Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c77zfes42A8FcgC5AvwY4WKuH94.roa
File:                     c77zfes42A8FcgC5AvwY4WKuH94.roa (raw, json)
Hash identifier:          pLsISXiP78PxM5z+5Hx1HjyQ1KUZvfBeAwDIWjiO97Y=
Subject key identifier:   73:BE:F3:7D:EB:38:D8:0F:05:72:00:B9:02:FC:18:E1:62:AE:1F:DE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E7A51CDAA3B83A8B10CEC3DFC70574942
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c77zfes42A8FcgC5AvwY4WKuH94.roa
Signing time:             Tue 26 Mar 2024 10:32:45 +0000
ROA not before:           Tue 26 Mar 2024 10:32:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5065
IP address blocks:        82.163.22.0/23 maxlen: 24
                          89.213.210.0/23 maxlen: 24
                          89.213.248.0/23 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          212.38.88.0/23 maxlen: 24
                          213.210.48.0/23 maxlen: 24
                          213.210.62.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 07:54:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7a:51:cd:aa:3b:83:a8:b1:0c:ec:3d:fc:70:57:49:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 26 10:32:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=73bef37deb38d80f057200b902fc18e162ae1fde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:63:36:76:bd:82:79:64:b9:ca:78:c3:79:0d:
                    38:d9:ef:27:29:2f:5e:48:1d:e3:ed:b0:44:07:9d:
                    f8:31:5e:3d:fd:1e:cd:c1:81:e4:4f:7f:40:55:7a:
                    11:c0:6d:98:df:16:40:a9:5d:44:23:40:58:5c:76:
                    ed:4a:fc:c0:a3:c1:e4:0d:3f:4e:8d:4b:de:d3:6c:
                    a0:49:e7:72:a1:d3:c0:f3:bb:54:ac:18:70:76:35:
                    e5:b0:e9:4c:6b:72:95:cb:27:f2:d4:2c:07:62:39:
                    ab:76:77:3e:a7:5b:c3:77:df:72:fe:46:e1:d4:77:
                    26:76:41:87:18:b6:29:c4:db:84:46:3c:03:1d:8d:
                    c2:63:be:0c:d9:bc:f0:41:bf:73:2a:fe:34:4e:c4:
                    e0:45:52:71:76:ca:b8:d3:3d:d9:54:9d:ac:b1:9e:
                    1b:20:be:89:bf:df:ed:b7:db:4a:93:c9:1a:28:99:
                    33:9a:8b:8f:0a:8e:aa:d1:85:1a:15:05:41:21:bd:
                    2f:58:8b:f9:dc:eb:4c:e0:9c:36:54:7c:c7:34:58:
                    b9:8e:2b:1d:4d:b7:72:b4:00:38:46:a1:33:ce:85:
                    6d:8f:e1:77:70:58:6e:5b:92:4d:ea:33:15:5b:c8:
                    b2:fd:2a:0d:30:69:b9:c0:7c:1f:bf:1a:53:4f:10:
                    85:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:BE:F3:7D:EB:38:D8:0F:05:72:00:B9:02:FC:18:E1:62:AE:1F:DE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c77zfes42A8FcgC5AvwY4WKuH94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.22.0/23
                  89.213.210.0/23
                  89.213.248.0/23
                  109.176.16.0/21
                  212.38.88.0/23
                  213.210.48.0/23
                  213.210.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:0f:42:96:d5:0a:c0:c9:e9:ad:d3:76:1f:5f:39:63:4a:a1:
         9a:4d:97:f1:e0:18:4c:4f:58:d3:24:23:dc:72:fb:38:ee:fc:
         7d:e5:d7:4e:15:0e:c5:fa:06:0e:82:d2:85:29:6f:54:30:c4:
         2a:38:0f:da:1d:a6:e4:d6:67:03:d6:45:47:10:f5:54:e0:0e:
         cb:2e:cc:f0:84:26:95:e7:86:dd:e9:01:f0:9e:c6:f7:dc:76:
         b7:62:ad:62:9d:82:ce:d6:b7:98:22:c2:06:67:9c:6d:85:6d:
         dd:4e:99:b2:c2:47:0a:f5:1a:63:70:ca:37:c7:ab:f5:cf:79:
         da:ed:40:06:f1:58:63:3f:52:9a:ec:e9:7a:ad:ac:cc:da:97:
         50:e6:0a:0f:2d:0c:ab:ad:d4:fd:8f:27:4d:ec:1c:3f:a1:9a:
         8f:3e:80:1f:f2:6a:11:4d:51:c2:b3:6e:79:14:0c:ce:fd:a7:
         66:a5:bb:55:1e:1e:b3:62:37:78:9f:a2:1e:21:fa:a7:d2:b4:
         c7:5c:72:77:c0:58:6a:ad:bf:c1:00:e4:af:88:ad:3f:11:80:
         ee:75:25:34:e7:34:be:89:d6:54:31:fa:eb:48:6e:3e:2a:cd:
         90:f5:c6:be:fb:b2:e6:a4:76:62:09:0b:22:26:36:7d:85:f8:
         d8:a2:fb:0f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY56Uc2qO4OosQzsPfxwV0lCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI2MTAzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JlZjM3ZGViMzhkODBmMDU3MjAwYjkwMmZjMThlMTYyYWUxZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGM2dr2CeWS5ynjDeQ042e8nKS9e
SB3j7bBEB534MV49/R7NwYHkT39AVXoRwG2Y3xZAqV1EI0BYXHbtSvzAo8HkDT9O
jUve02ygSedyodPA87tUrBhwdjXlsOlMa3KVyyfy1CwHYjmrdnc+p1vDd99y/kbh
1HcmdkGHGLYpxNuERjwDHY3CY74M2bzwQb9zKv40TsTgRVJxdsq40z3ZVJ2ssZ4b
IL6Jv9/tt9tKk8kaKJkzmouPCo6q0YUaFQVBIb0vWIv53OtM4Jw2VHzHNFi5jisd
TbdytAA4RqEzzoVtj+F3cFhuW5JN6jMVW8iy/SoNMGm5wHwfvxpTTxCFJQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHO+833rONgPBXIAuQL8GOFirh/eMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYzc3emZlczQyQThGY2dDNUF2d1k0V0t1SDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUqMWAwQB
WdXSAwQBWdX4AwQDbbAQAwQB1CZYAwQB1dIwAwQB1dI+MA0GCSqGSIb3DQEBCwUA
A4IBAQAGD0KW1QrAyemt03YfXzljSqGaTZfx4BhMT1jTJCPccvs47vx95ddOFQ7F
+gYOgtKFKW9UMMQqOA/aHabk1mcD1kVHEPVU4A7LLszwhCaV54bd6QHwnsb33Ha3
Yq1inYLO1reYIsIGZ5xthW3dTpmywkcK9RpjcMo3x6v1z3na7UAG8VhjP1Ka7Ol6
razM2pdQ5goPLQyrrdT9jydN7Bw/oZqPPoAf8moRTVHCs255FAzO/admpbtVHh6z
Yjd4n6IeIfqn0rTHXHJ3wFhqrb/BAOSviK0/EYDudSU05zS+idZUMfrrSG4+Ks2Q
9ca++7LmpHZiCQsiJjZ9hfjYovsP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org