Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/J3oudyVcClCzX70WmVGqnmoiud8.roa
File:                     J3oudyVcClCzX70WmVGqnmoiud8.roa (raw, json)
Hash identifier:          o7L8J1f0n0K5SOEqHnW1FgxczC9KQ8csjJ5rIzc2IB8=
Subject key identifier:   27:7A:2E:77:25:5C:0A:50:B3:5F:BD:16:99:51:AA:9E:6A:22:B9:DF
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185A7007C50407EEEB55E8BD0B904644368
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/J3oudyVcClCzX70WmVGqnmoiud8.roa
Signing time:             Thu 12 Jan 2023 17:21:44 +0000
ROA not before:           Thu 12 Jan 2023 17:21:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        91.186.200.0/22 maxlen: 24
                          91.186.214.0/23 maxlen: 24
                          94.241.168.0/21 maxlen: 24
                          94.241.176.0/21 maxlen: 24
                          83.147.216.0/23 maxlen: 24
                          178.253.31.0/24 maxlen: 24
                          83.147.217.0/24 maxlen: 24
                          83.147.222.0/23 maxlen: 24
                          83.147.232.0/22 maxlen: 24
                          178.253.52.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 19 Jan 2023 21:07:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a7:00:7c:50:40:7e:ee:b5:5e:8b:d0:b9:04:64:43:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan 12 17:21:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=277a2e77255c0a50b35fbd169951aa9e6a22b9df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4f:d2:fd:0c:88:2b:ab:20:1f:8d:9e:7f:5e:
                    96:3b:3f:95:16:e4:6a:c3:1c:c3:32:f8:b9:ca:65:
                    18:5b:ba:08:6c:a3:8e:c2:cc:a1:51:d1:58:b6:c2:
                    e4:d9:57:47:6f:fc:7f:13:b5:89:2d:f5:f8:e8:d6:
                    54:a5:2d:09:f7:8f:a2:4e:ab:85:af:c7:9d:ee:ea:
                    75:d5:8e:f1:57:e3:ce:c1:e9:f6:2c:d7:46:59:e9:
                    e8:5e:78:cc:54:4e:32:60:15:03:09:1e:49:ec:16:
                    ed:4d:cd:f2:23:8a:a6:b8:a7:f6:89:dc:09:fc:23:
                    5c:6c:5d:fc:cc:52:90:43:f4:17:56:02:a4:d8:3e:
                    03:15:b2:66:f3:58:f0:15:1f:bd:b8:c6:05:30:02:
                    80:51:c9:37:4f:73:fb:ad:70:8d:4f:c7:40:78:6d:
                    34:07:33:07:64:69:b8:f9:0f:1f:45:b6:5b:de:5a:
                    44:b1:4e:e0:64:19:24:7f:29:c1:8d:a7:50:02:0b:
                    68:6a:81:2a:4a:98:2a:51:2b:ee:23:30:2c:6f:87:
                    c1:f5:f3:99:03:e1:98:fb:95:56:75:62:0e:b0:86:
                    e8:11:99:e7:95:08:10:0c:04:8c:a3:2b:4e:0c:d5:
                    2a:0b:a7:79:2d:ff:00:b4:b3:52:66:f0:b8:25:d1:
                    f2:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:7A:2E:77:25:5C:0A:50:B3:5F:BD:16:99:51:AA:9E:6A:22:B9:DF
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/J3oudyVcClCzX70WmVGqnmoiud8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.216.0/23
                  83.147.222.0/23
                  83.147.232.0/22
                  91.186.200.0/22
                  91.186.214.0/23
                  94.241.168.0-94.241.183.255
                  178.253.31.0/24
                  178.253.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:8a:c6:74:a8:f3:40:3f:cb:15:50:0b:c0:d0:59:d1:4f:e6:
         99:e0:f1:87:96:d2:70:ab:7d:9b:1e:ec:e7:18:c7:aa:d6:e7:
         39:03:2f:4d:88:76:03:8e:64:9a:fb:d6:11:88:f9:75:02:65:
         a4:36:fe:83:f1:0a:82:8c:91:99:6d:d6:8e:0a:cb:55:3d:50:
         40:75:5d:9b:9a:8f:60:15:bd:b4:41:0d:49:22:35:36:c0:9b:
         c3:d1:a8:b0:a9:cb:75:d1:be:cf:ae:c0:2a:68:10:4a:6f:19:
         7a:c9:65:9b:cc:c7:38:c4:cb:0e:a7:05:f5:db:ff:ea:cc:ac:
         94:ab:e4:ee:34:c6:1f:df:d5:f2:59:fe:16:81:89:41:85:25:
         2a:34:b3:7d:3c:8e:e4:3f:09:c6:3c:c9:aa:ba:18:94:ef:41:
         b9:20:31:43:3c:88:32:82:7f:08:05:3e:b4:2d:0b:de:ff:23:
         fc:cf:cc:16:2e:d2:e0:cb:b2:41:ed:e7:e3:ee:07:72:c0:90:
         e5:a9:ce:1e:e0:14:b1:c2:e8:a1:4b:20:fe:ee:1a:8c:52:8a:
         bb:48:b2:72:da:ee:5c:fe:b1:aa:51:b8:36:e3:32:69:44:7b:
         14:9a:b6:8f:c9:3c:21:0d:fe:1a:3b:1a:89:86:d9:87:28:24:
         05:cd:39:10
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWnAHxQQH7utV6L0LkEZENoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTEyMTcyMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzdhMmU3NzI1NWMwYTUwYjM1ZmJkMTY5OTUxYWE5ZTZhMjJiOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk/S/QyIK6sgH42ef16WOz+VFuRq
wxzDMvi5ymUYW7oIbKOOwsyhUdFYtsLk2VdHb/x/E7WJLfX46NZUpS0J94+iTquF
r8ed7up11Y7xV+POwen2LNdGWenoXnjMVE4yYBUDCR5J7BbtTc3yI4qmuKf2idwJ
/CNcbF38zFKQQ/QXVgKk2D4DFbJm81jwFR+9uMYFMAKAUck3T3P7rXCNT8dAeG00
BzMHZGm4+Q8fRbZb3lpEsU7gZBkkfynBjadQAgtoaoEqSpgqUSvuIzAsb4fB9fOZ
A+GY+5VWdWIOsIboEZnnlQgQDASMoytODNUqC6d5Lf8AtLNSZvC4JdHySQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCd6LnclXApQs1+9FplRqp5qIrnfMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvSjNvdWR5VmNDbEN6WDcwV21WR3FubW9pdWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWMAwDBANe8agDBANe8bADBACy/R8DBAGy/TQw
DQYJKoZIhvcNAQELBQADggEBAIuKxnSo80A/yxVQC8DQWdFP5png8YeW0nCrfZse
7OcYx6rW5zkDL02IdgOOZJr71hGI+XUCZaQ2/oPxCoKMkZlt1o4Ky1U9UEB1XZua
j2AVvbRBDUkiNTbAm8PRqLCpy3XRvs+uwCpoEEpvGXrJZZvMxzjEyw6nBfXb/+rM
rJSr5O40xh/f1fJZ/haBiUGFJSo0s308juQ/CcY8yaq6GJTvQbkgMUM8iDKCfwgF
PrQtC97/I/zPzBYu0uDLskHt5+PuB3LAkOWpzh7gFLHC6KFLIP7uGoxSirtIsnLa
7lz+sapRuDbjMmlEexSato/JPCEN/ho7GomG2YcoJAXNORA=
-----END CERTIFICATE-----