Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/SjMK9cZwdzWMQh4f2D-z503WXf8.roa
File:                     SjMK9cZwdzWMQh4f2D-z503WXf8.roa (raw, json)
Hash identifier:          YlwoxwvVN8FMnd1A7iIivXNCBo1i8P6Nlpb10wC59is=
Subject key identifier:   4A:33:0A:F5:C6:70:77:35:8C:42:1E:1F:D8:3F:B3:E7:4D:D6:5D:FF
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018E2CB0D614E908D0EDF0F29D9B59DFB544
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/SjMK9cZwdzWMQh4f2D-z503WXf8.roa
Signing time:             Mon 11 Mar 2024 08:46:10 +0000
ROA not before:           Mon 11 Mar 2024 08:46:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215540
IP address blocks:        77.83.245.0/24 maxlen: 24
                          185.58.114.0/24 maxlen: 24
                          185.73.183.0/24 maxlen: 24
                          185.75.132.0/24 maxlen: 24
                          185.75.135.0/24 maxlen: 24
                          185.76.240.0/24 maxlen: 24
                          185.76.241.0/24 maxlen: 24
                          185.76.242.0/24 maxlen: 24
                          185.76.243.0/24 maxlen: 24
                          185.77.138.0/24 maxlen: 24
                          185.77.139.0/24 maxlen: 24
                          185.95.228.0/24 maxlen: 24
                          185.95.230.0/24 maxlen: 24
                          185.97.79.0/24 maxlen: 24
                          185.100.159.0/24 maxlen: 24
                          185.104.148.0/24 maxlen: 24
                          185.105.47.0/24 maxlen: 24
                          185.111.25.0/24 maxlen: 24
                          185.112.59.0/24 maxlen: 24
                          185.168.208.0/24 maxlen: 24
                          185.177.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 11:11:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2c:b0:d6:14:e9:08:d0:ed:f0:f2:9d:9b:59:df:b5:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Mar 11 08:46:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4a330af5c67077358c421e1fd83fb3e74dd65dff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:43:5c:c8:29:a1:a2:57:47:35:6e:e7:a1:6c:
                    90:44:aa:e8:c7:b3:6e:17:42:c5:41:12:26:99:29:
                    78:df:97:45:aa:1a:10:32:a7:88:c9:48:3f:81:0c:
                    4c:31:0d:f4:3a:72:d7:c1:28:e4:0b:4f:be:66:cb:
                    f1:46:e9:c8:da:36:fd:19:9f:4c:12:2f:40:19:50:
                    02:6f:04:8f:86:b2:cd:ae:fc:21:d2:90:88:9b:48:
                    1f:1b:73:ce:30:1c:a9:2e:03:a8:3c:38:a7:b8:06:
                    56:b6:b2:2c:cd:bf:08:53:97:d1:0d:25:9f:a1:c6:
                    6d:a5:e2:85:6f:2f:02:df:d7:fe:47:5c:fa:36:5a:
                    e8:40:19:00:d2:b1:73:d1:02:8b:cd:4b:78:58:38:
                    d0:5d:d7:bd:56:cc:61:7f:76:72:2d:e6:f3:f3:2d:
                    4b:90:40:54:79:33:3a:36:01:f9:6d:d7:a7:9e:34:
                    a7:8c:86:93:60:77:56:dc:e7:2b:97:8e:89:d0:2c:
                    37:a4:d3:4d:56:79:83:6d:19:2a:82:4a:ed:1b:47:
                    34:c9:7e:30:e9:ba:89:52:a3:89:eb:d4:39:46:25:
                    98:84:bd:20:51:a3:18:af:b7:b1:80:42:1a:82:9a:
                    cb:13:76:c9:f0:a6:13:0e:2c:15:4c:56:60:66:99:
