Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/vz3B52JxcyAO0MAqfGeLvVOKYnk.roa
File:                     vz3B52JxcyAO0MAqfGeLvVOKYnk.roa (raw, json)
Hash identifier:          Bv1vzIwOOjHZSLHgJIwpku1qLqeLU50vREssUuEIfL8=
Subject key identifier:   BF:3D:C1:E7:62:71:73:20:0E:D0:C0:2A:7C:67:8B:BD:53:8A:62:79
Certificate issuer:       /CN=e78ba5d98d48cebd5ad04c08bf09082b12a7e3ab
Certificate serial:       0186B748667236A174A28E4FCFC764D71D34
Authority key identifier: E7:8B:A5:D9:8D:48:CE:BD:5A:D0:4C:08:BF:09:08:2B:12:A7:E3:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/54ul2Y1Izr1a0EwIvwkIKxKn46s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/vz3B52JxcyAO0MAqfGeLvVOKYnk.roa
Signing time:             Mon 06 Mar 2023 14:17:00 +0000
ROA not before:           Mon 06 Mar 2023 14:17:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        77.81.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b7:48:66:72:36:a1:74:a2:8e:4f:cf:c7:64:d7:1d:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e78ba5d98d48cebd5ad04c08bf09082b12a7e3ab
        Validity
            Not Before: Mar  6 14:17:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf3dc1e7627173200ed0c02a7c678bbd538a6279
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:83:dc:19:3b:f6:d2:19:b8:15:28:3d:4e:4a:
                    a6:2b:69:4b:a5:ff:5f:c1:04:2d:d2:85:e0:73:01:
                    bc:01:00:eb:2e:b7:e0:16:3b:63:ce:22:9b:16:b3:
                    6d:eb:c6:61:b1:f0:d4:50:ba:8d:14:d0:49:ca:5f:
                    56:d2:0b:23:db:30:57:8a:2b:bb:30:a0:2e:64:1f:
                    1d:c3:85:7e:c7:a8:39:9b:79:41:b2:05:7d:b0:ca:
                    1e:ab:92:83:40:62:f0:38:7b:69:e8:b8:d5:25:08:
                    64:0e:d8:05:ed:31:7c:5c:9d:06:e9:11:0a:c5:c7:
                    f4:85:3e:2a:8d:85:77:91:5c:55:41:2e:4b:25:99:
                    bd:d0:bc:db:cd:7b:88:c8:37:fb:9c:c1:91:77:12:
                    a6:84:18:17:1a:1f:ee:00:32:dc:b4:d8:5e:26:f3:
                    fe:cb:b7:c1:87:23:77:ca:b9:98:d8:98:fd:c2:2a:
                    e9:2b:e3:86:54:f5:51:23:3b:3a:e8:ee:0c:11:59:
                    aa:04:bd:0f:f7:3b:9e:48:45:7d:59:c5:9d:d2:15:
                    ac:d2:51:01:c3:2a:93:0f:51:73:4f:ea:96:06:20:
                    66:4a:a3:92:ee:ab:ec:a5:cb:75:ed:7e:83:0b:22:
                    ce:6c:45:c7:e6:15:51:70:b2:aa:72:cf:a2:7e:d5:
                    69:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:3D:C1:E7:62:71:73:20:0E:D0:C0:2A:7C:67:8B:BD:53:8A:62:79
            X509v3 Authority Key Identifier:
                keyid:E7:8B:A5:D9:8D:48:CE:BD:5A:D0:4C:08:BF:09:08:2B:12:A7:E3:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/54ul2Y1Izr1a0EwIvwkIKxKn46s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/vz3B52JxcyAO0MAqfGeLvVOKYnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/54ul2Y1Izr1a0EwIvwkIKxKn46s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:76:48:0e:f5:08:3e:2f:20:27:17:a1:8e:82:a9:92:e4:90:
