Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zMgqPeFG6GsbfA0gd61xUNpRZBs.roa
File:                     zMgqPeFG6GsbfA0gd61xUNpRZBs.roa (raw, json)
Hash identifier:          1eHwbcgayklCv2EtTatw+HiGF/MhxeqhYO/jrPHtNbY=
Subject key identifier:   CC:C8:2A:3D:E1:46:E8:6B:1B:7C:0D:20:77:AD:71:50:DA:51:64:1B
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0185A1D2CE02C408FC1803191CD1F239126E
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zMgqPeFG6GsbfA0gd61xUNpRZBs.roa
Signing time:             Wed 11 Jan 2023 17:13:45 +0000
ROA not before:           Wed 11 Jan 2023 17:13:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20853
IP address blocks:        185.58.114.0/24 maxlen: 24
                          77.83.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 05:38:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a1:d2:ce:02:c4:08:fc:18:03:19:1c:d1:f2:39:12:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan 11 17:13:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccc82a3de146e86b1b7c0d2077ad7150da51641b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9b:6b:ea:da:e0:37:74:16:95:76:92:61:4a:
                    3a:62:ca:c1:58:2d:76:1d:e9:a8:96:01:6c:6f:5c:
                    e7:a0:a1:22:6d:33:86:c7:ee:5c:77:ee:d9:9d:6c:
                    a0:e4:9c:51:59:ca:8c:84:97:08:e4:c4:55:75:c4:
                    61:8d:45:7c:ae:24:22:6a:aa:34:98:b6:35:22:f7:
                    e1:50:0e:d6:19:53:46:8f:e6:97:4e:df:41:5b:f9:
                    72:69:f2:ff:04:7a:f5:ec:07:0c:a7:80:e9:f3:a1:
                    f0:51:a9:76:91:b7:8c:c9:78:19:e4:fc:10:c2:31:
                    37:d7:c6:a9:ff:d1:a5:d7:d2:2f:e3:ed:1f:92:9f:
                    66:42:72:f4:8e:b1:6d:4f:d5:be:f1:ec:a2:31:38:
                    76:33:d6:5b:0a:d6:18:5d:4b:7e:9c:6a:8c:9e:43:
                    f3:4a:69:74:79:f1:80:e9:09:31:d7:81:6b:ee:0c:
                    c5:34:23:48:10:22:7b:f3:2c:84:83:bb:75:15:c8:
                    33:7b:73:65:3d:15:17:46:c7:16:60:cf:8b:2d:31:
                    8b:17:5b:1e:4f:53:0a:e5:9e:26:93:ea:de:c9:cd:
                    7d:0e:a5:8c:fa:92:e6:28:0e:be:0b:97:4d:c5:ce:
                    68:76:a8:6a:90:09:fd:06:ac:6d:9d:4c:12:03:c8:
                    7d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:C8:2A:3D:E1:46:E8:6B:1B:7C:0D:20:77:AD:71:50:DA:51:64:1B
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zMgqPeFG6GsbfA0gd61xUNpRZBs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.245.0/24
                  185.58.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:c0:ed:8b:21:5d:80:c1:34:8f:07:6a:8b:24:d9:ff:cf:1b:
         00:cb:1c:8f:6c:5a:26:88:15:34:3a:ce:59:3b:ed:32:83:89:
         51:2b:42:26:54:13:da:af:2f:e3:61:3a:dc:6c:5e:f5:8f:19:
         34:33:99:8d:f8:08:62:26:a7:bb:a8:90:c3:a7:14:a6:66:17:
         64:d4:67:8a:96:d7:07:19:ec:f8:5a:31:76:cf:e0:eb:cd:14:
         52:3a:59:09:ce:03:e5:da:bf:8f:b1:26:c5:ca:0f:75:b0:c2:
         7e:c8:0d:8b:fe:63:11:c2:c7:39:f0:5f:1f:6e:d4:71:cf:bb:
         70:46:07:34:86:40:00:69:16:93:45:8b:a6:99:ce:f3:3d:58:
         02:65:b7:46:c2:98:81:16:8a:64:23:8a:49:fc:79:26:7d:bd:
         92:20:8a:0c:e4:23:a1:72:59:da:89:bf:18:37:c4:e6:2c:37:
         46:11:52:3a:0a:68:07:f9:3b:cd:25:64:e4:61:de:0e:74:21:
         a0:85:3a:2e:d1:95:64:90:b9:ab:32:cf:b6:7b:1e:11:e6:cb:
         bd:8c:b7:5b:76:fc:d9:96:a9:d2:01:fb:ba:d2:d1:12:b2:fd:
         f5:90:7a:87:3c:68:85:78:c2:93:da:a0:d5:7b:e4:39:d0:23:
         51:e2:77:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWh0s4CxAj8GAMZHNHyORJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMTExMTcxMzQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2M4MmEzZGUxNDZlODZiMWI3YzBkMjA3N2FkNzE1MGRhNTE2NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnptr6trgN3QWlXaSYUo6YsrBWC12
HemolgFsb1znoKEibTOGx+5cd+7ZnWyg5JxRWcqMhJcI5MRVdcRhjUV8riQiaqo0
mLY1IvfhUA7WGVNGj+aXTt9BW/lyafL/BHr17AcMp4Dp86HwUal2kbeMyXgZ5PwQ
wjE318ap/9Gl19Iv4+0fkp9mQnL0jrFtT9W+8eyiMTh2M9ZbCtYYXUt+nGqMnkPz
Sml0efGA6Qkx14Fr7gzFNCNIECJ78yyEg7t1Fcgze3NlPRUXRscWYM+LLTGLF1se
T1MK5Z4mk+reyc19DqWM+pLmKA6+C5dNxc5odqhqkAn9BqxtnUwSA8h9xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMzIKj3hRuhrG3wNIHetcVDaUWQbMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvek1ncVBlRkc2R3NiZkEwZ2Q2MXhVTnBSWkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVP1AwQA
uTpyMA0GCSqGSIb3DQEBCwUAA4IBAQBxwO2LIV2AwTSPB2qLJNn/zxsAyxyPbFom
iBU0Os5ZO+0yg4lRK0ImVBPary/jYTrcbF71jxk0M5mN+AhiJqe7qJDDpxSmZhdk
1GeKltcHGez4WjF2z+DrzRRSOlkJzgPl2r+PsSbFyg91sMJ+yA2L/mMRwsc58F8f
btRxz7twRgc0hkAAaRaTRYummc7zPVgCZbdGwpiBFopkI4pJ/Hkmfb2SIIoM5COh
clnaib8YN8TmLDdGEVI6CmgH+TvNJWTkYd4OdCGghTou0ZVkkLmrMs+2ex4R5su9
jLdbdvzZlqnSAfu60tESsv31kHqHPGiFeMKT2qDVe+Q50CNR4nfX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:18 2024 by rpki-client on console-ams.rpki-client.org