Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/tBzB0EynAJfFc2fQt5PHCzz4DFw.roa
File:                     tBzB0EynAJfFc2fQt5PHCzz4DFw.roa (raw, json)
Hash identifier:          P7FxGP1GYlzqEadA/+4Tvs380pzleJRBNZi4OU+0zeY=
Subject key identifier:   B4:1C:C1:D0:4C:A7:00:97:C5:73:67:D0:B7:93:C7:0B:3C:F8:0C:5C
Certificate issuer:       /CN=150183623fc16dc74cb775462c36d31016a40ac1
Certificate serial:       01856F4B8CE1AC2AC133C4490FD81484AB3C
Authority key identifier: 15:01:83:62:3F:C1:6D:C7:4C:B7:75:46:2C:36:D3:10:16:A4:0A:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FQGDYj_BbcdMt3VGLDbTEBakCsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/tBzB0EynAJfFc2fQt5PHCzz4DFw.roa
Signing time:             Sun 01 Jan 2023 21:45:00 +0000
ROA not before:           Sun 01 Jan 2023 21:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207833
IP address blocks:        158.255.77.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:8c:e1:ac:2a:c1:33:c4:49:0f:d8:14:84:ab:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=150183623fc16dc74cb775462c36d31016a40ac1
        Validity
            Not Before: Jan  1 21:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b41cc1d04ca70097c57367d0b793c70b3cf80c5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b7:56:97:1f:84:58:08:1f:84:86:94:cf:ad:
                    5c:cc:f8:03:07:b3:59:2e:d3:c3:d3:62:51:79:49:
                    7c:22:48:00:88:4a:06:29:07:be:b4:1d:09:85:ec:
                    20:56:23:6e:aa:24:5f:eb:96:da:d3:b8:b0:99:87:
                    6b:82:fb:41:27:b7:35:1c:a2:c7:d4:1b:5a:f5:bf:
                    08:ce:04:55:4a:59:31:83:72:e5:03:f3:d5:d1:83:
                    26:cb:4f:d7:ad:32:36:af:a6:bd:09:0a:83:d2:5c:
                    e9:9a:ba:52:1f:d9:0b:0e:3f:55:0a:07:a2:50:ac:
                    91:a1:31:20:5c:8f:8c:43:84:e9:27:89:e4:91:cb:
                    a2:ba:4e:1a:93:c3:f4:f3:db:7c:cb:5e:1f:ad:3f:
                    53:8b:0f:61:6d:2f:09:17:7c:c4:64:e4:e0:fa:09:
                    25:51:5b:9f:43:46:28:bd:64:24:57:c3:12:55:c7:
                    67:0a:00:25:bd:b5:7f:f1:5a:39:83:66:ea:c6:f7:
                    87:00:5f:54:ca:8e:7a:f3:ca:6e:49:8d:3b:f2:1b:
                    06:6a:94:99:5f:0a:7b:6e:50:0a:27:9a:17:b3:59:
                    23:91:6f:1c:88:37:a6:fd:c6:b7:4c:4f:de:88:e2:
                    4d:33:15:1d:77:b4:bb:d8:d7:4d:52:20:53:c1:a8:
                    6a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:1C:C1:D0:4C:A7:00:97:C5:73:67:D0:B7:93:C7:0B:3C:F8:0C:5C
            X509v3 Authority Key Identifier:
