Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/clblZ44iiGV3KD5_nhq_9vwWbTk.roa
File:                     clblZ44iiGV3KD5_nhq_9vwWbTk.roa (raw, json)
Hash identifier:          SuBHpZbL9DhGnTQXlZYwyQRyjtJRPkbp7IUh/RARKCw=
Subject key identifier:   72:56:E5:67:8E:22:88:65:77:28:3E:7F:9E:1A:BF:F6:FC:16:6D:39
Certificate issuer:       /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial:       018CC2DB59B6E7FB9728FDA62FB9DA201C46
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/clblZ44iiGV3KD5_nhq_9vwWbTk.roa
Signing time:             Mon 01 Jan 2024 02:30:04 +0000
ROA not before:           Mon 01 Jan 2024 02:30:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12350
IP address blocks:        77.236.112.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 10:53:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:59:b6:e7:fb:97:28:fd:a6:2f:b9:da:20:1c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
        Validity
            Not Before: Jan  1 02:30:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7256e5678e22886577283e7f9e1abff6fc166d39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e6:cc:70:ec:b2:75:92:53:01:1f:ac:1e:00:
                    37:3b:0c:d9:33:e7:fa:68:68:a8:41:9c:eb:53:99:
                    3f:32:85:0d:27:12:a4:9d:39:8f:1e:d3:72:43:c1:
                    ca:88:2c:41:8d:7d:95:59:4f:6e:c4:73:fe:9d:c4:
                    8d:c2:c3:7b:83:d4:58:ae:a9:f8:bd:09:05:4e:ac:
                    ab:11:6e:d0:3b:90:aa:77:e2:c5:24:2e:cc:f6:13:
                    62:69:aa:ba:95:4d:1f:11:51:e4:69:96:8d:fc:57:
                    39:d7:e2:6b:82:b4:5c:cc:42:fb:06:50:81:61:f6:
                    13:38:31:40:a2:4e:97:fd:29:d2:bf:c4:4e:71:c3:
                    4a:19:79:24:ba:83:5d:c6:98:a4:f9:46:e1:bf:4e:
                    15:5c:63:7c:76:43:f1:e4:a9:d1:95:4a:ce:1f:e6:
                    e6:0f:83:86:f9:7a:07:df:50:a6:24:f5:fd:83:01:
                    01:09:b1:87:99:ec:e3:52:da:5a:9a:05:26:37:39:
                    3b:42:d2:a0:e4:1c:af:59:31:1a:cf:f7:ce:6d:7e:
                    6b:b8:68:3a:72:a2:d3:cc:bc:30:26:0c:28:9d:eb:
                    20:16:2a:6d:96:7c:c3:d9:e2:e0:2d:61:54:df:4a:
                    e7:66:8c:7a:32:c9:30:92:3f:17:7e:93:a9:a2:4e:
                    c7:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:56:E5:67:8E:22:88:65:77:28:3E:7F:9E:1A:BF:F6:FC:16:6D:39
            X509v3 Authority Key Identifier:
                keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/clblZ44iiGV3KD5_nhq_9vwWbTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.236.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         82:f4:52:0f:70:0e:2a:3b:94:d9:5f:a3:41:90:09:b6:fa:dc:
         dc:b5:00:d4:2c:cf:06:3c:87:f8:cb:3f:01:fe:52:7c:5c:41:
         dd:d7:0d:40:e7:5a:e0:72:9b:b1:c9:7b:d9:71:b9:bc:de:78:
         bc:f2:64:65:e6:22:7a:b7:d8:3a:ab:c3:0b:91:7b:c5:8c:2f:
         f2:1d:67:58:e1:1d:41:76:67:ae:3e:63:3c:2f:32:ba:04:ed:
         7f:35:27:3f:37:4c:5d:9f:3d:15:d8:a0:c2:29:e1:4e:4d:b2:
         2f:3a:81:a0:85:05:12:81:29:3a:fc:fe:88:7a:bb:c1:21:af:
         44:f5:df:87:20:aa:e4:8a:be:af:85:8a:25:49:3f:24:a2:24:
         a9:55:06:d9:f3:b3:3e:c4:dd:6a:e9:20:87:9f:44:b9:fa:8d:
         d3:cc:c3:59:4a:94:ef:79:e7:87:02:2f:2f:ba:a9:c4:e0:97:
         47:a3:b9:fc:85:83:1d:6c:a0:cf:61:76:0a:ee:a1:d6:46:97:
         4e:2c:f0:e1:a5:aa:05:04:54:46:db:fc:0a:86:e4:d6:5a:10:
         96:ca:dd:9e:30:fa:a1:e9:b2:52:90:15:fc:ba:d6:71:b9:4c:
         d3:a5:5b:43:5d:16:11:a8:32:d3:82:02:5a:e0:9e:1f:e9:37:
         a2:08:9d:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21m25/uXKP2mL7naIBxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjU2ZTU2NzhlMjI4ODY1NzcyODNlN2Y5ZTFhYmZmNmZjMTY2ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxubMcOyydZJTAR+sHgA3OwzZM+f6
aGioQZzrU5k/MoUNJxKknTmPHtNyQ8HKiCxBjX2VWU9uxHP+ncSNwsN7g9RYrqn4
vQkFTqyrEW7QO5Cqd+LFJC7M9hNiaaq6lU0fEVHkaZaN/Fc51+JrgrRczEL7BlCB
YfYTODFAok6X/SnSv8ROccNKGXkkuoNdxpik+Ubhv04VXGN8dkPx5KnRlUrOH+bm
D4OG+XoH31CmJPX9gwEBCbGHmezjUtpamgUmNzk7QtKg5ByvWTEaz/fObX5ruGg6
cqLTzLwwJgwonesgFiptlnzD2eLgLWFU30rnZox6Mskwkj8XfpOpok7HtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJW5WeOIohldyg+f54av/b8Fm05MB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvY2xibFo0NGlpR1YzS0Q1X25ocV85dndXYlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTexwMA0G
CSqGSIb3DQEBCwUAA4IBAQCC9FIPcA4qO5TZX6NBkAm2+tzctQDULM8GPIf4yz8B
/lJ8XEHd1w1A51rgcpuxyXvZcbm83ni88mRl5iJ6t9g6q8MLkXvFjC/yHWdY4R1B
dmeuPmM8LzK6BO1/NSc/N0xdnz0V2KDCKeFOTbIvOoGghQUSgSk6/P6IervBIa9E
9d+HIKrkir6vhYolST8koiSpVQbZ87M+xN1q6SCHn0S5+o3TzMNZSpTveeeHAi8v
uqnE4JdHo7n8hYMdbKDPYXYK7qHWRpdOLPDhpaoFBFRG2/wKhuTWWhCWyt2eMPqh
6bJSkBX8utZxuUzTpVtDXRYRqDLTggJa4J4f6TeiCJ3A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:45 2024 by rpki-client on console-ams.rpki-client.org