Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/0QND4z_2E5EjNMDaGRiINEUka6E.roa
File:                     0QND4z_2E5EjNMDaGRiINEUka6E.roa (raw, json)
Hash identifier:          6NgxLBkbF3JTj5u5Xw2g8hrg+vgsP6BSzsYSo7BH6MM=
Subject key identifier:   D1:03:43:E3:3F:F6:13:91:23:34:C0:DA:19:18:88:34:45:24:6B:A1
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018ECD07DE6F959ABAEC75FABDAE97F94A5D
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/0QND4z_2E5EjNMDaGRiINEUka6E.roa
Signing time:             Thu 11 Apr 2024 12:00:28 +0000
ROA not before:           Thu 11 Apr 2024 12:00:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        77.246.211.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 20:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:cd:07:de:6f:95:9a:ba:ec:75:fa:bd:ae:97:f9:4a:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Apr 11 12:00:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d10343e33ff613912334c0da1918883445246ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:a3:73:28:34:82:71:8e:ec:3c:2b:d6:01:79:
                    6d:c6:5c:83:87:17:f0:d5:19:c3:02:b2:06:d9:23:
                    13:29:83:1f:ff:71:08:27:43:df:59:d5:53:79:cd:
                    ac:f3:24:5b:e3:a6:00:b8:fc:6b:d6:5f:c2:5f:1c:
                    bd:2d:af:d2:6a:c8:09:d8:87:d4:20:77:d0:81:a1:
                    81:57:9b:33:af:86:25:b9:23:a8:f9:d2:9a:a5:a3:
                    56:bb:c9:c8:42:f9:29:e6:0a:f9:45:9d:2c:32:7f:
                    e2:d3:39:96:e8:91:41:25:0e:39:d1:10:d8:05:92:
                    e7:62:24:32:58:9b:18:54:1e:cc:a4:28:1d:55:d3:
                    96:21:27:18:1f:8f:0c:16:8b:12:64:08:bc:15:fd:
                    19:e9:cb:0b:90:c0:43:8e:0e:63:47:4c:f2:5b:0f:
                    47:f0:b4:ca:32:df:8d:51:46:77:ad:5a:5e:d6:4d:
                    41:8c:b0:14:c3:53:8b:34:a3:73:23:f9:7c:5c:4c:
                    8c:4b:d0:57:14:61:62:45:c6:3a:a7:7a:07:be:b0:
                    73:2b:c4:17:dc:64:43:2f:e1:a1:c8:bc:6b:02:81:
                    2c:42:66:fb:45:02:93:c1:24:68:8c:d2:03:1c:1c:
                    3b:a3:7c:78:53:31:2b:8e:3b:77:14:ad:ca:5b:3d:
                    c8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:03:43:E3:3F:F6:13:91:23:34:C0:DA:19:18:88:34:45:24:6B:A1
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/0QND4z_2E5EjNMDaGRiINEUka6E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.246.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:d5:72:ec:ae:df:84:41:c2:eb:8e:1b:f2:cd:88:0f:ef:84:
         52:f0:68:46:73:fe:d8:c6:ca:ac:b7:d1:ba:b8:ab:e1:f5:5d:
         88:bc:2d:63:45:49:2f:e8:ea:7e:c1:a6:3f:7c:9e:4c:37:9d:
         6b:7d:8c:b2:33:46:d5:f3:cc:46:b4:6c:bd:36:ff:a4:28:2e:
         6c:11:7a:91:a1:2c:4e:35:43:62:6e:c6:63:72:15:ab:f7:b9:
         63:4b:25:36:2a:63:c1:76:7f:4f:84:80:a9:db:c4:06:d6:14:
         a3:b8:2e:f7:f4:c2:1e:aa:c0:dc:27:53:b3:fe:60:bc:ee:53:
         95:41:6e:f8:24:1d:66:35:97:27:8e:b0:2a:26:a8:3d:00:f5:
         e0:26:20:2f:d0:d8:47:8a:82:01:00:20:cb:a7:a8:65:0d:d5:
         72:6b:0f:e0:ff:53:24:24:b1:6d:88:13:6e:b8:c0:d8:2b:78:
         5d:32:e9:08:37:7d:71:c9:0d:ca:17:de:7c:b5:47:d8:ac:4c:
         17:2b:8e:7b:14:1d:8a:54:2d:d2:e4:5d:c2:15:c1:9e:4c:8f:
         1b:30:65:94:98:2b:e4:08:6c:0e:1a:49:bc:ca:d4:fa:48:71:
         8b:1d:3d:f6:f5:9c:85:5b:4e:3d:0d:19:f5:ad:54:f4:1a:37:
         e0:71:9d:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7NB95vlZq67HX6va6X+UpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwNDExMTIwMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTAzNDNlMzNmZjYxMzkxMjMzNGMwZGExOTE4ODgzNDQ1MjQ2YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKNzKDSCcY7sPCvWAXltxlyDhxfw
1RnDArIG2SMTKYMf/3EIJ0PfWdVTec2s8yRb46YAuPxr1l/CXxy9La/SasgJ2IfU
IHfQgaGBV5szr4YluSOo+dKapaNWu8nIQvkp5gr5RZ0sMn/i0zmW6JFBJQ450RDY
BZLnYiQyWJsYVB7MpCgdVdOWIScYH48MFosSZAi8Ff0Z6csLkMBDjg5jR0zyWw9H
8LTKMt+NUUZ3rVpe1k1BjLAUw1OLNKNzI/l8XEyMS9BXFGFiRcY6p3oHvrBzK8QX
3GRDL+GhyLxrAoEsQmb7RQKTwSRojNIDHBw7o3x4UzErjjt3FK3KWz3I+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEDQ+M/9hORIzTA2hkYiDRFJGuhMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvMFFORDR6XzJFNUVqTk1EYUdSaUlORVVrYTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfbTMA0G
CSqGSIb3DQEBCwUAA4IBAQAI1XLsrt+EQcLrjhvyzYgP74RS8GhGc/7Yxsqst9G6
uKvh9V2IvC1jRUkv6Op+waY/fJ5MN51rfYyyM0bV88xGtGy9Nv+kKC5sEXqRoSxO
NUNibsZjchWr97ljSyU2KmPBdn9PhICp28QG1hSjuC739MIeqsDcJ1Oz/mC87lOV
QW74JB1mNZcnjrAqJqg9APXgJiAv0NhHioIBACDLp6hlDdVyaw/g/1MkJLFtiBNu
uMDYK3hdMukIN31xyQ3KF958tUfYrEwXK457FB2KVC3S5F3CFcGeTI8bMGWUmCvk
CGwOGkm8ytT6SHGLHT329ZyFW049DRn1rVT0GjfgcZ2T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org