Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/ALyh0O3fruJ6xOJwEoWbGZ-COt4.roa
File:                     ALyh0O3fruJ6xOJwEoWbGZ-COt4.roa (raw, json)
Hash identifier:          we55+dvsbLqBfWkzkiabQ4MT2oNhclcuKOlqa32x2/Y=
Subject key identifier:   00:BC:A1:D0:ED:DF:AE:E2:7A:C4:E2:70:12:85:9B:19:9F:82:3A:DE
Certificate issuer:       /CN=ffc4ce78a4d18ca6ef3108f4a365906da6b6b7f3
Certificate serial:       018572BA7E8C61161D7E7614A0562444432C
Authority key identifier: FF:C4:CE:78:A4:D1:8C:A6:EF:31:08:F4:A3:65:90:6D:A6:B6:B7:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_8TOeKTRjKbvMQj0o2WQbaa2t_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/ALyh0O3fruJ6xOJwEoWbGZ-COt4.roa
Signing time:             Mon 02 Jan 2023 13:45:02 +0000
ROA not before:           Mon 02 Jan 2023 13:45:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202005
IP address blocks:        185.77.186.0/24 maxlen: 24
                          185.77.185.0/24 maxlen: 24
                          185.77.184.0/24 maxlen: 24
                          185.77.184.0/22 maxlen: 22
                          185.77.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:7e:8c:61:16:1d:7e:76:14:a0:56:24:44:43:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffc4ce78a4d18ca6ef3108f4a365906da6b6b7f3
        Validity
            Not Before: Jan  2 13:45:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00bca1d0eddfaee27ac4e27012859b199f823ade
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:14:f4:3e:9b:46:12:67:f5:fa:4e:18:56:ec:
                    59:7d:fe:4d:49:7e:d2:78:1e:df:5f:47:29:d8:88:
                    73:57:87:15:42:92:68:7f:31:44:f1:fe:86:cb:7d:
                    ea:6d:e9:28:51:c0:f4:a4:da:45:ba:8d:29:9d:a6:
                    16:28:01:49:68:11:22:2e:0a:9a:d4:a2:dd:82:e4:
                    ee:82:97:84:03:59:a7:8e:b2:3c:45:d7:e7:e3:82:
                    6c:50:df:92:0e:5e:78:61:ee:be:dc:db:4c:f1:12:
                    02:76:cb:58:ef:1f:d1:b0:3c:3c:07:95:74:e3:1e:
                    10:91:8e:e4:ec:06:c1:5d:2c:95:63:04:c8:93:1c:
                    a2:d0:a2:77:83:ef:bc:09:4a:7f:57:b6:aa:86:19:
                    51:ac:9e:a1:86:46:d6:af:de:e4:78:27:55:5b:c2:
                    be:1a:38:51:09:8e:5b:ec:35:d2:14:f3:14:c1:8d:
                    d1:5a:83:ec:1a:56:b2:83:78:8e:ff:7f:c9:47:a8:
                    a7:7c:b9:06:43:86:c2:b6:84:e5:3c:c6:84:27:21:
                    4c:ec:b0:c0:5f:54:01:65:1d:c9:5e:38:03:ba:aa:
                    f3:f0:d1:42:52:58:c3:86:6a:dc:23:2e:d5:e0:24:
                    36:b4:6f:6f:26:79:8f:03:98:61:e2:c7:78:89:de:
                    02:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:BC:A1:D0:ED:DF:AE:E2:7A:C4:E2:70:12:85:9B:19:9F:82:3A:DE
            X509v3 Authority Key Identifier:
