Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PWwasxo3nSsRjjcUgre86fDOBPk.roa
File:                     PWwasxo3nSsRjjcUgre86fDOBPk.roa (raw, json)
Hash identifier:          CGlJ7LELLWUrlIyiOVfJFgEn0K6SWUYydnNea3842MA=
Subject key identifier:   3D:6C:1A:B3:1A:37:9D:2B:11:8E:37:14:82:B7:BC:E9:F0:CE:04:F9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       019427A828B22E25A3B7E2BC19254D08CC12
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PWwasxo3nSsRjjcUgre86fDOBPk.roa
Signing time:             Thu 02 Jan 2025 15:35:19 +0000
ROA not before:           Thu 02 Jan 2025 15:35:19 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     5065
IP address blocks:        77.93.138.0/23 maxlen: 24
                          82.152.52.0/23 maxlen: 24
                          82.152.55.0/24 maxlen: 24
                          109.176.25.0/24 maxlen: 24
                          213.130.150.0/24 maxlen: 24
                          213.210.48.0/23 maxlen: 24
Validation:               Failed, certificate revoked on Mon 10 Feb 2025 10:04:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:a8:28:b2:2e:25:a3:b7:e2:bc:19:25:4d:08:cc:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 15:35:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=3d6c1ab31a379d2b118e371482b7bce9f0ce04f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:21:bd:7b:67:a5:a6:cc:aa:1b:22:01:ae:6f:
                    5a:22:18:d1:89:67:1a:18:e4:e8:9d:07:cc:a4:a7:
                    c6:14:57:34:ea:d3:5c:7b:02:69:27:fd:ce:e8:d6:
                    65:0b:a7:c1:5c:4b:90:af:28:b9:3e:36:d9:79:e3:
                    ca:07:90:cb:b8:e8:d4:9e:3b:e3:c2:fb:6e:e0:af:
                    8c:dd:23:a4:0d:8b:77:72:1e:de:7f:cb:7c:3a:56:
                    bc:97:b5:7b:ef:e4:b0:2f:85:21:46:d7:22:52:08:
                    da:67:90:d4:f1:ef:8b:1d:13:20:d8:2f:d9:bc:a9:
                    18:37:e8:cc:4f:22:39:80:6e:c3:f0:ed:bc:03:70:
                    17:b4:8b:80:eb:00:8f:88:8b:69:68:a1:2c:cc:3c:
                    08:40:b4:1f:2a:2d:1e:79:d8:05:63:ae:ef:83:e4:
                    e3:2b:c0:63:62:cd:ae:a4:4f:50:97:89:07:0f:fd:
                    80:7f:22:29:e9:55:da:c5:96:4a:5f:74:3f:80:42:
                    80:b7:82:af:3c:69:7f:2f:a1:cd:cd:fc:13:52:b3:
                    56:f9:49:9d:a0:85:0a:db:ae:a1:85:ae:62:61:b2:
                    57:b6:a3:42:d4:88:29:9b:80:5f:b7:4a:6d:4d:59:
                    ca:b8:87:f7:a8:57:de:87:2a:38:e8:a7:70:41:3a:
                    78:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:6C:1A:B3:1A:37:9D:2B:11:8E:37:14:82:B7:BC:E9:F0:CE:04:F9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PWwasxo3nSsRjjcUgre86fDOBPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.93.138.0/23
                  82.152.52.0/23
                  82.152.55.0/24
                  109.176.25.0/24
                  213.130.150.0/24
                  213.210.48.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:f1:37:c5:e7:d9:e8:af:c9:4c:7f:21:a9:ef:22:56:c3:87:
         d5:47:49:b9:b5:62:f5:26:c5:06:a1:54:f6:59:c1:cf:72:f5:
         73:f1:30:2e:a7:41:63:72:d2:1a:35:44:af:1a:61:c4:02:e8:
         2f:0b:0c:e8:cb:94:c2:9a:4c:00:fc:6f:2f:b3:ea:ba:f3:f7:
         49:9f:20:c5:1d:db:af:6a:49:79:6f:6b:e5:ac:98:2d:74:37:
         26:32:dd:66:1b:69:f8:ae:17:46:7e:c7:1e:5b:fb:d1:2b:42:
         c9:21:19:af:e2:8f:41:d1:3a:f6:cc:2e:20:2f:db:3c:d2:bb:
         e7:92:59:1b:a7:1d:28:89:34:a3:47:61:e5:f7:90:89:b4:e7:
         ac:de:ea:94:8e:bd:b2:b0:25:e4:74:1f:b0:57:46:b9:11:c7:
         ad:fc:b1:6a:b6:a3:27:96:90:1d:65:fb:bd:b4:05:b6:87:d9:
         2d:15:e5:42:3e:6a:d4:61:87:95:79:e0:05:f6:6e:3a:d1:ee:
         a8:7c:17:11:6a:fa:ba:c0:05:79:7c:e3:46:64:bb:89:e5:d6:
         00:d5:93:c0:40:8e:4a:73:a9:64:24:33:54:dc:20:73:86:01:
         0a:58:0a:e4:55:dc:02:c0:32:bd:cd:c4:4a:ec:f9:15:aa:32:
         69:45:fa:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnqCiyLiWjt+K8GSVNCMwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAyMTUzNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZjMWFiMzFhMzc5ZDJiMTE4ZTM3MTQ4MmI3YmNlOWYwY2UwNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniG9e2elpsyqGyIBrm9aIhjRiWca
GOTonQfMpKfGFFc06tNcewJpJ/3O6NZlC6fBXEuQryi5PjbZeePKB5DLuOjUnjvj
wvtu4K+M3SOkDYt3ch7ef8t8Ola8l7V77+SwL4UhRtciUgjaZ5DU8e+LHRMg2C/Z
vKkYN+jMTyI5gG7D8O28A3AXtIuA6wCPiItpaKEszDwIQLQfKi0eedgFY67vg+Tj
K8BjYs2upE9Ql4kHD/2AfyIp6VXaxZZKX3Q/gEKAt4KvPGl/L6HNzfwTUrNW+Umd
oIUK266hha5iYbJXtqNC1Igpm4Bft0ptTVnKuIf3qFfehyo46KdwQTp4swIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD1sGrMaN50rEY43FIK3vOnwzgT5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUFd3YXN4bzNuU3NSampjVWdyZTg2ZkRPQlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTV2KAwQB
Upg0AwQAUpg3AwQAbbAZAwQA1YKWAwQB1dIwMA0GCSqGSIb3DQEBCwUAA4IBAQCp
8TfF59nor8lMfyGp7yJWw4fVR0m5tWL1JsUGoVT2WcHPcvVz8TAup0FjctIaNUSv
GmHEAugvCwzoy5TCmkwA/G8vs+q68/dJnyDFHduvakl5b2vlrJgtdDcmMt1mG2n4
rhdGfsceW/vRK0LJIRmv4o9B0Tr2zC4gL9s80rvnklkbpx0oiTSjR2Hl95CJtOes
3uqUjr2ysCXkdB+wV0a5Ecet/LFqtqMnlpAdZfu9tAW2h9ktFeVCPmrUYYeVeeAF
9m460e6ofBcRavq6wAV5fONGZLuJ5dYA1ZPAQI5Kc6lkJDNU3CBzhgEKWArkVdwC
wDK9zcRK7PkVqjJpRfpH
-----END CERTIFICATE-----
Generated at Tue Feb 11 15:02:26 2025 by rpki-client