         00:57:f2:fb:6e:f6:cc:ab:a0:d4:39:c4:1f:bd:c0:bc:f7:85:
         01:be:bb:ee:47:97:b5:3c:3c:b5:a6:b9:e3:5a:a7:67:4f:57:
         de:73:04:fa:01:17:14:c4:76:27:98:33:5c:da:eb:09:fa:5d:
         c0:cc:34:19:3e:f3:38:22:68:40:89:3a:0c:c1:bc:69:de:3d:
         7b:8b:fd:a8:ec:2e:44:91:c0:a0:0d:ba:ec:53:c6:45:9d:64:
         b2:e7:ad:92:88:ef:f3:61:48:25:95:2f:04:28:80:ce:3f:67:
         fb:4e:3a:91:2a:ca:8f:52:6d:84:ef:37:09:06:62:ff:47:db:
         8e:60:8f:80:f1:90:1e:1e:aa:4d:27:c5:00:fc:05:62:9f:90:
         31:f2:a9:a6:df:a0:d7:f2:00:f5:e9:cd:08:70:fe:df:98:16:
         72:ce:e9:ff:29:12:83:14:89:52:0e:5c:8e:43:d4:e1:f9:c1:
         88:40:93:93:8f:8f:85:44:17:f4:d2:c0:b2:a2:88:68:b3:b4:
         ef:d0:f8:d6:a2:38:b2:08:61:f7:59:6a:6f:56:a3:62:cb:d4:
         f1:20:09:96:80:9d:82:7a:71:77:5c:61:e6:9c:1a:3e:40:a2:
         db:17:14:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa3SGZyNqF0oo5Pz8dk1x00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OGJhNWQ5OGQ0OGNlYmQ1YWQwNGMwOGJmMDkwODJiMTJh
N2UzYWIwHhcNMjMwMzA2MTQxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNkYzFlNzYyNzE3MzIwMGVkMGMwMmE3YzY3OGJiZDUzOGE2Mjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4PcGTv20hm4FSg9TkqmK2lLpf9f
wQQt0oXgcwG8AQDrLrfgFjtjziKbFrNt68ZhsfDUULqNFNBJyl9W0gsj2zBXiiu7
MKAuZB8dw4V+x6g5m3lBsgV9sMoeq5KDQGLwOHtp6LjVJQhkDtgF7TF8XJ0G6REK
xcf0hT4qjYV3kVxVQS5LJZm90LzbzXuIyDf7nMGRdxKmhBgXGh/uADLctNheJvP+
y7fBhyN3yrmY2Jj9wirpK+OGVPVRIzs66O4MEVmqBL0P9zueSEV9WcWd0hWs0lEB
wyqTD1FzT+qWBiBmSqOS7qvspct17X6DCyLObEXH5hVRcLKqcs+iftVpkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL89wedicXMgDtDAKnxni71TimJ5MB8GA1UdIwQY
MBaAFOeLpdmNSM69WtBMCL8JCCsSp+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTR1bDJZMUl6cjFhMEV3SXZ3a0lLeEtuNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNTIyOTMtMDY3OC00YjQyLThhZTAt
NDg5MTY1M2VlYjY3LzEvdnozQjUySnhjeUFPME1BcWZHZUx2Vk9LWW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNTIyOTMtMDY3OC00YjQyLThhZTAtNDg5MTY1M2VlYjY3
LzEvNTR1bDJZMUl6cjFhMEV3SXZ3a0lLeEtuNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVEAMA0G
CSqGSIb3DQEBCwUAA4IBAQBndkgO9Qg+LyAnF6GOgqmS5JAAV/L7bvbMq6DUOcQf
vcC894UBvrvuR5e1PDy1prnjWqdnT1fecwT6ARcUxHYnmDNc2usJ+l3AzDQZPvM4
ImhAiToMwbxp3j17i/2o7C5EkcCgDbrsU8ZFnWSy562SiO/zYUgllS8EKIDOP2f7
TjqRKsqPUm2E7zcJBmL/R9uOYI+A8ZAeHqpNJ8UA/AVin5Ax8qmm36DX8gD16c0I
cP7fmBZyzun/KRKDFIlSDlyOQ9Th+cGIQJOTj4+FRBf00sCyoohos7Tv0PjWojiy
CGH3WWpvVqNiy9TxIAmWgJ2CenF3XGHmnBo+QKLbFxRu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:17 2024 by rpki-client on console-fra.rpki-client.org