                keyid:FF:C4:CE:78:A4:D1:8C:A6:EF:31:08:F4:A3:65:90:6D:A6:B6:B7:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8TOeKTRjKbvMQj0o2WQbaa2t_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/ALyh0O3fruJ6xOJwEoWbGZ-COt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/_8TOeKTRjKbvMQj0o2WQbaa2t_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.77.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:45:cf:1c:af:65:72:2e:b2:76:96:62:76:5b:6e:29:07:f1:
         c9:76:83:a8:18:39:4e:12:9e:b6:38:66:13:cf:ec:1a:45:67:
         f6:b8:ce:c6:44:91:04:eb:d4:d1:b7:b1:c4:bc:eb:f5:5f:3a:
         3a:34:a5:9a:4e:ed:48:e9:b0:50:27:27:06:8d:37:87:02:09:
         4b:3d:20:df:b8:92:1d:3f:50:be:75:c2:3d:d1:4d:85:e8:84:
         2e:fb:57:7b:c1:2b:f2:e5:8a:78:42:f1:cd:6b:8b:e0:7a:51:
         ed:1e:1d:3f:92:ab:7a:9a:6f:af:37:e6:7f:02:80:05:e5:04:
         47:b5:a2:d1:66:18:61:b6:2a:be:93:8a:03:56:19:46:3e:a7:
         cf:dc:3d:15:f1:46:da:55:d5:06:7a:95:7f:83:1e:49:a1:e2:
         81:d3:15:bb:c7:d4:52:6d:6e:ff:63:96:f8:8a:06:58:46:8c:
         a6:54:55:83:3d:07:69:4f:9a:52:8a:5f:0e:cb:7c:2c:d5:9a:
         4e:0f:67:37:ca:44:3d:53:2d:7c:c8:a4:5a:be:db:14:18:b7:
         08:b0:2b:a8:1b:a4:98:82:7f:f0:04:0e:7a:2f:0a:a4:b4:80:
         38:4e:0b:bb:b6:c5:02:68:15:f8:98:44:e2:98:87:28:e9:c4:
         58:76:21:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyun6MYRYdfnYUoFYkREMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYzRjZTc4YTRkMThjYTZlZjMxMDhmNGEzNjU5MDZkYTZi
NmI3ZjMwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJjYTFkMGVkZGZhZWUyN2FjNGUyNzAxMjg1OWIxOTlmODIzYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxT0PptGEmf1+k4YVuxZff5NSX7S
eB7fX0cp2IhzV4cVQpJofzFE8f6Gy33qbekoUcD0pNpFuo0pnaYWKAFJaBEiLgqa
1KLdguTugpeEA1mnjrI8Rdfn44JsUN+SDl54Ye6+3NtM8RICdstY7x/RsDw8B5V0
4x4QkY7k7AbBXSyVYwTIkxyi0KJ3g++8CUp/V7aqhhlRrJ6hhkbWr97keCdVW8K+
GjhRCY5b7DXSFPMUwY3RWoPsGlayg3iO/3/JR6infLkGQ4bCtoTlPMaEJyFM7LDA
X1QBZR3JXjgDuqrz8NFCUljDhmrcIy7V4CQ2tG9vJnmPA5hh4sd4id4CfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAC8odDt367iesTicBKFmxmfgjreMB8GA1UdIwQY
MBaAFP/Eznik0Yym7zEI9KNlkG2mtrfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhUT2VLVFJqS2J2TVFqMG8yV1FiYWEydF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8xNzkxNGItY2E2My00OTgwLTg3NDAt
OGQxMDY0ODNlMzZlLzEvQUx5aDBPM2ZydUo2eE9Kd0VvV2JHWi1DT3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8xNzkxNGItY2E2My00OTgwLTg3NDAtOGQxMDY0ODNlMzZl
LzEvXzhUT2VLVFJqS2J2TVFqMG8yV1FiYWEydF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU24MA0G
CSqGSIb3DQEBCwUAA4IBAQCRRc8cr2VyLrJ2lmJ2W24pB/HJdoOoGDlOEp62OGYT
z+waRWf2uM7GRJEE69TRt7HEvOv1Xzo6NKWaTu1I6bBQJycGjTeHAglLPSDfuJId
P1C+dcI90U2F6IQu+1d7wSvy5Yp4QvHNa4vgelHtHh0/kqt6mm+vN+Z/AoAF5QRH
taLRZhhhtiq+k4oDVhlGPqfP3D0V8UbaVdUGepV/gx5JoeKB0xW7x9RSbW7/Y5b4
igZYRoymVFWDPQdpT5pSil8Oy3ws1ZpOD2c3ykQ9Uy18yKRavtsUGLcIsCuoG6SY
gn/wBA56LwqktIA4Tgu7tsUCaBX4mETimIco6cRYdiEw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:27 2024 by rpki-client on console-ams.rpki-client.org