Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa
File:                     Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa (raw, json)
Hash identifier:          RilZc0tkPFYAaQH+L0qeuMn8VHKDJjg0+fDs1h3d7GI=
Subject key identifier:   36:6F:AD:EE:3F:59:C1:3A:5E:C7:1E:50:49:39:87:DC:6D:B0:3E:62
Certificate issuer:       /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial:       018BC854B8FBE583F85B95A34F53E2AFAA51
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa
Signing time:             Mon 13 Nov 2023 10:57:57 +0000
ROA not before:           Mon 13 Nov 2023 10:57:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43391
IP address blocks:        185.80.72.0/24 maxlen: 24
                          77.223.132.0/24 maxlen: 24
                          77.223.128.0/19 maxlen: 24
                          77.223.136.0/24 maxlen: 24
                          77.223.135.0/24 maxlen: 24
                          77.223.143.0/24 maxlen: 24
                          93.187.200.0/21 maxlen: 21
                          93.187.206.0/24 maxlen: 24
                          93.187.205.0/24 maxlen: 24
                          93.187.204.0/24 maxlen: 24
                          93.187.207.0/24 maxlen: 24
                          195.244.32.0/19 maxlen: 24
                          195.244.33.0/24 maxlen: 24
                          77.223.149.0/24 maxlen: 24
                          77.223.148.0/24 maxlen: 24
                          77.223.152.0/24 maxlen: 24
                          77.223.158.0/24 maxlen: 24
                          77.223.153.0/24 maxlen: 24
                          77.223.156.0/24 maxlen: 24
                          77.223.154.0/24 maxlen: 24
                          91.191.160.0/20 maxlen: 24
                          91.191.171.0/24 maxlen: 24
                          91.191.170.0/24 maxlen: 24
                          91.191.168.0/21 maxlen: 21
                          78.40.224.0/24 maxlen: 24
                          78.40.224.0/21 maxlen: 21
                          2a0a:be80::/29 maxlen: 29
                          2a01:aac0::/32 maxlen: 32
                          2a0a:be80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c8:54:b8:fb:e5:83:f8:5b:95:a3:4f:53:e2:af:aa:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
        Validity
            Not Before: Nov 13 10:57:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=366fadee3f59c13a5ec71e50493987dc6db03e62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:99:19:5f:ed:2b:ea:cc:f8:f3:62:74:1b:07:
                    fb:9a:70:38:f3:dc:7a:dc:97:b5:70:ec:bc:43:52:
                    6f:81:e2:1a:b6:9a:f1:8d:9a:16:82:21:4e:a6:a3:
                    5d:bc:3c:78:ba:65:a6:a1:34:02:bf:81:a4:6d:13:
                    35:83:ef:d3:4e:17:c1:c4:73:5b:e4:09:8d:9d:a2:
                    82:91:07:e1:54:40:7e:32:29:19:9d:4e:5f:6f:f0:
                    24:73:f9:23:b1:46:f0:bb:e4:55:73:ef:25:48:d3:
                    e3:99:d0:13:71:5d:c0:c4:79:7a:04:0c:98:cb:23:
                    14:1a:74:54:a0:6f:31:8c:7e:5f:fd:38:6a:b0:7e:
                    61:8a:9a:31:a0:6a:86:9b:df:8e:1a:f6:24:35:b1:
                    3d:e4:be:eb:8e:1c:7d:ef:5b:5c:9f:61:95:87:e0:
                    d5:e4:fb:46:5f:f8:88:0b:df:a3:a8:cb:a0:f6:49:
