Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/97gpyN8X1hzZZa_Nuwca8OtuGKU.roa
File:                     97gpyN8X1hzZZa_Nuwca8OtuGKU.roa (raw, json)
Hash identifier:          12MfcaygEjfuZB3FoRBHLOIJlLQZpDDcyr4MiyH1uLQ=
Subject key identifier:   F7:B8:29:C8:DF:17:D6:1C:D9:65:AF:CD:BB:07:1A:F0:EB:6E:18:A5
Certificate issuer:       /CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Certificate serial:       01878F76C924421670730629C46A8CCD79A5
Authority key identifier: 8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/97gpyN8X1hzZZa_Nuwca8OtuGKU.roa
Signing time:             Mon 17 Apr 2023 13:45:39 +0000
ROA not before:           Mon 17 Apr 2023 13:45:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35189
IP address blocks:        185.198.78.0/23 maxlen: 23
                          78.24.32.0/21 maxlen: 21
                          2a01:470::/29 maxlen: 29
                          2a0a:85c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8f:76:c9:24:42:16:70:73:06:29:c4:6a:8c:cd:79:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
        Validity
            Not Before: Apr 17 13:45:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7b829c8df17d61cd965afcdbb071af0eb6e18a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:65:d6:8a:5a:91:2d:cf:e1:d7:c4:da:5b:9d:
                    d7:1d:2c:fe:ee:d2:f1:67:c8:b9:d9:99:7c:e5:2f:
                    57:48:1f:b0:33:1a:80:9e:ba:b4:6d:ff:55:89:3e:
                    09:3a:4a:26:56:b6:fe:03:ee:76:c1:db:1f:64:db:
                    e1:dc:ba:5e:17:2d:55:d2:c4:3e:12:da:e2:fb:7d:
                    db:1e:8c:d5:82:03:53:0f:5e:3b:84:3d:f6:f5:9c:
                    f2:e4:67:77:7f:e9:25:58:a7:19:5d:8e:57:e6:fc:
                    84:34:99:83:4c:9f:0b:30:b5:dc:54:52:50:8b:6c:
                    2c:80:68:c3:7e:ed:8f:95:2c:b0:00:d5:e2:24:d0:
                    85:30:83:ca:7d:c0:5a:ac:ba:e2:df:3a:d0:33:f4:
                    a1:3b:26:bc:3e:13:e1:34:f5:b8:a2:c8:22:d7:81:
                    45:2e:1e:d2:1c:65:2f:12:8a:37:34:2e:dd:d4:b2:
                    35:93:13:6c:f8:db:2c:dc:c7:8e:e3:83:48:ff:05:
                    5c:e6:18:a5:40:14:5e:6b:62:49:b0:16:04:4a:f9:
                    63:02:99:db:ee:0f:ab:49:9b:4b:7e:a9:c0:97:0c:
                    be:88:31:0e:ab:54:1d:7d:02:6e:97:80:4e:74:6f:
                    42:4c:e3:a8:28:75:12:f5:70:bf:42:d8:59:63:6e:
                    b7:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:B8:29:C8:DF:17:D6:1C:D9:65:AF:CD:BB:07:1A:F0:EB:6E:18:A5
            X509v3 Authority Key Identifier:
                keyid:8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/97gpyN8X1hzZZa_Nuwca8OtuGKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.24.32.0/21
