Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1pswrCjMg3l0VmMibOLEqUL_Pi0.roa
File:                     1pswrCjMg3l0VmMibOLEqUL_Pi0.roa (raw, json)
Hash identifier:          p5S5SkvGRYtqXHPmzRA8s6rcGU9C3VB09pXlg0yrZKc=
Subject key identifier:   D6:9B:30:AC:28:CC:83:79:74:56:63:22:6C:E2:C4:A9:42:FF:3E:2D
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018F1C10FF0377030F5ADAF5920629C12283
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1pswrCjMg3l0VmMibOLEqUL_Pi0.roa
Signing time:             Fri 26 Apr 2024 20:20:26 +0000
ROA not before:           Fri 26 Apr 2024 20:20:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215540
IP address blocks:        77.83.246.0/24 maxlen: 24
                          160.20.156.0/24 maxlen: 24
                          160.20.157.0/24 maxlen: 24
                          185.24.109.0/24 maxlen: 24
                          185.58.114.0/24 maxlen: 24
                          185.73.183.0/24 maxlen: 24
                          185.75.132.0/24 maxlen: 24
                          185.76.240.0/24 maxlen: 24
                          185.76.241.0/24 maxlen: 24
                          185.76.242.0/24 maxlen: 24
                          185.77.138.0/24 maxlen: 24
                          185.77.139.0/24 maxlen: 24
                          185.79.133.0/24 maxlen: 24
                          185.95.228.0/24 maxlen: 24
                          185.95.230.0/24 maxlen: 24
                          185.97.79.0/24 maxlen: 24
                          185.100.156.0/24 maxlen: 24
                          185.102.114.0/24 maxlen: 24
                          185.104.148.0/24 maxlen: 24
                          185.105.47.0/24 maxlen: 24
                          185.111.24.0/24 maxlen: 24
                          185.111.25.0/24 maxlen: 24
                          185.112.59.0/24 maxlen: 24
                          193.38.228.0/24 maxlen: 24
                          193.38.229.0/24 maxlen: 24
                          193.38.230.0/24 maxlen: 24
                          193.38.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 07:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:1c:10:ff:03:77:03:0f:5a:da:f5:92:06:29:c1:22:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Apr 26 20:20:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d69b30ac28cc8379745663226ce2c4a942ff3e2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:e4:bd:85:14:cb:e7:77:60:2a:8b:6e:94:f8:
                    39:0f:ba:d4:87:39:fc:1f:60:93:6e:f1:09:c0:8b:
                    c0:57:aa:86:e9:a9:f7:fc:04:fb:22:59:d6:19:28:
                    47:be:71:80:2a:0a:05:b9:5f:e5:e2:07:41:fb:fa:
                    47:dd:5b:c7:3f:78:ed:5c:94:14:36:d0:7a:ce:0b:
                    77:fb:42:07:57:2a:f5:8c:07:03:8b:64:23:66:0f:
                    e5:dc:bb:65:4a:4e:b3:f1:8a:18:b5:7a:58:63:91:
                    06:b3:92:8b:3c:b1:9d:85:21:fa:5d:09:c8:db:a1:
                    d0:8d:24:ac:6d:66:b7:db:fe:19:45:4b:18:b8:ca:
                    1a:50:81:1b:74:a7:44:13:e7:e1:40:6a:e0:7a:a7:
                    7e:02:0e:33:d0:c8:72:55:10:5d:c0:cc:31:32:f9:
                    1b:6c:3b:b9:f8:7c:3f:d2:a1:ab:1b:e9:87:41:a8:
                    8b:99:c8:6c:05:ae:c4:e7:42:77:97:21:c1:d1:a3:
                    f7:61:2f:b9:1e:21:fb:43:3d:73:e3:c1:7c:73:85:
                    4c:73:fd:2e:86:91:1a:92:53:89:74:a7:dc:e8:bb:
