Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/FvEP8uETnFdeVqO851fgtYksjfc.roa
File:                     FvEP8uETnFdeVqO851fgtYksjfc.roa (raw, json)
Hash identifier:          F7BniTa7jSyK22OW4cGr0Xcn1tsZFNULjT3GIKy/v3A=
Subject key identifier:   16:F1:0F:F2:E1:13:9C:57:5E:56:A3:BC:E7:57:E0:B5:89:2C:8D:F7
Certificate issuer:       /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial:       018E6A5F77A9E8E8EC71D099B9426596DD06
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/FvEP8uETnFdeVqO851fgtYksjfc.roa
Signing time:             Sat 23 Mar 2024 08:13:44 +0000
ROA not before:           Sat 23 Mar 2024 08:13:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212341
IP address blocks:        77.87.185.0/24 maxlen: 24
                          185.66.176.0/22 maxlen: 22
                          185.66.178.0/24 maxlen: 24
                          2a05:900::/32 maxlen: 32
                          2a05:901::/32 maxlen: 32
                          2a05:902::/32 maxlen: 32
                          2a05:903::/32 maxlen: 32
                          2a05:904::/32 maxlen: 32
                          2a05:905::/32 maxlen: 32
                          2a05:907::/32 maxlen: 32
                          2a05:907:2001::/48 maxlen: 48
                          2a05:907:2002::/48 maxlen: 48
                          2a05:907:2003::/48 maxlen: 48
                          2a05:907:2004::/48 maxlen: 48
Validation:               Failed, certificate revoked on Mon 25 Mar 2024 07:52:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:6a:5f:77:a9:e8:e8:ec:71:d0:99:b9:42:65:96:dd:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
        Validity
            Not Before: Mar 23 08:13:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16f10ff2e1139c575e56a3bce757e0b5892c8df7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bf:6d:67:0a:90:bc:ff:72:88:a7:95:fc:fb:
                    34:f1:3c:25:1e:36:ec:23:9e:b8:d3:14:86:4a:8c:
                    8d:f5:0f:98:0e:e6:aa:15:17:7b:2e:5f:2a:f6:61:
                    33:d9:19:b0:e8:a1:0a:3a:f9:67:62:7c:d0:2d:67:
                    79:ce:a2:15:a3:47:6e:8b:f7:3b:02:e4:66:0e:c9:
                    e1:8b:94:99:05:c9:1e:06:27:ee:1e:6e:5c:bd:4d:
                    af:ad:69:56:ef:b7:03:e1:48:ea:93:c7:b2:c4:96:
                    94:08:c4:d7:a1:bf:f3:a1:5b:ce:18:9c:67:18:1e:
                    03:84:8b:e4:53:4b:1d:d2:76:ee:75:52:cf:88:9f:
                    c5:b1:f7:fd:92:78:8d:f2:cd:30:77:60:d2:f8:08:
                    3c:b5:86:c1:84:fc:79:21:ec:72:34:3b:73:c8:9b:
                    76:cf:46:df:9a:f1:df:31:6b:ec:7f:03:ee:af:55:
                    a7:c0:ae:76:32:85:22:3c:18:4c:25:8b:d0:39:6b:
                    f7:b2:a6:8e:7b:6e:8a:6b:8b:07:6c:f8:4e:47:d7:
                    57:3c:ff:fe:4d:36:37:34:2b:0a:e0:0f:3d:1a:1b:
                    10:05:91:75:97:17:59:64:44:3f:23:73:f1:3b:ab:
