Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/BSHzW7ozuats0MuBdNrEgzJwQv4.roa
File:                     BSHzW7ozuats0MuBdNrEgzJwQv4.roa (raw, json)
Hash identifier:          7q7d4Irn7XVYOirjQhji8Wyi29h0Cp7LTgSReJ74q/I=
Subject key identifier:   05:21:F3:5B:BA:33:B9:AB:6C:D0:CB:81:74:DA:C4:83:32:70:42:FE
Certificate issuer:       /CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Certificate serial:       01856CB84B0BDD972C79F345152164DB03DB
Authority key identifier: E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/BSHzW7ozuats0MuBdNrEgzJwQv4.roa
Signing time:             Sun 01 Jan 2023 09:44:55 +0000
ROA not before:           Sun 01 Jan 2023 09:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        77.247.116.0/22 maxlen: 24
                          176.125.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Feb 2023 23:16:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:4b:0b:dd:97:2c:79:f3:45:15:21:64:db:03:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
        Validity
            Not Before: Jan  1 09:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0521f35bba33b9ab6cd0cb8174dac483327042fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:72:92:51:6a:38:a6:61:88:b1:17:00:8d:50:
                    e7:62:5f:9e:b6:c7:09:0f:39:9a:79:c2:ee:30:31:
                    d7:2d:57:e8:8e:7d:cd:8d:6f:0c:5b:bd:81:64:1c:
                    51:06:1d:18:b6:7b:e3:f0:a9:26:20:95:49:bd:42:
                    ff:89:78:59:00:ed:f7:bd:1a:d4:7b:11:a5:18:4f:
                    46:9e:95:a8:d2:7a:b8:e3:18:45:c1:6c:85:d2:3e:
                    ac:af:0d:5b:5c:26:9c:75:ec:c0:ae:3a:52:d7:8d:
                    86:db:99:e7:39:fa:a3:8a:f3:0f:8a:05:79:c0:dd:
                    cf:c6:8d:89:30:89:47:d8:fb:63:4e:36:fa:8c:66:
                    52:7f:b1:b7:aa:bb:9a:49:4a:d3:bd:3f:76:19:6a:
                    b4:83:bd:c4:80:81:2c:39:ce:76:74:39:43:22:4a:
                    0f:31:43:9b:3a:a9:53:94:1f:69:b0:43:8f:59:d1:
                    35:2b:71:96:ab:9b:3b:41:f3:36:fb:70:c1:16:6d:
                    c9:3c:9a:18:c0:39:e5:e4:66:b3:56:14:73:a3:50:
                    eb:f2:e4:19:a5:eb:be:b8:af:fd:c0:e3:1e:fa:19:
                    24:27:20:3d:13:3b:43:2f:9e:2c:81:ec:14:59:68:
                    2b:0b:dc:f6:98:a1:5d:67:a8:33:7c:d1:38:b0:7b:
                    0c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:21:F3:5B:BA:33:B9:AB:6C:D0:CB:81:74:DA:C4:83:32:70:42:FE
            X509v3 Authority Key Identifier:
                keyid:E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/BSHzW7ozuats0MuBdNrEgzJwQv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.247.116.0/22
                  176.125.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:0b:e7:b5:f1:99:5a:30:82:c2:5f:66:ab:80:4b:64:1e:87:
         2d:da:95:b5:5f:20:d4:b6:9d:2a:d9:8b:b9:5e:52:16:78:41:
         c0:68:c8:d1:0b:b4:dd:1d:95:d0:94:8e:68:29:a9:e8:4f:bf:
         74:96:17:09:4a:0f:cb:79:9d:7e:54:d3:5a:b3:f6:51:25:65:
         3c:56:38:63:36:4c:5c:71:ce:89:78:14:73:8b:80:df:b6:34:
         c7:ef:e7:1d:ce:51:57:4c:09:a0:cc:ff:c1:48:14:3c:46:13:
         0f:a8:ad:78:bf:6f:11:5c:d7:57:62:f3:c5:f3:20:b3:e7:04:
         84:b1:2c:30:b9:50:ab:17:60:90:8a:75:17:a5:12:49:ff:d1:
         37:39:20:f9:90:0b:ad:3b:95:24:a2:41:29:c9:02:cc:60:62:
         32:85:67:08:52:65:6c:40:80:a3:c0:39:75:a4:86:45:2b:32:
         76:a8:4f:ea:5c:78:8d:aa:5e:99:eb:9a:c5:0b:a2:1d:56:33:
         96:4e:da:f9:2b:aa:62:e2:93:7a:89:6c:9c:bb:ee:42:ca:39:
         da:82:f6:51:e9:92:87:e4:54:a6:34:23:e3:75:77:56:1a:a7:
         3f:dd:ac:c1:03:d3:8e:6b:a9:e6:9c:ef:22:69:bc:b5:0b:aa:
         96:12:85:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsuEsL3ZcsefNFFSFk2wPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZTQ2ODdhYjhiMWViNmRlMWFiZDA0YTA3NjE3Yzg2ZDEx
ODUxOGQwHhcNMjMwMTAxMDk0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTIxZjM1YmJhMzNiOWFiNmNkMGNiODE3NGRhYzQ4MzMyNzA0MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHKSUWo4pmGIsRcAjVDnYl+etscJ
DzmaecLuMDHXLVfojn3NjW8MW72BZBxRBh0Ytnvj8KkmIJVJvUL/iXhZAO33vRrU
exGlGE9GnpWo0nq44xhFwWyF0j6srw1bXCacdezArjpS142G25nnOfqjivMPigV5
wN3Pxo2JMIlH2PtjTjb6jGZSf7G3qruaSUrTvT92GWq0g73EgIEsOc52dDlDIkoP
MUObOqlTlB9psEOPWdE1K3GWq5s7QfM2+3DBFm3JPJoYwDnl5GazVhRzo1Dr8uQZ
peu+uK/9wOMe+hkkJyA9EztDL54sgewUWWgrC9z2mKFdZ6gzfNE4sHsMNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAUh81u6M7mrbNDLgXTaxIMycEL+MB8GA1UdIwQY
MBaAFObkaHq4sett4avQSgdhfIbRGFGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMt
MTM4YmJhYWM3ZmUyLzEvQlNIelc3b3p1YXRzME11QmROckVnekp3UXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMtMTM4YmJhYWM3ZmUy
LzEvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTfd0AwQC
sH3sMA0GCSqGSIb3DQEBCwUAA4IBAQC6C+e18ZlaMILCX2argEtkHoct2pW1XyDU
tp0q2Yu5XlIWeEHAaMjRC7TdHZXQlI5oKanoT790lhcJSg/LeZ1+VNNas/ZRJWU8
VjhjNkxccc6JeBRzi4DftjTH7+cdzlFXTAmgzP/BSBQ8RhMPqK14v28RXNdXYvPF
8yCz5wSEsSwwuVCrF2CQinUXpRJJ/9E3OSD5kAutO5UkokEpyQLMYGIyhWcIUmVs
QICjwDl1pIZFKzJ2qE/qXHiNql6Z65rFC6IdVjOWTtr5K6pi4pN6iWycu+5Cyjna
gvZR6ZKH5FSmNCPjdXdWGqc/3azBA9OOa6nmnO8iaby1C6qWEoWV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:06 2024 by rpki-client on console-fra.rpki-client.org