Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/j3BHx9hFLrxwd9ZaENVErgVH8QA.roa
File:                     j3BHx9hFLrxwd9ZaENVErgVH8QA.roa (raw, json)
Hash identifier:          zu7QYfdusXa4igZVydOsxE+enU1qvxrCHkkV/RjJVL4=
Subject key identifier:   8F:70:47:C7:D8:45:2E:BC:70:77:D6:5A:10:D5:44:AE:05:47:F1:00
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0186A86C630692C70C1AD4DDAA6ADAD9040F
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/j3BHx9hFLrxwd9ZaENVErgVH8QA.roa
Signing time:             Fri 03 Mar 2023 17:02:00 +0000
ROA not before:           Fri 03 Mar 2023 17:02:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202723
IP address blocks:        185.177.237.0/24 maxlen: 24
                          185.105.47.0/24 maxlen: 24
                          185.79.138.0/24 maxlen: 24
                          185.77.138.0/24 maxlen: 24
                          185.77.139.0/24 maxlen: 24
                          185.75.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Apr 2023 15:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a8:6c:63:06:92:c7:0c:1a:d4:dd:aa:6a:da:d9:04:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Mar  3 17:02:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f7047c7d8452ebc7077d65a10d544ae0547f100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c4:0e:9d:d7:f3:50:68:0f:49:21:ea:b5:18:
                    66:d1:d6:b1:aa:a0:6a:94:b6:e1:63:6c:3b:f4:c1:
                    46:5e:e8:34:ae:b5:d3:b0:f3:b0:45:3e:84:2d:32:
                    e3:ff:b8:65:0c:55:46:f3:b9:ee:05:32:37:03:ef:
                    47:9c:fb:d6:23:5f:9d:9c:ef:85:19:d1:f8:a9:c9:
                    16:b4:1b:7f:9a:70:92:d0:59:df:32:d1:d6:6f:94:
                    c6:a9:d0:a0:31:13:7a:75:4e:6d:b9:f8:3f:92:27:
                    74:9c:0a:6f:9f:8a:c4:84:00:6a:1f:c3:1b:0c:e8:
                    d1:d9:dc:80:ed:23:57:5e:68:73:d4:f3:15:88:56:
                    62:e0:14:e7:d4:48:b7:c4:37:d3:db:55:46:0a:e5:
                    d3:2e:e5:f1:c2:27:4d:9f:9d:c3:96:2e:3f:f6:ec:
                    16:d4:5d:93:d0:70:36:6d:fe:1c:9e:17:72:4d:41:
                    70:d1:d4:99:44:16:94:68:9d:9e:d0:86:f6:b7:f8:
                    11:ee:43:b3:a3:08:a5:e7:61:13:1f:cf:c6:f8:31:
                    c2:96:e6:f4:51:fe:ab:9c:70:32:40:e7:c0:bd:22:
                    ec:ee:f7:e5:f0:b7:e7:94:74:a8:c4:ae:04:e7:4b:
                    ca:47:a5:b8:a4:43:61:da:ef:dd:ab:65:3a:38:d4:
                    db:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:70:47:C7:D8:45:2E:BC:70:77:D6:5A:10:D5:44:AE:05:47:F1:00
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/j3BHx9hFLrxwd9ZaENVErgVH8QA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.134.0/24
                  185.77.138.0/23
                  185.79.138.0/24
                  185.105.47.0/24
                  185.177.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:86:43:ed:ee:fb:59:54:7c:03:d9:98:6c:f1:75:8c:80:67:
         b3:f4:24:f9:e7:11:1f:a1:0b:1a:c3:09:98:90:de:b7:aa:b5:
         d1:f8:64:bd:e9:8f:d4:53:77:98:a5:25:cc:bc:ae:68:14:a8:
         64:42:d2:e3:32:16:f5:40:07:8f:0c:87:5f:b4:a4:87:52:8c:
         06:4f:3e:89:59:a1:3d:a4:3f:74:30:35:70:38:d2:48:db:20:
         b0:71:b3:cf:87:51:97:e3:d5:37:00:04:18:a4:8f:e7:35:11:
         78:7b:11:f0:64:3e:12:ff:8f:09:76:79:db:95:9a:8a:de:31:
         49:66:4c:ea:b9:db:7e:ef:84:7d:e4:6f:48:64:8d:77:ab:27:
         db:52:ce:70:5f:c3:25:6e:db:1d:b7:0e:52:cc:85:24:c2:c4:
         8a:14:e2:97:df:c2:27:84:c6:9b:09:1f:61:33:9e:be:2a:55:
         67:86:08:dc:9d:a0:82:f7:02:78:df:54:05:5b:8e:d4:59:28:
         ba:e5:14:03:5f:79:ea:71:0e:8d:c2:e2:12:75:b8:29:24:71:
         2a:10:22:d2:5f:e8:ed:9f:b3:1a:0d:03:c4:25:ba:50:98:94:
         87:0e:a8:0a:7e:53:1f:af:aa:38:5c:23:63:07:11:a0:ef:d0:
         b7:a0:b6:ba
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYaobGMGkscMGtTdqmra2QQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMzAzMTcwMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjcwNDdjN2Q4NDUyZWJjNzA3N2Q2NWExMGQ1NDRhZTA1NDdmMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8QOndfzUGgPSSHqtRhm0daxqqBq
lLbhY2w79MFGXug0rrXTsPOwRT6ELTLj/7hlDFVG87nuBTI3A+9HnPvWI1+dnO+F
GdH4qckWtBt/mnCS0FnfMtHWb5TGqdCgMRN6dU5tufg/kid0nApvn4rEhABqH8Mb
DOjR2dyA7SNXXmhz1PMViFZi4BTn1Ei3xDfT21VGCuXTLuXxwidNn53Dli4/9uwW
1F2T0HA2bf4cnhdyTUFw0dSZRBaUaJ2e0Ib2t/gR7kOzowil52ETH8/G+DHClub0
Uf6rnHAyQOfAvSLs7vfl8LfnlHSoxK4E50vKR6W4pENh2u/dq2U6ONTbcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI9wR8fYRS68cHfWWhDVRK4FR/EAMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvajNCSHg5aEZMcnh3ZDlaYUVOVkVyZ1ZIOFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUuGAwQB
uU2KAwQAuU+KAwQAuWkvAwQAubHtMA0GCSqGSIb3DQEBCwUAA4IBAQClhkPt7vtZ
VHwD2Zhs8XWMgGez9CT55xEfoQsawwmYkN63qrXR+GS96Y/UU3eYpSXMvK5oFKhk
QtLjMhb1QAePDIdftKSHUowGTz6JWaE9pD90MDVwONJI2yCwcbPPh1GX49U3AAQY
pI/nNRF4exHwZD4S/48JdnnblZqK3jFJZkzqudt+74R95G9IZI13qyfbUs5wX8Ml
btsdtw5SzIUkwsSKFOKX38InhMabCR9hM56+KlVnhgjcnaCC9wJ431QFW47UWSi6
5RQDX3nqcQ6NwuISdbgpJHEqECLSX+jtn7MaDQPEJbpQmJSHDqgKflMfr6o4XCNj
BxGg79C3oLa6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org