                keyid:15:01:83:62:3F:C1:6D:C7:4C:B7:75:46:2C:36:D3:10:16:A4:0A:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQGDYj_BbcdMt3VGLDbTEBakCsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/tBzB0EynAJfFc2fQt5PHCzz4DFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/FQGDYj_BbcdMt3VGLDbTEBakCsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.255.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:36:c3:7f:f7:89:d4:48:98:03:cc:db:3b:39:f8:5b:20:32:
         2b:67:b1:ef:77:7d:02:b2:0d:22:a3:1e:82:21:7e:2e:0c:a6:
         57:e6:18:24:5d:c3:4e:9c:48:49:21:ef:88:5b:27:f0:76:5d:
         08:e3:e4:81:ad:43:28:70:23:bb:a6:dc:45:37:1c:10:49:c1:
         99:31:77:fe:ee:eb:6f:c0:0a:50:5c:f7:8c:7a:d1:8a:85:c9:
         24:e1:14:38:b3:5f:aa:c0:24:7e:54:b9:17:1f:d2:53:bf:41:
         f6:54:78:57:5f:36:43:9d:fb:d4:44:82:44:0e:f2:11:23:36:
         d2:38:a6:03:0a:59:db:f5:28:43:8e:51:54:f7:0c:58:3e:52:
         eb:f0:86:a6:b0:ac:5f:a1:a1:33:0c:c9:25:98:4a:71:79:6f:
         0a:59:78:0c:3c:bf:93:e1:db:25:0c:1d:00:48:ea:92:67:c0:
         3d:e4:ae:8a:cf:63:a5:13:da:9e:ae:b4:47:bd:0b:e3:f0:2b:
         09:4a:41:38:3a:79:ae:53:39:1d:07:0f:dd:cf:1f:b7:dd:bc:
         83:cf:6b:95:4d:ca:a9:e6:43:7f:1e:99:ea:92:d2:71:79:ce:
         39:b5:1a:0b:80:8e:99:ac:ad:45:2a:7b:2f:dd:32:63:4d:48:
         31:96:ba:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4zhrCrBM8RJD9gUhKs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDE4MzYyM2ZjMTZkYzc0Y2I3NzU0NjJjMzZkMzEwMTZh
NDBhYzEwHhcNMjMwMTAxMjE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFjYzFkMDRjYTcwMDk3YzU3MzY3ZDBiNzkzYzcwYjNjZjgwYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbdWlx+EWAgfhIaUz61czPgDB7NZ
LtPD02JReUl8IkgAiEoGKQe+tB0JhewgViNuqiRf65ba07iwmYdrgvtBJ7c1HKLH
1Bta9b8IzgRVSlkxg3LlA/PV0YMmy0/XrTI2r6a9CQqD0lzpmrpSH9kLDj9VCgei
UKyRoTEgXI+MQ4TpJ4nkkcuiuk4ak8P089t8y14frT9Tiw9hbS8JF3zEZOTg+gkl
UVufQ0YovWQkV8MSVcdnCgAlvbV/8Vo5g2bqxveHAF9Uyo5688puSY078hsGapSZ
Xwp7blAKJ5oXs1kjkW8ciDem/ca3TE/eiOJNMxUdd7S72NdNUiBTwahqEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQcwdBMpwCXxXNn0LeTxws8+AxcMB8GA1UdIwQY
MBaAFBUBg2I/wW3HTLd1Riw20xAWpArBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFHRFlqX0JiY2RNdDNWR0xEYlRFQmFrQ3NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mM2ZiMjQtOWEyMC00NDllLWFmNjIt
MjhmNTIwNTJjMWRkLzEvdEJ6QjBFeW5BSmZGYzJmUXQ1UEhDeno0REZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mM2ZiMjQtOWEyMC00NDllLWFmNjItMjhmNTIwNTJjMWRk
LzEvRlFHRFlqX0JiY2RNdDNWR0xEYlRFQmFrQ3NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnv9NMA0G
CSqGSIb3DQEBCwUAA4IBAQAQNsN/94nUSJgDzNs7OfhbIDIrZ7Hvd30Csg0iox6C
IX4uDKZX5hgkXcNOnEhJIe+IWyfwdl0I4+SBrUMocCO7ptxFNxwQScGZMXf+7utv
wApQXPeMetGKhckk4RQ4s1+qwCR+VLkXH9JTv0H2VHhXXzZDnfvURIJEDvIRIzbS
OKYDClnb9ShDjlFU9wxYPlLr8IamsKxfoaEzDMklmEpxeW8KWXgMPL+T4dslDB0A
SOqSZ8A95K6Kz2OlE9qerrRHvQvj8CsJSkE4OnmuUzkdBw/dzx+33byDz2uVTcqp
5kN/HpnqktJxec45tRoLgI6ZrK1FKnsv3TJjTUgxlrrb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org