                    1b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:33:0A:F5:C6:70:77:35:8C:42:1E:1F:D8:3F:B3:E7:4D:D6:5D:FF
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/SjMK9cZwdzWMQh4f2D-z503WXf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.245.0/24
                  185.58.114.0/24
                  185.73.183.0/24
                  185.75.132.0/24
                  185.75.135.0/24
                  185.76.240.0/22
                  185.77.138.0/23
                  185.95.228.0/24
                  185.95.230.0/24
                  185.97.79.0/24
                  185.100.159.0/24
                  185.104.148.0/24
                  185.105.47.0/24
                  185.111.25.0/24
                  185.112.59.0/24
                  185.168.208.0/24
                  185.177.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:a5:2b:05:56:78:8c:1c:75:84:7d:b7:b8:2c:29:52:72:5e:
         95:a0:85:09:56:21:1d:79:0c:db:72:b3:d7:2f:7a:7e:a8:0e:
         72:74:3f:f0:4a:7e:8f:b3:1a:2a:11:3f:35:55:73:06:f9:67:
         a2:41:1f:61:be:fc:73:64:59:7a:7d:8e:f4:86:65:1e:24:0d:
         f9:80:32:af:2a:83:73:6f:11:4c:4c:03:7f:e9:e4:2a:fb:f6:
         4e:3c:c6:a3:ac:de:4f:9d:a2:bd:67:7b:d3:1e:2f:80:84:20:
         23:22:1f:2d:54:48:b8:9e:5c:ea:55:c5:e2:b7:2b:fb:80:f8:
         31:ea:bf:3b:89:36:c0:b5:54:69:5e:e7:b0:35:a4:29:a3:3b:
         15:b9:fc:b0:f8:b5:c0:55:1c:40:6b:c5:bc:98:40:2b:1c:4c:
         3b:d3:3a:92:3d:65:84:56:20:85:24:3f:3f:11:b4:2a:57:df:
         b7:ed:de:0d:29:ed:f4:de:76:e6:90:7d:68:bc:61:52:c5:5b:
         b6:cd:b3:3b:81:3f:60:94:10:5c:24:91:29:66:d7:2d:10:11:
         55:6f:57:89:3f:68:23:ff:52:dd:99:47:f0:f3:45:ca:bc:be:
         d0:f7:e6:cd:a4:7d:44:a1:84:44:70:3f:2e:ba:7e:ec:53:8d:
         1b:31:f6:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY4ssNYU6QjQ7fDynZtZ37VEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMzExMDg0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTMzMGFmNWM2NzA3NzM1OGM0MjFlMWZkODNmYjNlNzRkZDY1ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUNcyCmholdHNW7noWyQRKrox7Nu
F0LFQRImmSl435dFqhoQMqeIyUg/gQxMMQ30OnLXwSjkC0++ZsvxRunI2jb9GZ9M
Ei9AGVACbwSPhrLNrvwh0pCIm0gfG3POMBypLgOoPDinuAZWtrIszb8IU5fRDSWf
ocZtpeKFby8C39f+R1z6NlroQBkA0rFz0QKLzUt4WDjQXde9Vsxhf3ZyLebz8y1L
kEBUeTM6NgH5bdennjSnjIaTYHdW3Ocrl46J0Cw3pNNNVnmDbRkqgkrtG0c0yX4w
6bqJUqOJ69Q5RiWYhL0gUaMYr7exgEIagprLE3bJ8KYTDiwVTFZgZpkbJQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEozCvXGcHc1jEIeH9g/s+dN1l3/MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvU2pNSzljWndkeldNUWg0ZjJELXo1MDNXWGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQATVP1AwQA
uTpyAwQAuUm3AwQAuUuEAwQAuUuHAwQCuUzwAwQBuU2KAwQAuV/kAwQAuV/mAwQA
uWFPAwQAuWSfAwQAuWiUAwQAuWkvAwQAuW8ZAwQAuXA7AwQAuajQAwQAubHuMA0G
CSqGSIb3DQEBCwUAA4IBAQAepSsFVniMHHWEfbe4LClScl6VoIUJViEdeQzbcrPX
L3p+qA5ydD/wSn6PsxoqET81VXMG+WeiQR9hvvxzZFl6fY70hmUeJA35gDKvKoNz
bxFMTAN/6eQq+/ZOPMajrN5PnaK9Z3vTHi+AhCAjIh8tVEi4nlzqVcXityv7gPgx
6r87iTbAtVRpXuewNaQpozsVufyw+LXAVRxAa8W8mEArHEw70zqSPWWEViCFJD8/
EbQqV9+37d4NKe303nbmkH1ovGFSxVu2zbM7gT9glBBcJJEpZtctEBFVb1eJP2gj
/1LdmUfw80XKvL7Q9+bNpH1EoYREcD8uun7sU40bMfaO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org