Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/adZpI80VmMyOpYfip2DZFxgzb8M.roa
File:                     adZpI80VmMyOpYfip2DZFxgzb8M.roa (raw, json)
Hash identifier:          kAA8P2UJ5IPwdWLJfnRu3sx2JbXkomz1XX1HUCTvsmw=
Subject key identifier:   69:D6:69:23:CD:15:98:CC:8E:A5:87:E2:A7:60:D9:17:18:33:6F:C3
Certificate issuer:       /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial:       01856E2679B0CA0057CEFB07C3A33C56D060
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/adZpI80VmMyOpYfip2DZFxgzb8M.roa
Signing time:             Sun 01 Jan 2023 16:24:53 +0000
ROA not before:           Sun 01 Jan 2023 16:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209371
IP address blocks:        77.73.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 07:56:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:26:79:b0:ca:00:57:ce:fb:07:c3:a3:3c:56:d0:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
        Validity
            Not Before: Jan  1 16:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69d66923cd1598cc8ea587e2a760d91718336fc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:79:e6:b5:0f:00:71:0e:ce:04:17:e2:56:16:
                    54:a6:13:4c:a6:6c:d1:63:be:65:93:65:48:f8:74:
                    e8:ef:93:e5:52:12:56:65:e5:b3:4c:1a:61:df:be:
                    58:86:24:0d:31:1c:e7:87:95:c3:e6:c6:25:7e:6d:
                    9a:83:4c:9f:0e:2d:3a:20:0e:c6:64:f9:f9:d5:3b:
                    f2:96:37:ba:a7:21:a4:0b:40:d1:f8:1c:e1:eb:e7:
                    f7:5e:fb:55:b0:b9:2e:aa:f4:19:c5:f5:29:85:71:
                    50:4c:97:94:5d:38:b4:1d:45:95:20:d9:ee:10:78:
                    3d:2f:6b:06:96:a0:ff:ee:e0:e3:82:34:3a:1c:5f:
                    b6:b4:2e:13:f9:c6:ea:db:ee:1d:3f:df:38:14:50:
                    26:1c:7b:9b:f5:d2:5a:54:18:3d:07:a6:71:cc:52:
                    89:55:99:9a:11:e7:7e:a5:d2:e5:fa:79:7c:c5:8c:
                    4c:ec:f1:ec:02:37:23:bf:82:70:cf:96:9f:6e:e4:
                    78:ec:a2:87:a0:45:96:c4:01:28:72:3e:f0:38:c2:
                    6c:15:53:bf:f9:11:d3:9e:29:fe:6a:be:d0:3f:f0:
                    c9:35:14:af:27:0c:62:5b:3e:8c:e3:89:b5:12:a9:
                    65:b9:e0:f2:5f:17:9f:99:a2:de:65:8c:34:5f:14:
                    33:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D6:69:23:CD:15:98:CC:8E:A5:87:E2:A7:60:D9:17:18:33:6F:C3
            X509v3 Authority Key Identifier:
                keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/adZpI80VmMyOpYfip2DZFxgzb8M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.73.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:fc:d7:b7:5c:50:5e:72:2d:17:e1:c5:c5:13:8e:87:05:af:
         86:e7:b2:22:0d:d0:8f:99:ac:80:ba:94:9a:d3:e5:df:b1:9f:
         7d:55:53:a7:53:5a:cb:da:0a:69:24:a6:88:e3:a6:2e:03:ae:
         8f:47:7f:93:2b:20:2c:5a:8a:a9:9a:a3:85:54:43:d1:14:cc:
         83:e8:e9:a1:41:f0:8c:fe:39:0e:44:f0:88:fc:a3:8d:de:df:
         5e:a2:71:20:bf:1a:81:28:2a:75:2c:d2:2e:d3:39:de:7c:35:
         c7:8d:ac:d9:27:bb:82:ce:b8:ac:3a:96:6f:5d:29:77:a6:fd:
         a1:1f:bb:65:9a:62:74:c0:5f:fe:40:2c:9b:a0:65:33:35:6a:
         fd:c2:a6:c6:f4:82:30:8e:56:f4:cc:03:ef:ed:bb:db:a4:3b:
         b1:b8:a4:6e:43:b2:60:bc:a1:2f:d5:37:c5:b2:36:9b:de:5a:
         2a:29:0a:f1:fc:2f:74:ad:17:d7:d7:e4:b2:79:6e:ca:5d:8e:
         b1:5f:38:00:32:8b:db:dc:6e:70:d2:1d:39:31:81:56:ee:e2:
         ed:6c:86:b1:52:f6:a1:2e:a6:b5:a0:7c:7f:c9:14:5f:b6:18:
         c8:e1:bc:f3:59:50:90:95:12:cc:c9:b2:a4:64:c2:d2:b0:6a:
         4f:ae:30:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJnmwygBXzvsHw6M8VtBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjMwMTAxMTYyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQ2NjkyM2NkMTU5OGNjOGVhNTg3ZTJhNzYwZDkxNzE4MzM2ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHnmtQ8AcQ7OBBfiVhZUphNMpmzR
Y75lk2VI+HTo75PlUhJWZeWzTBph375YhiQNMRznh5XD5sYlfm2ag0yfDi06IA7G
ZPn51Tvylje6pyGkC0DR+Bzh6+f3XvtVsLkuqvQZxfUphXFQTJeUXTi0HUWVINnu
EHg9L2sGlqD/7uDjgjQ6HF+2tC4T+cbq2+4dP984FFAmHHub9dJaVBg9B6ZxzFKJ
VZmaEed+pdLl+nl8xYxM7PHsAjcjv4Jwz5afbuR47KKHoEWWxAEocj7wOMJsFVO/
+RHTnin+ar7QP/DJNRSvJwxiWz6M44m1EqllueDyXxefmaLeZYw0XxQz7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGnWaSPNFZjMjqWH4qdg2RcYM2/DMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvYWRacEk4MFZtTXlPcFlmaXAyRFpGeGd6YjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmEMA0G
CSqGSIb3DQEBCwUAA4IBAQAm/Ne3XFBeci0X4cXFE46HBa+G57IiDdCPmayAupSa
0+XfsZ99VVOnU1rL2gppJKaI46YuA66PR3+TKyAsWoqpmqOFVEPRFMyD6OmhQfCM
/jkORPCI/KON3t9eonEgvxqBKCp1LNIu0znefDXHjazZJ7uCzrisOpZvXSl3pv2h
H7tlmmJ0wF/+QCyboGUzNWr9wqbG9IIwjlb0zAPv7bvbpDuxuKRuQ7JgvKEv1TfF
sjab3loqKQrx/C90rRfX1+SyeW7KXY6xXzgAMovb3G5w0h05MYFW7uLtbIaxUvah
Lqa1oHx/yRRfthjI4bzzWVCQlRLMybKkZMLSsGpPrjCs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org