Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/d6d625-dda2-4f2f-b8cf-92c7d46ddb89/1/wJ5OBWObhNH8dMX2cGnQr-XbUtE.roa
File:                     wJ5OBWObhNH8dMX2cGnQr-XbUtE.roa (raw, json)
Hash identifier:          pHB1fBeAfbc3tvng+gGLHk0tn6qZB5/6mYfbXLe1JqQ=
Subject key identifier:   C0:9E:4E:05:63:9B:84:D1:FC:74:C5:F6:70:69:D0:AF:E5:DB:52:D1
Certificate issuer:       /CN=74a47e3a67160ae4662e0ebcced7a9233ce47abf
Certificate serial:       01856B9333543EC96168E5205AFB2C03FC9A
Authority key identifier: 74:A4:7E:3A:67:16:0A:E4:66:2E:0E:BC:CE:D7:A9:23:3C:E4:7A:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dKR-OmcWCuRmLg68ztepIzzker8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/d6d625-dda2-4f2f-b8cf-92c7d46ddb89/1/wJ5OBWObhNH8dMX2cGnQr-XbUtE.roa
Signing time:             Sun 01 Jan 2023 04:24:47 +0000
ROA not before:           Sun 01 Jan 2023 04:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44945
IP address blocks:        78.108.16.0/20 maxlen: 20
                          185.43.172.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:33:54:3e:c9:61:68:e5:20:5a:fb:2c:03:fc:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74a47e3a67160ae4662e0ebcced7a9233ce47abf
        Validity
            Not Before: Jan  1 04:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c09e4e05639b84d1fc74c5f67069d0afe5db52d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7d:57:f8:fc:a9:95:d1:a2:52:94:ba:80:38:
                    f9:8b:9a:c6:5e:99:1f:b9:a5:6d:bf:e5:bc:77:ac:
                    b6:c2:c5:51:e8:27:7f:f3:5d:97:88:7e:f3:9d:7a:
                    76:47:07:ce:da:d2:b3:06:0a:10:8e:ba:7c:c8:03:
                    03:83:e3:6b:07:ec:5e:a0:72:4d:a3:a7:8a:8e:2b:
                    8f:3b:57:17:ed:61:4e:26:91:9e:6e:66:82:d6:4c:
                    6e:ea:00:38:a1:e8:b9:24:9c:99:14:9d:2e:8a:66:
                    ce:e8:9d:83:a3:f9:a0:7a:d8:be:b0:b0:fa:09:85:
                    77:21:6d:8d:b8:68:bb:d9:9c:46:cf:85:6a:60:81:
                    c9:be:05:0c:96:01:b9:83:d8:0c:36:0e:5b:22:a2:
                    7e:64:42:6e:4b:d3:84:fb:9f:6c:67:09:c0:cd:a8:
                    43:99:02:b9:dc:ec:7a:fc:2e:dc:cb:2b:f7:5c:b0:
                    37:d8:ec:9f:ee:72:0c:d6:30:52:bb:22:5f:bf:a5:
                    57:a4:5c:c0:3a:59:0f:9c:f6:2d:50:a3:84:c0:aa:
                    5c:f2:fc:c4:13:18:fc:29:f7:cf:5f:88:35:c7:51:
                    ff:03:5f:3d:47:e5:7e:3b:88:42:c7:b5:66:b7:d7:
                    1a:57:1d:1b:15:05:08:3d:5a:f2:ef:cc:cb:c7:31:
                    c4:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:9E:4E:05:63:9B:84:D1:FC:74:C5:F6:70:69:D0:AF:E5:DB:52:D1
            X509v3 Authority Key Identifier:
                keyid:74:A4:7E:3A:67:16:0A:E4:66:2E:0E:BC:CE:D7:A9:23:3C:E4:7A:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKR-OmcWCuRmLg68ztepIzzker8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/d6d625-dda2-4f2f-b8cf-92c7d46ddb89/1/wJ5OBWObhNH8dMX2cGnQr-XbUtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/d6d625-dda2-4f2f-b8cf-92c7d46ddb89/1/dKR-OmcWCuRmLg68ztepIzzker8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.108.16.0/20
