Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/F8hqHMJvRTiOD_Ru37pJdZNiqHw.roa
File:                     F8hqHMJvRTiOD_Ru37pJdZNiqHw.roa (raw, json)
Hash identifier:          aYuIl2DOZdHWJNvqOCt3SyJ8ppahsNDnJWu/ci9XySM=
Subject key identifier:   17:C8:6A:1C:C2:6F:45:38:8E:0F:F4:6E:DF:BA:49:75:93:62:A8:7C
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018CC8DF8FD9AA8AE96891E7451ADF30D95A
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/F8hqHMJvRTiOD_Ru37pJdZNiqHw.roa
Signing time:             Tue 02 Jan 2024 06:32:23 +0000
ROA not before:           Tue 02 Jan 2024 06:32:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        77.246.212.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 19:36:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:8f:d9:aa:8a:e9:68:91:e7:45:1a:df:30:d9:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Jan  2 06:32:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=17c86a1cc26f45388e0ff46edfba49759362a87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9a:77:d6:12:f0:88:03:e0:06:7a:95:df:4c:
                    7f:55:ad:27:dc:17:90:bc:2f:94:76:93:e3:d1:4c:
                    40:1d:71:2d:5b:97:0c:7e:78:06:55:4b:62:3f:a7:
                    8e:cb:1c:0a:5c:e8:d4:39:da:b9:50:36:06:69:4a:
                    e0:a9:9d:e4:0c:a5:47:2b:7b:e2:5e:c0:10:37:c2:
                    c8:fc:f6:c5:c9:71:26:b8:15:33:8a:61:2d:22:b6:
                    e0:89:fc:fe:78:6f:41:b1:69:b7:dc:3c:51:53:57:
                    ad:c0:46:01:9f:86:7a:77:2b:f4:3d:c4:ff:21:cf:
                    dc:37:f3:d0:d7:5c:31:b6:ae:93:e7:a9:9a:9a:c0:
                    5f:3f:e7:92:dc:3a:02:9e:d9:ce:7e:1d:59:90:7a:
                    6c:21:b1:3d:c6:fd:9f:54:de:86:bc:32:ec:d0:73:
                    21:80:29:b2:09:58:57:46:56:7e:ab:f7:a2:4e:50:
                    ea:c8:e4:5d:ad:3c:f5:92:99:b5:fd:00:3c:fd:2f:
                    29:6d:a0:03:7e:96:75:7c:8c:fa:51:de:8c:67:4e:
                    d4:5a:17:ce:00:d8:1f:5a:62:83:12:fe:b2:47:b8:
                    4c:21:e0:ef:2b:4c:15:7e:51:f4:22:a9:44:42:4a:
                    dc:66:8e:83:9f:eb:5c:9f:71:6e:9b:67:f6:c8:58:
                    da:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:C8:6A:1C:C2:6F:45:38:8E:0F:F4:6E:DF:BA:49:75:93:62:A8:7C
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/F8hqHMJvRTiOD_Ru37pJdZNiqHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.246.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:4f:2f:77:63:be:7a:43:4b:5e:c8:e3:ef:22:52:45:fb:f5:
         1c:6e:7a:8d:fd:f3:ef:85:54:13:3d:36:37:f0:14:f2:e5:36:
         f4:d8:2e:0a:ad:da:03:29:7c:9f:dc:af:0c:78:34:bd:d7:1f:
         38:9a:26:d3:1a:3a:aa:45:08:c9:3e:ac:db:83:8c:73:15:2b:
         06:2c:7c:57:4c:ab:f6:fc:fd:0f:2d:8b:9d:7d:23:61:ea:e0:
         34:37:cf:7d:d8:df:67:14:bc:94:97:5c:88:23:35:ec:ab:7a:
         e0:46:1b:93:f4:60:26:82:81:bf:c5:e1:30:54:78:1c:85:c8:
         ee:f8:25:50:08:c7:a5:6c:79:79:9e:13:86:e6:ad:e6:c7:f8:
         91:d3:d2:18:32:ec:28:8f:70:92:6e:1f:a6:d9:b9:7a:a2:32:
         08:1a:7a:29:3b:f3:ee:13:df:95:9e:b7:42:18:61:23:89:72:
         41:f7:f3:74:55:82:b6:c1:3a:9c:89:e8:ea:fd:26:b0:58:f8:
         6e:72:ab:7e:7b:34:88:7d:3a:5f:cc:5d:26:d5:42:08:7a:e4:
         a3:ea:b6:64:0d:f4:59:f2:1a:a8:4a:bb:6d:01:74:18:ef:d9:
         b9:77:67:6c:f9:52:f3:5b:04:cc:0b:8d:d6:01:95:64:e7:9d:
         59:97:0a:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34/ZqorpaJHnRRrfMNlaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M4NmExY2MyNmY0NTM4OGUwZmY0NmVkZmJhNDk3NTkzNjJhODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJp31hLwiAPgBnqV30x/Va0n3BeQ
vC+UdpPj0UxAHXEtW5cMfngGVUtiP6eOyxwKXOjUOdq5UDYGaUrgqZ3kDKVHK3vi
XsAQN8LI/PbFyXEmuBUzimEtIrbgifz+eG9BsWm33DxRU1etwEYBn4Z6dyv0PcT/
Ic/cN/PQ11wxtq6T56mamsBfP+eS3DoCntnOfh1ZkHpsIbE9xv2fVN6GvDLs0HMh
gCmyCVhXRlZ+q/eiTlDqyORdrTz1kpm1/QA8/S8pbaADfpZ1fIz6Ud6MZ07UWhfO
ANgfWmKDEv6yR7hMIeDvK0wVflH0IqlEQkrcZo6Dn+tcn3Fum2f2yFjaAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfIahzCb0U4jg/0bt+6SXWTYqh8MB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvRjhocUhNSnZSVGlPRF9SdTM3cEpkWk5pcUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTfbUMA0G
CSqGSIb3DQEBCwUAA4IBAQCFTy93Y756Q0teyOPvIlJF+/UcbnqN/fPvhVQTPTY3
8BTy5Tb02C4KrdoDKXyf3K8MeDS91x84mibTGjqqRQjJPqzbg4xzFSsGLHxXTKv2
/P0PLYudfSNh6uA0N8992N9nFLyUl1yIIzXsq3rgRhuT9GAmgoG/xeEwVHgchcju
+CVQCMelbHl5nhOG5q3mx/iR09IYMuwoj3CSbh+m2bl6ojIIGnopO/PuE9+VnrdC
GGEjiXJB9/N0VYK2wTqciejq/SawWPhucqt+ezSIfTpfzF0m1UIIeuSj6rZkDfRZ
8hqoSrttAXQY79m5d2ds+VLzWwTMC43WAZVk551Zlwoy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org