         97:14:78:03:90:6a:45:91:4c:4b:94:11:dc:c2:b7:21:49:29:
         b4:4d:84:03:c7:1f:af:51:e4:e8:ab:29:71:fa:0a:50:54:30:
         bf:25:14:1f:b3:e3:f6:70:5e:83:ee:b8:c1:04:9e:10:a6:6d:
         67:6d:6e:13:86:ac:81:8c:95:58:a2:55:9f:9a:83:cf:bf:b9:
         aa:7a:21:c0:de:3d:a4:86:dd:15:02:4f:c0:2a:56:4a:b7:ab:
         17:ba:2e:35:a8:ef:4d:8d:69:02:92:ac:e3:e2:96:5b:b1:75:
         eb:74:a2:ac:49:fb:92:d1:7e:49:40:94:1b:34:35:db:ef:32:
         3d:08:18:3d:c3:dd:10:33:dc:17:b7:aa:2b:b0:31:1c:d6:f7:
         a3:69:06:87:f1:0a:7d:e9:09:96:0b:2c:c1:1e:5c:f0:a2:f9:
         c3:63:66:08:bb:73:2d:e4:14:56:84:8e:58:3f:af:79:21:8c:
         92:29:10:7d:90:38:df:53:84:49:e6:f0:c8:28:00:2e:c8:96:
         9b:4e:b2:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCuuBxJahTBMeCupDLnVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjMwMTAxMTExNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNkOGFiNmNhMTEwODNhZmEyYWYxMDYwMGZmMzAyYmFiOTg5ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTbb1b/HVLDPCOy9WVeWZpeOmNwK
Oz5BwXGpeM0iHh6talCILpC9yk2R+5GMCeelnbMrJciP4wRMokcQJtxKvH8RJNs5
/DamMPNrqCztwOzyQhtjSPDuHq8sB9JGDdgN2fIGsbbu2kS4Ltg3B5IILccRjrXg
V25R2CiZwC/reypJeBQRhBv2WjOhI35kmKh2AYh2pxZqnQamnL2rBIUtcnyW9HVa
IB5N9oqJJLmhJqiFIezgz8+wTsNS8XHIpI81M3POYOP+EJYGO6/2DgmY4Kblaa/h
2Hiz8+rwwAOuW5c3HveXEiB9uTjX60m3MLV17+KbAMmuGUjVY3e5NxOIEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJs9irbKEQg6+irxBgD/MCurmJ8aMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvbXoyS3Rzb1JDRHI2S3ZFR0FQOHdLNnVZbnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT61NAwQC
uZ+sMA0GCSqGSIb3DQEBCwUAA4IBAQCK45Dw16QUmg4QpSHmtm198lAWzMF/kRGI
a9nB/fBXqPZsqFyNP728Px3GSWP2XjGel7spylmXFHgDkGpFkUxLlBHcwrchSSm0
TYQDxx+vUeToqylx+gpQVDC/JRQfs+P2cF6D7rjBBJ4Qpm1nbW4ThqyBjJVYolWf
moPPv7mqeiHA3j2kht0VAk/AKlZKt6sXui41qO9NjWkCkqzj4pZbsXXrdKKsSfuS
0X5JQJQbNDXb7zI9CBg9w90QM9wXt6orsDEc1vejaQaH8Qp96QmWCyzBHlzwovnD
Y2YIu3Mt5BRWhI5YP695IYySKRB9kDjfU4RJ5vDIKAAuyJabTrKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:56 2024 by rpki-client on console-ams.rpki-client.org