                  185.43.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:36:18:06:30:00:b8:b0:8f:84:40:11:2b:7d:53:66:c2:e0:
         da:71:11:4f:74:7d:2a:85:ab:a5:b9:3e:8d:4e:a9:ac:33:82:
         6c:1a:3e:a6:f4:f6:41:53:01:19:1b:85:16:d0:58:4b:b8:89:
         f3:8a:f5:2a:6c:3b:68:09:4e:47:e5:ac:9c:64:9a:bc:51:ac:
         70:ad:2f:d8:8e:fe:2d:d0:e6:37:00:7f:ed:74:7b:4e:39:7e:
         9a:c5:d1:7c:b9:9b:66:54:09:49:8a:f9:7c:6b:38:48:f1:0e:
         58:e7:15:fb:eb:3a:a6:06:23:61:6c:5c:66:cb:65:ad:42:b4:
         40:b3:94:93:d4:ed:15:6d:aa:75:2d:63:84:3f:ff:e3:a7:d2:
         a0:70:ad:30:8f:23:e3:60:c1:c5:b1:99:f3:86:bc:bb:44:07:
         e8:bd:3e:70:9a:54:94:5e:65:b3:19:29:d8:82:2d:3a:22:77:
         96:f9:23:b6:51:60:ff:35:d0:e8:c8:ad:56:87:11:09:54:44:
         aa:6f:10:f9:7d:34:c5:73:2b:cf:bd:e9:ad:a0:e4:7c:85:36:
         89:0d:dc:43:23:9c:9f:3b:7d:9f:66:de:8e:62:a0:de:a6:0a:
         f8:41:3e:73:9d:c6:88:b2:2e:ed:a8:28:48:e3:5a:d1:0c:28:
         5a:6b:52:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrkzNUPslhaOUgWvssA/yaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTQ3ZTNhNjcxNjBhZTQ2NjJlMGViY2NlZDdhOTIzM2Nl
NDdhYmYwHhcNMjMwMTAxMDQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDllNGUwNTYzOWI4NGQxZmM3NGM1ZjY3MDY5ZDBhZmU1ZGI1MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH1X+PypldGiUpS6gDj5i5rGXpkf
uaVtv+W8d6y2wsVR6Cd/812XiH7znXp2RwfO2tKzBgoQjrp8yAMDg+NrB+xeoHJN
o6eKjiuPO1cX7WFOJpGebmaC1kxu6gA4oei5JJyZFJ0uimbO6J2Do/mgeti+sLD6
CYV3IW2NuGi72ZxGz4VqYIHJvgUMlgG5g9gMNg5bIqJ+ZEJuS9OE+59sZwnAzahD
mQK53Ox6/C7cyyv3XLA32Oyf7nIM1jBSuyJfv6VXpFzAOlkPnPYtUKOEwKpc8vzE
Exj8KffPX4g1x1H/A189R+V+O4hCx7Vmt9caVx0bFQUIPVry78zLxzHEawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMCeTgVjm4TR/HTF9nBp0K/l21LRMB8GA1UdIwQY
MBaAFHSkfjpnFgrkZi4OvM7XqSM85Hq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtSLU9tY1dDdVJtTGc2OHp0ZXBJenprZXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9kNmQ2MjUtZGRhMi00ZjJmLWI4Y2Yt
OTJjN2Q0NmRkYjg5LzEvd0o1T0JXT2JoTkg4ZE1YMmNHblFyLVhiVXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9kNmQ2MjUtZGRhMi00ZjJmLWI4Y2YtOTJjN2Q0NmRkYjg5
LzEvZEtSLU9tY1dDdVJtTGc2OHp0ZXBJenprZXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETmwQAwQC
uSusMA0GCSqGSIb3DQEBCwUAA4IBAQBPNhgGMAC4sI+EQBErfVNmwuDacRFPdH0q
hauluT6NTqmsM4JsGj6m9PZBUwEZG4UW0FhLuInzivUqbDtoCU5H5aycZJq8Uaxw
rS/Yjv4t0OY3AH/tdHtOOX6axdF8uZtmVAlJivl8azhI8Q5Y5xX76zqmBiNhbFxm
y2WtQrRAs5ST1O0Vbap1LWOEP//jp9KgcK0wjyPjYMHFsZnzhry7RAfovT5wmlSU
XmWzGSnYgi06IneW+SO2UWD/NdDoyK1WhxEJVESqbxD5fTTFcyvPvemtoOR8hTaJ
DdxDI5yfO32fZt6OYqDepgr4QT5zncaIsi7tqChI41rRDChaa1Kl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:40 2024 by rpki-client on console-ams.rpki-client.org