Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/2AhAZX0QTcF7gWVRrXWHpfHdr14.roa
File:                     2AhAZX0QTcF7gWVRrXWHpfHdr14.roa (raw, json)
Hash identifier:          qedKaYULiPZov96qPuBdLTYV2fHASU3fl1OBGTuBlUQ=
Subject key identifier:   D8:08:40:65:7D:10:4D:C1:7B:81:65:51:AD:75:87:A5:F1:DD:AF:5E
Certificate issuer:       /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial:       01856F949E53DC151E54B078AFB2267AD44D
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/2AhAZX0QTcF7gWVRrXWHpfHdr14.roa
Signing time:             Sun 01 Jan 2023 23:04:48 +0000
ROA not before:           Sun 01 Jan 2023 23:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42031
IP address blocks:        77.105.132.0/24 maxlen: 24
                          77.105.131.0/24 maxlen: 24
                          77.105.130.0/24 maxlen: 24
                          77.105.129.0/24 maxlen: 24
                          77.105.128.0/24 maxlen: 24
                          77.105.135.0/24 maxlen: 24
                          77.105.134.0/24 maxlen: 24
                          77.105.133.0/24 maxlen: 24
                          77.105.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 07:22:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:9e:53:dc:15:1e:54:b0:78:af:b2:26:7a:d4:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
        Validity
            Not Before: Jan  1 23:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d80840657d104dc17b816551ad7587a5f1ddaf5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b4:76:6b:f1:17:67:3b:12:f1:2d:49:2a:b9:
                    34:4b:c2:8e:39:22:72:03:cb:45:1e:7c:78:36:e6:
                    11:59:1e:55:73:9d:e0:08:61:85:49:25:4f:21:f5:
                    aa:20:95:e0:a3:58:e5:13:cc:8e:10:0d:59:eb:2f:
                    c9:98:ec:69:48:a8:08:64:24:64:a0:83:e0:5b:11:
                    ca:e7:1b:4f:41:80:fe:42:28:61:9c:24:b4:ac:f4:
                    83:57:88:f5:0e:63:45:fc:72:f6:d2:a5:6e:00:59:
                    a6:6e:1d:d5:20:d6:8f:49:19:53:25:a1:10:97:16:
                    1c:ec:5d:d2:c2:f7:e6:06:8d:d2:40:40:8a:b5:f0:
                    75:37:c9:c1:c9:6e:39:e5:8f:54:58:41:80:ef:45:
                    f7:64:28:2a:1c:11:63:ba:5b:f4:5a:f7:f4:c1:0f:
                    17:68:97:e6:e3:44:1d:a4:34:51:a3:bd:8c:57:a1:
                    e3:ea:52:48:6f:06:84:74:bf:77:69:cd:85:99:74:
                    59:50:06:24:bb:e7:91:00:dd:4d:f1:9a:f1:86:d6:
                    f7:7e:b4:20:d9:6f:e3:60:ab:b8:aa:dd:fd:ba:60:
                    22:d9:66:81:17:0d:c7:e0:94:de:aa:67:ac:cb:13:
                    63:0c:76:95:d9:c2:b2:b4:96:a5:26:86:76:d9:ec:
                    71:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:08:40:65:7D:10:4D:C1:7B:81:65:51:AD:75:87:A5:F1:DD:AF:5E
            X509v3 Authority Key Identifier:
                keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/2AhAZX0QTcF7gWVRrXWHpfHdr14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.128.0/21
                  77.105.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:2e:ea:62:1d:e2:83:41:ec:2d:6d:8a:aa:a0:08:8a:ce:60:
         fc:0d:cb:a9:4d:56:48:5a:c3:36:ce:51:ab:5a:83:e9:58:56:
         10:fc:95:00:eb:13:bc:7f:1a:00:2f:e5:78:6f:dd:f2:03:e8:
         db:06:a9:00:da:45:13:96:ab:8b:75:88:2b:96:2f:dd:c4:bf:
         f8:34:90:da:f9:4b:a7:e8:d8:aa:89:2d:40:c3:bf:e8:9f:19:
         b2:57:8b:9b:eb:b7:f2:66:71:86:35:e0:e4:1d:54:81:cb:71:
         0a:ea:00:f7:88:0b:27:cc:16:ab:ec:44:53:da:d9:e8:23:2c:
         8e:93:41:13:44:b6:fa:09:89:c0:58:bd:b4:48:b3:90:87:a6:
         63:b0:5b:14:93:cc:97:ed:c7:0e:bc:24:8f:dc:a5:e1:88:93:
         2a:ae:0c:6a:84:c4:b0:dc:60:03:dd:53:63:48:65:8d:c1:36:
         c3:ad:67:36:4e:74:4a:07:62:2c:df:24:20:8e:2b:7c:04:62:
         a5:ae:c0:ab:b9:97:79:e0:3a:4c:9f:49:32:ca:1d:d8:d7:96:
         e0:cc:2e:54:14:ce:55:c8:4f:14:66:3a:14:aa:ff:46:b9:1e:
         c9:af:50:01:26:57:e6:82:7b:3f:bf:ac:62:11:1a:6e:22:9f:
         5f:3a:bc:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvlJ5T3BUeVLB4r7ImetRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA4NDA2NTdkMTA0ZGMxN2I4MTY1NTFhZDc1ODdhNWYxZGRhZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7R2a/EXZzsS8S1JKrk0S8KOOSJy
A8tFHnx4NuYRWR5Vc53gCGGFSSVPIfWqIJXgo1jlE8yOEA1Z6y/JmOxpSKgIZCRk
oIPgWxHK5xtPQYD+QihhnCS0rPSDV4j1DmNF/HL20qVuAFmmbh3VINaPSRlTJaEQ
lxYc7F3SwvfmBo3SQECKtfB1N8nByW455Y9UWEGA70X3ZCgqHBFjulv0Wvf0wQ8X
aJfm40QdpDRRo72MV6Hj6lJIbwaEdL93ac2FmXRZUAYku+eRAN1N8Zrxhtb3frQg
2W/jYKu4qt39umAi2WaBFw3H4JTeqmesyxNjDHaV2cKytJalJoZ22exx5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNgIQGV9EE3Be4FlUa11h6Xx3a9eMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvMkFoQVpYMFFUY0Y3Z1dWUnJYV0hwZkhkcjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTWmAAwQA
TWmQMA0GCSqGSIb3DQEBCwUAA4IBAQAGLupiHeKDQewtbYqqoAiKzmD8DcupTVZI
WsM2zlGrWoPpWFYQ/JUA6xO8fxoAL+V4b93yA+jbBqkA2kUTlquLdYgrli/dxL/4
NJDa+Uun6NiqiS1Aw7/onxmyV4ub67fyZnGGNeDkHVSBy3EK6gD3iAsnzBar7ERT
2tnoIyyOk0ETRLb6CYnAWL20SLOQh6ZjsFsUk8yX7ccOvCSP3KXhiJMqrgxqhMSw
3GAD3VNjSGWNwTbDrWc2TnRKB2Is3yQgjit8BGKlrsCruZd54DpMn0kyyh3Y15bg
zC5UFM5VyE8UZjoUqv9GuR7Jr1ABJlfmgns/v6xiERpuIp9fOrxj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:31 2024 by rpki-client on console-ams.rpki-client.org