Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/EyTXoWATRkoY-RjptmpoqC26RAA.roa
File:                     EyTXoWATRkoY-RjptmpoqC26RAA.roa (raw, json)
Hash identifier:          6TU9qTjtjCdsEgA2QfeogK6o3VFa32T2wBCsJSkzZVc=
Subject key identifier:   13:24:D7:A1:60:13:46:4A:18:F9:18:E9:B6:6A:68:A8:2D:BA:44:00
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018CC8DF8FA27616592B63D7EC308B3187AB
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/EyTXoWATRkoY-RjptmpoqC26RAA.roa
Signing time:             Tue 02 Jan 2024 06:32:23 +0000
ROA not before:           Tue 02 Jan 2024 06:32:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        77.246.212.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 19:36:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:8f:a2:76:16:59:2b:63:d7:ec:30:8b:31:87:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Jan  2 06:32:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1324d7a16013464a18f918e9b66a68a82dba4400
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:33:89:25:93:e8:63:b2:e7:b0:aa:31:e8:94:
                    ee:6b:9c:ce:8c:94:7b:a3:d0:96:9e:82:d9:fb:f3:
                    92:af:ca:9f:21:66:50:a1:91:2f:e4:5f:c0:84:5c:
                    e5:08:5c:b9:5b:f6:e2:59:6a:25:e9:26:b9:77:28:
                    0b:37:fb:ec:08:27:2b:5f:67:bd:5f:ea:36:8c:be:
                    96:bd:f1:24:2c:5f:c8:7b:67:c6:f6:22:19:43:af:
                    71:be:29:b6:a9:bc:ea:ac:88:2e:28:85:b5:fc:1f:
                    39:d5:41:e8:ac:a4:b4:5e:c9:38:5c:0e:51:b5:12:
                    6a:f2:fa:d3:e9:d5:51:0d:6e:b9:a0:98:09:bc:ba:
                    4a:fb:7d:9c:15:e0:11:20:80:77:f7:d3:b7:cb:90:
                    02:b6:3a:09:e3:1f:db:4b:74:36:71:7b:8e:88:2f:
                    c9:ad:18:00:e1:09:7b:ff:69:57:9d:b3:fc:5f:f9:
                    27:44:b0:4b:2a:2a:83:21:92:31:eb:c1:96:11:f8:
                    e8:cd:67:da:a1:92:ac:a9:48:5e:0d:39:81:92:ee:
                    3f:0f:39:c7:dc:2f:76:26:07:85:73:ae:db:66:88:
                    08:36:7e:52:7c:92:6a:34:0d:5f:b9:d6:19:60:59:
                    20:82:08:e1:b6:83:73:12:65:14:11:c4:21:41:38:
                    2d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:24:D7:A1:60:13:46:4A:18:F9:18:E9:B6:6A:68:A8:2D:BA:44:00
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/EyTXoWATRkoY-RjptmpoqC26RAA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.246.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:3b:5d:37:10:fc:f8:0b:8c:f2:2a:03:b7:97:c0:25:8a:f2:
         8b:49:be:61:0e:6b:36:20:04:c9:63:1b:0c:31:80:a5:f7:66:
         12:87:67:ff:72:cf:89:d0:e8:29:4a:a9:5c:b8:0c:66:bd:97:
         cf:0b:86:2b:2f:67:c4:f3:d0:d3:9d:08:63:ec:9f:af:d0:f2:
         f6:b0:52:f0:85:7e:6b:56:7a:1f:1c:85:87:02:52:6b:2f:2d:
         bc:91:ea:c1:ba:f9:ef:be:b1:83:b7:c6:cc:80:1a:2f:7a:c3:
         b6:11:a2:40:3a:b7:2c:2b:f6:19:22:cf:2d:34:28:a4:46:01:
         ed:f6:26:42:49:03:55:8f:04:34:9b:98:7d:3c:8f:13:09:35:
         bd:21:76:58:59:3d:58:29:8b:18:31:3d:48:fd:4d:3b:9c:fd:
         9d:a2:27:1c:1e:01:7e:60:9b:18:6d:3f:9d:20:72:63:17:e5:
         8b:ec:df:5c:ce:c6:84:91:43:bc:9f:55:f3:0b:3e:ba:78:64:
         01:8e:c5:41:86:a0:a2:43:ea:27:87:ef:5b:50:c6:d2:77:36:
         eb:3d:0e:b0:00:c2:1f:8f:4d:e7:29:b5:e8:c7:22:9c:03:2e:
         cc:f9:81:67:f7:b5:ed:3c:82:b8:9a:9c:a2:cb:a9:80:5b:6c:
         3e:9c:00:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34+idhZZK2PX7DCLMYerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI0ZDdhMTYwMTM0NjRhMThmOTE4ZTliNjZhNjhhODJkYmE0NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTOJJZPoY7LnsKox6JTua5zOjJR7
o9CWnoLZ+/OSr8qfIWZQoZEv5F/AhFzlCFy5W/biWWol6Sa5dygLN/vsCCcrX2e9
X+o2jL6WvfEkLF/Ie2fG9iIZQ69xvim2qbzqrIguKIW1/B851UHorKS0Xsk4XA5R
tRJq8vrT6dVRDW65oJgJvLpK+32cFeARIIB399O3y5ACtjoJ4x/bS3Q2cXuOiC/J
rRgA4Ql7/2lXnbP8X/knRLBLKiqDIZIx68GWEfjozWfaoZKsqUheDTmBku4/DznH
3C92JgeFc67bZogINn5SfJJqNA1fudYZYFkgggjhtoNzEmUUEcQhQTgtGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMk16FgE0ZKGPkY6bZqaKgtukQAMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvRXlUWG9XQVRSa29ZLVJqcHRtcG9xQzI2UkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTfbUMA0G
CSqGSIb3DQEBCwUAA4IBAQCGO103EPz4C4zyKgO3l8AlivKLSb5hDms2IATJYxsM
MYCl92YSh2f/cs+J0OgpSqlcuAxmvZfPC4YrL2fE89DTnQhj7J+v0PL2sFLwhX5r
VnofHIWHAlJrLy28kerBuvnvvrGDt8bMgBovesO2EaJAOrcsK/YZIs8tNCikRgHt
9iZCSQNVjwQ0m5h9PI8TCTW9IXZYWT1YKYsYMT1I/U07nP2doiccHgF+YJsYbT+d
IHJjF+WL7N9czsaEkUO8n1XzCz66eGQBjsVBhqCiQ+onh+9bUMbSdzbrPQ6wAMIf
j03nKbXoxyKcAy7M+YFn97XtPIK4mpyiy6mAW2w+nAAu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org