Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/pbzE8lINH7coVpDV9Y7fT_CiIg0.roa
File:                     pbzE8lINH7coVpDV9Y7fT_CiIg0.roa (raw, json)
Hash identifier:          UU97hd5gLQUO73QG23BOaGu+A14BYz3vnJjeod6H840=
Subject key identifier:   A5:BC:C4:F2:52:0D:1F:B7:28:56:90:D5:F5:8E:DF:4F:F0:A2:22:0D
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018CC8DF91E41088C6C9D4A446EC54C37DDB
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/pbzE8lINH7coVpDV9Y7fT_CiIg0.roa
Signing time:             Tue 02 Jan 2024 06:32:24 +0000
ROA not before:           Tue 02 Jan 2024 06:32:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44901
IP address blocks:        88.80.136.0/24 maxlen: 24
                          77.246.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 06:40:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:91:e4:10:88:c6:c9:d4:a4:46:ec:54:c3:7d:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Jan  2 06:32:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a5bcc4f2520d1fb7285690d5f58edf4ff0a2220d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ae:12:1b:08:14:fe:72:50:4e:e9:43:83:2c:
                    2d:e3:af:25:97:6b:01:15:01:34:17:f2:ed:b4:17:
                    f1:57:5c:92:2f:80:60:53:28:42:6a:da:66:7b:f2:
                    c3:47:91:ea:e1:74:31:b4:c5:c3:e5:d5:26:e6:12:
                    4f:5a:db:4d:ec:ea:2c:97:28:83:72:b4:8c:06:ce:
                    80:b3:59:a8:7c:c7:27:8c:ab:5e:7f:59:fc:1a:4b:
                    0a:13:55:57:e8:e0:f0:bd:10:7d:cf:ca:08:f9:6e:
                    b9:d6:98:22:e0:92:2c:be:f9:ae:64:04:1a:b5:af:
                    f7:5d:ea:12:7d:ee:e5:5b:9e:30:6c:9c:1d:f5:15:
                    22:c3:f5:4d:79:0c:ec:97:59:6a:6a:33:39:c6:fe:
                    e9:18:16:de:e8:73:99:09:30:ff:2f:04:26:4c:15:
                    c0:47:1c:88:48:aa:fe:6a:ef:8e:e9:c7:dc:ae:6e:
                    20:6a:a2:a4:20:42:0a:db:82:bd:54:84:a0:1c:d8:
                    30:85:84:a0:d7:b8:06:84:65:25:01:30:d8:bc:ea:
                    e3:2f:bd:ae:17:de:90:aa:37:5b:f1:9a:7e:7e:75:
                    42:d4:3f:55:e4:ac:2a:4a:45:89:31:8c:99:35:b8:
                    73:37:cd:f7:5c:1c:27:4b:1f:60:42:1f:5b:ee:62:
                    09:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BC:C4:F2:52:0D:1F:B7:28:56:90:D5:F5:8E:DF:4F:F0:A2:22:0D
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/pbzE8lINH7coVpDV9Y7fT_CiIg0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.246.220.0/24
                  88.80.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:ac:f3:68:1b:64:4a:3f:68:62:fa:53:f9:02:ce:ab:06:c3:
         e5:8a:2a:80:2d:3a:1f:e3:7a:21:bd:a7:54:9a:7d:68:cb:5e:
         5f:a3:f3:75:4d:b5:a9:08:30:6b:cb:28:49:66:cd:a5:31:44:
         74:fd:0a:a8:67:bb:72:66:07:42:0f:17:f5:88:84:8b:31:7e:
         af:a5:39:24:8f:86:13:1c:30:6e:8c:4f:14:0f:a5:81:a1:08:
         65:98:d2:2c:73:15:56:fb:bc:de:0a:e1:e0:05:80:eb:c1:ed:
         9a:19:90:d4:be:75:64:4d:ed:9a:b4:d3:6e:86:9d:87:d3:70:
         69:3e:61:b7:82:78:98:18:19:41:4b:f3:dc:dd:1c:0c:80:ae:
         94:ab:a3:e8:fb:1e:62:ea:2c:91:e3:6b:15:42:e0:8c:2a:fe:
         34:5a:90:2c:74:a4:4f:0e:c6:5f:e4:97:db:06:ea:f1:67:ec:
         e3:84:d2:21:9c:0c:73:dc:2d:67:66:e3:d5:8c:05:ff:2d:ec:
         1c:f0:58:c7:bd:14:de:59:f7:34:8c:0c:bc:c7:55:16:e1:0b:
         a0:54:cd:82:1a:3b:64:05:8d:1c:b5:0e:b6:bd:a4:86:c0:94:
         14:58:0b:61:d6:82:3c:cd:0c:23:e6:16:ab:66:5e:70:27:96:
         87:b3:4a:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI35HkEIjGydSkRuxUw33bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJjYzRmMjUyMGQxZmI3Mjg1NjkwZDVmNThlZGY0ZmYwYTIyMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp64SGwgU/nJQTulDgywt468ll2sB
FQE0F/LttBfxV1ySL4BgUyhCatpme/LDR5Hq4XQxtMXD5dUm5hJPWttN7OoslyiD
crSMBs6As1mofMcnjKtef1n8GksKE1VX6ODwvRB9z8oI+W651pgi4JIsvvmuZAQa
ta/3XeoSfe7lW54wbJwd9RUiw/VNeQzsl1lqajM5xv7pGBbe6HOZCTD/LwQmTBXA
RxyISKr+au+O6cfcrm4gaqKkIEIK24K9VISgHNgwhYSg17gGhGUlATDYvOrjL72u
F96Qqjdb8Zp+fnVC1D9V5KwqSkWJMYyZNbhzN833XBwnSx9gQh9b7mIJ5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKW8xPJSDR+3KFaQ1fWO30/woiINMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvcGJ6RThsSU5IN2NvVnBEVjlZN2ZUX0NpSWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfbcAwQA
WFCIMA0GCSqGSIb3DQEBCwUAA4IBAQByrPNoG2RKP2hi+lP5As6rBsPliiqALTof
43ohvadUmn1oy15fo/N1TbWpCDBryyhJZs2lMUR0/QqoZ7tyZgdCDxf1iISLMX6v
pTkkj4YTHDBujE8UD6WBoQhlmNIscxVW+7zeCuHgBYDrwe2aGZDUvnVkTe2atNNu
hp2H03BpPmG3gniYGBlBS/Pc3RwMgK6Uq6Po+x5i6iyR42sVQuCMKv40WpAsdKRP
DsZf5JfbBurxZ+zjhNIhnAxz3C1nZuPVjAX/Lewc8FjHvRTeWfc0jAy8x1UW4Qug
VM2CGjtkBY0ctQ62vaSGwJQUWAth1oI8zQwj5harZl5wJ5aHs0qw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org