                    7c:00:ee:bc:71:44:62:a7:57:ae:bc:c4:15:5d:38:
                    75:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:F1:0F:F2:E1:13:9C:57:5E:56:A3:BC:E7:57:E0:B5:89:2C:8D:F7
            X509v3 Authority Key Identifier:
                keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/FvEP8uETnFdeVqO851fgtYksjfc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.87.185.0/24
                  185.66.176.0/22
                IPv6:
                  2a05:900::-2a05:905:ffff:ffff:ffff:ffff:ffff:ffff
                  2a05:907::/32

    Signature Algorithm: sha256WithRSAEncryption
         4d:0c:8c:a4:0b:19:a3:db:78:fa:73:fc:dd:59:e5:02:96:07:
         c9:37:db:d5:e7:ca:ab:c2:9a:e7:38:07:57:da:9a:d1:0e:d0:
         ff:d5:9a:e0:92:04:91:d8:8c:42:fa:de:10:e2:af:bf:ff:66:
         53:46:b0:d3:e3:c8:4b:7f:04:36:92:2d:86:12:c6:f8:95:74:
         36:44:be:e3:fe:f7:01:4b:3a:9a:b5:3b:3f:4d:b6:4c:75:e8:
         13:d7:39:39:6d:98:e7:c8:db:3f:bc:10:77:b3:50:7a:8f:22:
         79:50:78:22:16:65:a1:30:6c:da:4b:bc:ed:ec:69:07:f9:68:
         91:ab:c0:b9:5e:92:a5:a4:17:df:91:a7:a8:39:e6:06:bc:a3:
         10:6e:41:79:be:c0:8b:ef:81:69:08:10:40:12:70:f6:46:45:
         24:80:0e:5c:5b:9b:c4:7d:e9:6f:24:16:63:34:e5:65:ee:f4:
         ce:30:85:95:79:e7:c5:74:59:2e:f3:6d:c4:40:89:27:d2:dc:
         65:f3:d4:30:51:89:ec:75:51:f4:4d:7c:f4:0c:6f:69:97:74:
         de:d6:c2:11:4b:33:57:d7:54:b2:8b:e8:18:ce:51:ec:a3:c1:
         2a:43:b4:a2:b1:a5:f5:5d:59:4b:f8:62:b0:ab:26:f9:d2:9b:
         c3:1b:60:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5qX3ep6OjscdCZuUJllt0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMzIzMDgxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmYxMGZmMmUxMTM5YzU3NWU1NmEzYmNlNzU3ZTBiNTg5MmM4ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr9tZwqQvP9yiKeV/Ps08TwlHjbs
I5640xSGSoyN9Q+YDuaqFRd7Ll8q9mEz2Rmw6KEKOvlnYnzQLWd5zqIVo0dui/c7
AuRmDsnhi5SZBckeBifuHm5cvU2vrWlW77cD4Ujqk8eyxJaUCMTXob/zoVvOGJxn
GB4DhIvkU0sd0nbudVLPiJ/Fsff9kniN8s0wd2DS+Ag8tYbBhPx5IexyNDtzyJt2
z0bfmvHfMWvsfwPur1WnwK52MoUiPBhMJYvQOWv3sqaOe26Ka4sHbPhOR9dXPP/+
TTY3NCsK4A89GhsQBZF1lxdZZEQ/I3PxO6t8AO68cURip1euvMQVXTh1ZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBbxD/LhE5xXXlajvOdX4LWJLI33MB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvRnZFUDh1RVRuRmRlVnFPODUxZmd0WWtzamZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjASBAIAATAMAwQATVe5AwQC
uUKwMBwEAgACMBYwDQMEACoFCQMFASoFCQQDBQAqBQkHMA0GCSqGSIb3DQEBCwUA
A4IBAQBNDIykCxmj23j6c/zdWeUClgfJN9vV58qrwprnOAdX2prRDtD/1ZrgkgSR
2IxC+t4Q4q+//2ZTRrDT48hLfwQ2ki2GEsb4lXQ2RL7j/vcBSzqatTs/TbZMdegT
1zk5bZjnyNs/vBB3s1B6jyJ5UHgiFmWhMGzaS7zt7GkH+WiRq8C5XpKlpBffkaeo
OeYGvKMQbkF5vsCL74FpCBBAEnD2RkUkgA5cW5vEfelvJBZjNOVl7vTOMIWVeefF
dFku823EQIkn0txl89QwUYnsdVH0TXz0DG9pl3Te1sIRSzNX11Syi+gYzlHso8Eq
Q7SisaX1XVlL+GKwqyb50pvDG2C9
-----END CERTIFICATE-----