                    0d:ad:e4:9a:08:df:a9:69:ba:d8:45:a2:87:55:5b:
                    72:79:5e:ab:8e:8a:d4:48:fe:10:f7:8f:e4:bf:88:
                    82:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:9B:30:AC:28:CC:83:79:74:56:63:22:6C:E2:C4:A9:42:FF:3E:2D
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1pswrCjMg3l0VmMibOLEqUL_Pi0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.246.0/24
                  160.20.156.0/23
                  185.24.109.0/24
                  185.58.114.0/24
                  185.73.183.0/24
                  185.75.132.0/24
                  185.76.240.0-185.76.242.255
                  185.77.138.0/23
                  185.79.133.0/24
                  185.95.228.0/24
                  185.95.230.0/24
                  185.97.79.0/24
                  185.100.156.0/24
                  185.102.114.0/24
                  185.104.148.0/24
                  185.105.47.0/24
                  185.111.24.0/23
                  185.112.59.0/24
                  193.38.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:30:7d:37:cd:2f:8f:1d:2a:e8:47:7b:a9:b4:91:59:63:f8:
         14:af:a0:f7:a3:a4:f8:51:f0:38:78:51:de:f4:8f:21:c2:6d:
         81:50:8c:88:8b:78:4f:11:c1:24:b0:df:8c:48:ac:97:32:85:
         31:8a:3f:a7:23:00:ad:52:0b:a8:86:dd:27:78:96:f7:f2:b2:
         49:47:a2:c5:2b:2f:50:d4:3e:a5:3f:f7:46:67:0b:25:30:2e:
         c0:22:20:e3:be:bd:38:7c:de:72:37:98:eb:16:50:39:f5:05:
         8c:d1:ff:69:39:5b:dd:2c:f6:0a:60:ee:50:97:f4:2c:55:cb:
         01:7f:b7:ae:96:06:7f:53:0c:06:61:d2:5f:0b:f9:37:af:c1:
         e9:48:8f:67:0f:e7:b4:be:e9:8f:29:ff:ad:38:26:67:26:e4:
         f6:a4:78:f6:8a:41:ad:c1:dc:cc:e8:c9:e8:04:23:29:36:94:
         f5:9e:b7:b9:3d:39:ae:29:bd:56:48:2e:6c:b4:2d:68:af:a3:
         cd:49:68:89:16:57:c4:f6:83:ee:e8:3d:ef:64:b2:c0:3d:46:
         59:97:f2:19:6c:63:be:dc:e8:8a:13:2d:fd:86:94:ed:a2:25:
         a3:a9:ca:9e:fa:df:bb:f6:c2:ff:a2:5a:37:a7:97:6d:0d:8d:
         56:b1:d4:50
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY8cEP8DdwMPWtr1kgYpwSKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNDI2MjAyMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjliMzBhYzI4Y2M4Mzc5NzQ1NjYzMjI2Y2UyYzRhOTQyZmYzZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OS9hRTL53dgKotulPg5D7rUhzn8
H2CTbvEJwIvAV6qG6an3/AT7IlnWGShHvnGAKgoFuV/l4gdB+/pH3VvHP3jtXJQU
NtB6zgt3+0IHVyr1jAcDi2QjZg/l3LtlSk6z8YoYtXpYY5EGs5KLPLGdhSH6XQnI
26HQjSSsbWa32/4ZRUsYuMoaUIEbdKdEE+fhQGrgeqd+Ag4z0MhyVRBdwMwxMvkb
bDu5+Hw/0qGrG+mHQaiLmchsBa7E50J3lyHB0aP3YS+5HiH7Qz1z48F8c4VMc/0u
hpEaklOJdKfc6LsNreSaCN+pabrYRaKHVVtyeV6rjorUSP4Q94/kv4iCOwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNabMKwozIN5dFZjImzixKlC/z4tMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMXBzd3JDak1nM2wwVm1NaWJPTEVxVUxfUGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAE1T
9gMEAaAUnAMEALkYbQMEALk6cgMEALlJtwMEALlLhDAMAwQEuUzwAwQAuUzyAwQB
uU2KAwQAuU+FAwQAuV/kAwQAuV/mAwQAuWFPAwQAuWScAwQAuWZyAwQAuWiUAwQA
uWkvAwQBuW8YAwQAuXA7AwQCwSbkMA0GCSqGSIb3DQEBCwUAA4IBAQCFMH03zS+P
HSroR3uptJFZY/gUr6D3o6T4UfA4eFHe9I8hwm2BUIyIi3hPEcEksN+MSKyXMoUx
ij+nIwCtUguoht0neJb38rJJR6LFKy9Q1D6lP/dGZwslMC7AIiDjvr04fN5yN5jr
FlA59QWM0f9pOVvdLPYKYO5Ql/QsVcsBf7eulgZ/UwwGYdJfC/k3r8HpSI9nD+e0
vumPKf+tOCZnJuT2pHj2ikGtwdzM6MnoBCMpNpT1nre5PTmuKb1WSC5stC1or6PN
SWiJFlfE9oPu6D3vZLLAPUZZl/IZbGO+3OiKEy39hpTtoiWjqcqe+t+79sL/olo3
p5dtDY1WsdRQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org