                    c4:d1:e3:29:24:4c:78:5d:26:b7:24:1b:f1:b8:80:
                    26:91:cf:99:19:23:87:86:4b:a5:77:b0:df:93:c9:
                    1a:2b:fe:6d:2f:8a:99:e3:10:f2:aa:ba:c7:6b:24:
                    0b:43:3a:42:19:42:25:33:31:55:89:5f:25:f9:e6:
                    0c:c3:39:f3:20:7f:d0:d6:59:9b:48:3b:e7:b6:8a:
                    b6:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:6F:AD:EE:3F:59:C1:3A:5E:C7:1E:50:49:39:87:DC:6D:B0:3E:62
            X509v3 Authority Key Identifier:
                keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.223.128.0/19
                  78.40.224.0/21
                  91.191.160.0/20
                  93.187.200.0/21
                  185.80.72.0/24
                  195.244.32.0/19
                IPv6:
                  2a01:aac0::/32
                  2a0a:be80::/29

    Signature Algorithm: sha256WithRSAEncryption
         80:1c:cb:fc:7e:08:b6:a6:be:7b:4a:45:54:2b:48:fc:9a:13:
         18:5d:56:cc:df:09:8e:c2:25:35:9d:0c:20:66:aa:a6:0a:b8:
         f6:c9:11:7c:f8:c1:64:55:67:72:c6:20:8b:b8:bc:16:ce:17:
         ab:99:af:02:79:17:88:81:20:49:24:25:42:43:92:53:c6:b3:
         40:40:83:86:3d:1f:39:d8:69:bd:75:45:a8:60:7f:7e:b4:9b:
         46:0c:33:cf:6a:b8:5b:c1:27:a1:7e:28:ab:01:e6:7d:68:07:
         20:d5:a8:ed:30:2c:02:c0:e7:48:88:f3:ad:3a:60:cc:4d:e9:
         5b:85:71:b2:35:5c:ae:bc:b0:1d:1b:d4:ef:c9:3d:81:3c:19:
         26:ef:8b:5f:c9:32:8f:ab:a9:42:24:ea:63:a6:38:f7:4c:11:
         8e:46:cf:60:fa:24:7d:a8:e1:6b:9c:8a:f4:b0:73:14:a9:91:
         bb:0b:84:8e:f9:1f:64:a9:40:1a:08:53:d6:1c:1c:18:b9:3f:
         a7:bb:b3:58:9a:62:19:bd:ec:b0:8a:21:d1:b5:49:6e:ff:7d:
         99:ff:54:b4:08:ef:fd:b9:02:e6:0b:2b:92:18:c8:c6:7a:45:
         1b:90:b0:a8:56:13:95:2e:8e:ff:bb:76:65:cd:75:b3:02:90:
         db:13:75:ed
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYvIVLj75YP4W5WjT1Pir6pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjMxMTEzMTA1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjZmYWRlZTNmNTljMTNhNWVjNzFlNTA0OTM5ODdkYzZkYjAzZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJkZX+0r6sz482J0Gwf7mnA489x6
3Je1cOy8Q1JvgeIatprxjZoWgiFOpqNdvDx4umWmoTQCv4GkbRM1g+/TThfBxHNb
5AmNnaKCkQfhVEB+MikZnU5fb/Akc/kjsUbwu+RVc+8lSNPjmdATcV3AxHl6BAyY
yyMUGnRUoG8xjH5f/ThqsH5hipoxoGqGm9+OGvYkNbE95L7rjhx971tcn2GVh+DV
5PtGX/iIC9+jqMug9knE0eMpJEx4XSa3JBvxuIAmkc+ZGSOHhkuld7Dfk8kaK/5t
L4qZ4xDyqrrHayQLQzpCGUIlMzFViV8l+eYMwznzIH/Q1lmbSDvntoq2rQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDZvre4/WcE6XsceUEk5h9xtsD5iMB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvTm0tdDdqOVp3VHBleHg1UVNUbUgzRzJ3UG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjItZmUwMzMzZWQwMDVm
LzEvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFTd+AAwQD
TijgAwQEW7+gAwQDXbvIAwQAuVBIAwQFw/QgMBQEAgACMA4DBQAqAarAAwUDKgq+
gDANBgkqhkiG9w0BAQsFAAOCAQEAgBzL/H4Itqa+e0pFVCtI/JoTGF1WzN8JjsIl
NZ0MIGaqpgq49skRfPjBZFVncsYgi7i8Fs4Xq5mvAnkXiIEgSSQlQkOSU8azQECD
hj0fOdhpvXVFqGB/frSbRgwzz2q4W8EnoX4oqwHmfWgHINWo7TAsAsDnSIjzrTpg
zE3pW4VxsjVcrrywHRvU78k9gTwZJu+LX8kyj6upQiTqY6Y490wRjkbPYPokfajh
a5yK9LBzFKmRuwuEjvkfZKlAGghT1hwcGLk/p7uzWJpiGb3ssIoh0bVJbv99mf9U
tAjv/bkC5gsrkhjIxnpFG5CwqFYTlS6O/7t2Zc11swKQ2xN17Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:05 2024 by rpki-client on console-ams.rpki-client.org