Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/l77deKuGVU7IEffYVbLIT_uIPZk.roa
File:                     l77deKuGVU7IEffYVbLIT_uIPZk.roa (raw, json)
Hash identifier:          F6RN59dWk0sEyrl3BUAQMwjVpt57bqAEpRoWM/bSZUU=
Subject key identifier:   97:BE:DD:78:AB:86:55:4E:C8:11:F7:D8:55:B2:C8:4F:FB:88:3D:99
Certificate issuer:       /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial:       018BDD684BE81E0D137CE024016CE78714E2
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/l77deKuGVU7IEffYVbLIT_uIPZk.roa
Signing time:             Fri 17 Nov 2023 13:11:21 +0000
ROA not before:           Fri 17 Nov 2023 13:11:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216009
IP address blocks:        2a03:5840:111::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:dd:68:4b:e8:1e:0d:13:7c:e0:24:01:6c:e7:87:14:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
        Validity
            Not Before: Nov 17 13:11:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=97bedd78ab86554ec811f7d855b2c84ffb883d99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:cf:9c:5b:59:f1:99:ae:33:7f:b7:57:aa:0f:
                    d9:d8:24:8a:53:a1:2c:1f:6b:d4:34:f7:c3:2d:73:
                    3f:8f:a7:5c:fa:33:98:9a:3d:bb:65:91:98:fc:5b:
                    a1:2f:dd:4f:48:af:50:20:2b:f2:e3:d3:06:21:d3:
                    2d:a6:7a:d9:5b:fc:94:b1:7d:f1:f3:7e:a7:a6:66:
                    72:79:82:0c:6d:68:dc:4f:90:5c:2e:94:16:04:01:
                    cf:9e:99:1e:bc:c9:db:3e:c4:4b:73:c2:ee:70:7b:
                    aa:12:a4:e1:0d:f6:68:c5:6d:b2:60:df:43:b9:b9:
                    1f:ca:e8:1b:5a:00:e3:c8:fc:44:85:21:b2:3c:a1:
                    73:b3:c4:fa:9e:d1:3a:70:f2:83:88:1a:0f:fe:72:
                    db:13:cb:29:22:9b:15:f4:d8:ba:98:83:2f:63:f5:
                    73:6b:81:4b:5a:d6:7c:ba:ec:e5:88:70:85:0e:c7:
                    2b:33:f9:22:79:a5:6c:ca:f9:30:21:8b:af:d9:82:
                    7d:46:ad:3a:61:ed:b7:8c:ad:9d:cd:b0:f7:f6:a1:
                    cc:bb:e8:9f:b0:c5:ed:b9:f4:e1:02:16:06:fd:10:
                    e4:2c:13:80:8c:ea:58:8e:45:dc:87:a7:e0:01:d6:
                    81:09:16:a8:9d:aa:e8:07:b7:1b:cb:4f:93:d3:68:
                    ae:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:BE:DD:78:AB:86:55:4E:C8:11:F7:D8:55:B2:C8:4F:FB:88:3D:99
            X509v3 Authority Key Identifier:
                keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/l77deKuGVU7IEffYVbLIT_uIPZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5840:111::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:17:5c:ac:72:59:c3:7f:40:ac:5c:0a:a9:52:36:f3:45:b7:
         6e:66:7a:5b:4b:fd:72:1e:6b:7f:8d:82:69:df:26:17:ff:bb:
         7a:ca:a5:ab:c4:38:33:8c:0d:67:9c:97:1b:48:c6:7d:03:32:
         13:3e:29:01:b9:de:b1:17:d6:d0:12:1b:5a:80:af:72:99:10:
         bb:49:c4:31:f2:7c:ca:f4:57:6f:a5:4c:8d:10:c0:77:57:37:
         ac:b5:db:1a:57:74:03:df:ae:e8:b4:06:c7:6c:56:28:b7:0f:
         c4:da:e2:ca:e9:ae:fd:29:35:e5:a2:50:ee:3d:3e:b4:7b:55:
         09:1b:5e:10:50:db:96:72:3d:f9:b6:17:18:1e:96:48:2f:29:
         e9:fe:3a:65:e8:02:6b:e1:6a:9f:5e:74:29:0a:89:5a:d2:e0:
         87:da:f1:48:71:ba:86:22:a4:69:07:b4:8b:0d:a2:84:52:d9:
         82:7d:af:66:bb:a7:fd:e0:1c:15:7c:39:e2:63:84:16:ef:61:
         2d:dd:bc:b6:55:a6:93:93:5a:60:30:05:c3:be:72:85:db:a4:
         d2:f8:50:04:56:96:a7:f3:7e:ee:0b:05:62:97:e5:10:a5:5f:
         1e:37:52:b1:7e:c0:5f:6b:93:78:84:e8:93:bb:88:41:7a:a1:
         36:f5:a3:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvdaEvoHg0TfOAkAWznhxTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMxMTE3MTMxMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JlZGQ3OGFiODY1NTRlYzgxMWY3ZDg1NWIyYzg0ZmZiODgzZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc+cW1nxma4zf7dXqg/Z2CSKU6Es
H2vUNPfDLXM/j6dc+jOYmj27ZZGY/FuhL91PSK9QICvy49MGIdMtpnrZW/yUsX3x
836npmZyeYIMbWjcT5BcLpQWBAHPnpkevMnbPsRLc8LucHuqEqThDfZoxW2yYN9D
ubkfyugbWgDjyPxEhSGyPKFzs8T6ntE6cPKDiBoP/nLbE8spIpsV9Ni6mIMvY/Vz
a4FLWtZ8uuzliHCFDscrM/kieaVsyvkwIYuv2YJ9Rq06Ye23jK2dzbD39qHMu+if
sMXtufThAhYG/RDkLBOAjOpYjkXch6fgAdaBCRaonaroB7cby0+T02iuLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJe+3XirhlVOyBH32FWyyE/7iD2ZMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvbDc3ZGVLdUdWVTdJRWZmWVZiTElUX3VJUFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAER
MA0GCSqGSIb3DQEBCwUAA4IBAQBaF1ysclnDf0CsXAqpUjbzRbduZnpbS/1yHmt/
jYJp3yYX/7t6yqWrxDgzjA1nnJcbSMZ9AzITPikBud6xF9bQEhtagK9ymRC7ScQx
8nzK9FdvpUyNEMB3VzestdsaV3QD367otAbHbFYotw/E2uLK6a79KTXlolDuPT60
e1UJG14QUNuWcj35thcYHpZILynp/jpl6AJr4WqfXnQpCola0uCH2vFIcbqGIqRp
B7SLDaKEUtmCfa9mu6f94BwVfDniY4QW72Et3by2VaaTk1pgMAXDvnKF26TS+FAE
Vpan837uCwVil+UQpV8eN1KxfsBfa5N4hOiTu4hBeqE29aN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:12 2024 by rpki-client on console-fra.rpki-client.org