                  185.198.78.0/23
                IPv6:
                  2a01:470::/29
                  2a0a:85c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:51:6d:ec:03:80:d2:b9:d1:05:f6:1a:6f:22:e4:0a:9c:9c:
         29:4c:58:a5:71:f1:09:26:8e:c3:4d:b2:44:24:a0:cb:48:15:
         a4:b6:4d:af:11:53:5e:05:c1:16:d0:da:89:92:3c:36:39:df:
         35:cd:53:5d:73:3e:18:17:1d:db:a1:22:75:a6:87:f0:96:78:
         6e:b1:eb:3d:0e:2e:0e:e9:e4:04:4a:8a:7b:60:ad:4e:fc:e5:
         27:ea:4f:50:46:f1:69:1e:38:57:cd:51:f3:45:7c:3d:6d:f1:
         4b:5a:a4:3f:6b:40:2c:9c:50:b7:cf:c2:73:b1:86:6e:d9:eb:
         3b:2a:26:a7:2e:7c:91:52:64:d7:70:54:ef:6d:a6:65:c3:e4:
         21:37:0f:bd:5b:29:54:99:7b:cd:35:7b:2b:ca:02:7f:8e:a1:
         95:c4:c8:7f:b8:a8:c8:f6:39:72:be:1e:29:8c:b1:e3:f6:dc:
         7e:77:dd:2a:c6:42:92:c6:b1:02:9e:6d:07:64:50:3a:54:19:
         28:39:ce:cf:91:48:f2:c5:1b:17:ec:4b:8d:06:99:c4:16:34:
         d3:4e:aa:b6:93:4a:d6:ce:14:7b:77:66:63:5f:d8:38:7b:6e:
         69:d9:3e:b5:71:95:9a:81:97:2d:84:36:06:2b:66:37:0c:51:
         a3:a2:81:11
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYePdskkQhZwcwYpxGqMzXmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkN2RjYjM2M2Q5YWMzNGJkYzliNjk4MGYyNjg2ZGQyMTlk
NTAyNTcwHhcNMjMwNDE3MTM0NTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I4MjljOGRmMTdkNjFjZDk2NWFmY2RiYjA3MWFmMGViNmUxOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmXWilqRLc/h18TaW53XHSz+7tLx
Z8i52Zl85S9XSB+wMxqAnrq0bf9ViT4JOkomVrb+A+52wdsfZNvh3LpeFy1V0sQ+
Etri+33bHozVggNTD147hD329Zzy5Gd3f+klWKcZXY5X5vyENJmDTJ8LMLXcVFJQ
i2wsgGjDfu2PlSywANXiJNCFMIPKfcBarLri3zrQM/ShOya8PhPhNPW4osgi14FF
Lh7SHGUvEoo3NC7d1LI1kxNs+Nss3MeO44NI/wVc5hilQBRea2JJsBYESvljApnb
7g+rSZtLfqnAlwy+iDEOq1QdfQJul4BOdG9CTOOoKHUS9XC/QthZY263PQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPe4KcjfF9Yc2WWvzbsHGvDrbhilMB8GA1UdIwQY
MBaAFI19yzY9msNL3JtpgPJobdIZ1QJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmIt
YWM0NjNlMjIxOTc0LzEvOTdncHlOOFgxaHpaWmFfTnV3Y2E4T3R1R0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmItYWM0NjNlMjIxOTc0
LzEvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDThggAwQB
ucZOMBQEAgACMA4DBQMqAQRwAwUDKgqFwDANBgkqhkiG9w0BAQsFAAOCAQEAYlFt
7AOA0rnRBfYabyLkCpycKUxYpXHxCSaOw02yRCSgy0gVpLZNrxFTXgXBFtDaiZI8
NjnfNc1TXXM+GBcd26EidaaH8JZ4brHrPQ4uDunkBEqKe2CtTvzlJ+pPUEbxaR44
V81R80V8PW3xS1qkP2tALJxQt8/Cc7GGbtnrOyompy58kVJk13BU722mZcPkITcP
vVspVJl7zTV7K8oCf46hlcTIf7ioyPY5cr4eKYyx4/bcfnfdKsZCksaxAp5tB2RQ
OlQZKDnOz5FI8sUbF+xLjQaZxBY0006qtpNK1s4Ue3dmY1/YOHtuadk+tXGVmoGX
LYQ2BitmNwxRo6KBEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:56 2024 by rpki-client on console-fra.rpki-client.org