Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/KhX6e7vEDygApLBvUtjRvi1QZSc.roa
File:                     KhX6e7vEDygApLBvUtjRvi1QZSc.roa (raw, json)
Hash identifier:          alCBRMgeFfjfDyBysy8wU112pJJFmVZxrqrrJpuNdgw=
Subject key identifier:   2A:15:FA:7B:BB:C4:0F:28:00:A4:B0:6F:52:D8:D1:BE:2D:50:65:27
Certificate issuer:       /CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Certificate serial:       018CC5DC2D211C316D11EADB83CB4CC1D1C5
Authority key identifier: E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/KhX6e7vEDygApLBvUtjRvi1QZSc.roa
Signing time:             Mon 01 Jan 2024 16:29:50 +0000
ROA not before:           Mon 01 Jan 2024 16:29:50 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        77.247.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 19 Jun 2024 16:55:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:2d:21:1c:31:6d:11:ea:db:83:cb:4c:c1:d1:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
        Validity
            Not Before: Jan  1 16:29:50 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2a15fa7bbbc40f2800a4b06f52d8d1be2d506527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:aa:c2:d5:b2:09:88:f5:f2:5a:a5:3f:06:6f:
                    f5:ab:18:0d:f3:07:a2:26:fb:59:ef:b7:98:f0:52:
                    22:87:f8:19:a9:f7:f6:04:12:b6:66:41:c5:5c:d7:
                    22:24:4c:9b:e2:20:c1:51:a0:5b:74:96:e8:30:30:
                    11:b0:ca:02:90:0f:10:d5:19:c0:b0:b8:02:4b:9c:
                    e8:7d:b4:17:64:99:88:be:e3:14:21:53:fd:a6:c4:
                    1a:d3:dc:48:f6:32:5c:7e:39:d5:37:7d:7f:47:f0:
                    ea:f8:bc:d6:10:55:cb:83:6b:1b:b9:d1:0a:de:e5:
                    77:ac:4c:a3:99:8e:80:32:8f:86:88:2f:db:b7:43:
                    f6:b4:25:62:9c:be:44:db:26:f1:07:66:a8:6f:c4:
                    7d:f2:ea:01:34:74:6e:d0:88:90:3b:b1:47:9b:ff:
                    8d:a5:2a:30:a2:e7:0e:72:0d:fd:d0:7e:a2:53:ad:
                    12:97:27:a6:9a:6c:8e:bb:c2:b6:47:dd:3b:c6:6d:
                    63:9f:1c:e6:b9:43:64:18:0e:d3:de:7d:47:8c:c6:
                    f0:5c:3a:19:27:e4:d2:a2:79:0c:04:f4:03:ef:3a:
                    7d:fd:94:ea:5a:dc:6b:de:34:73:87:5c:2c:85:5b:
                    e3:a1:d8:22:dd:6f:f2:25:b8:83:ba:1c:47:c7:66:
                    a6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:15:FA:7B:BB:C4:0F:28:00:A4:B0:6F:52:D8:D1:BE:2D:50:65:27
            X509v3 Authority Key Identifier:
                keyid:E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/KhX6e7vEDygApLBvUtjRvi1QZSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.247.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:75:1b:38:94:98:ed:61:e9:f5:e6:3f:e4:82:e0:8c:e2:6c:
         f9:79:26:c3:cd:fc:7c:cf:c5:56:86:62:e4:f8:93:cd:fe:b1:
         e2:9f:0c:39:12:41:22:7b:3e:5a:36:e6:25:a2:26:7b:10:04:
         23:3e:ca:0b:1d:b5:1c:9d:f4:4f:2f:79:a4:d4:a9:3e:b9:ea:
         b7:35:0c:3e:e6:47:33:89:dc:7b:62:13:f4:df:21:8b:18:5f:
         70:10:7f:6d:97:ce:6a:d6:f2:66:8b:3c:50:ec:af:ba:07:bf:
         fd:1c:2a:32:5b:9b:58:83:72:6b:82:f6:87:f5:01:e3:30:94:
         0b:4b:4b:b8:4f:dc:2a:2b:06:7f:9a:ca:86:db:bf:0a:46:de:
         e6:89:7f:c3:5c:4f:f8:89:15:fc:c4:38:7e:0f:7d:5a:8f:37:
         63:1f:17:8c:d9:4d:15:89:1b:9a:80:d6:f0:b5:d2:bc:02:d7:
         c7:3f:91:a6:1a:ab:d7:3d:f0:b5:28:98:5f:05:c0:be:11:e8:
         89:25:a9:c0:1b:20:c6:d9:2f:9a:f4:ea:5f:54:c6:19:ac:d5:
         54:2c:f3:8d:5b:0c:15:25:2b:00:6f:f8:e8:48:e3:07:a3:3e:
         0f:f9:64:86:d5:22:91:17:84:c8:e0:5c:9e:99:a8:78:37:f9:
         66:0a:e2:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3C0hHDFtEerbg8tMwdHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZTQ2ODdhYjhiMWViNmRlMWFiZDA0YTA3NjE3Yzg2ZDEx
ODUxOGQwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE1ZmE3YmJiYzQwZjI4MDBhNGIwNmY1MmQ4ZDFiZTJkNTA2NTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiarC1bIJiPXyWqU/Bm/1qxgN8wei
JvtZ77eY8FIih/gZqff2BBK2ZkHFXNciJEyb4iDBUaBbdJboMDARsMoCkA8Q1RnA
sLgCS5zofbQXZJmIvuMUIVP9psQa09xI9jJcfjnVN31/R/Dq+LzWEFXLg2sbudEK
3uV3rEyjmY6AMo+GiC/bt0P2tCVinL5E2ybxB2aob8R98uoBNHRu0IiQO7FHm/+N
pSowoucOcg390H6iU60SlyemmmyOu8K2R907xm1jnxzmuUNkGA7T3n1HjMbwXDoZ
J+TSonkMBPQD7zp9/ZTqWtxr3jRzh1wshVvjodgi3W/yJbiDuhxHx2amEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoV+nu7xA8oAKSwb1LY0b4tUGUnMB8GA1UdIwQY
MBaAFObkaHq4sett4avQSgdhfIbRGFGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMt
MTM4YmJhYWM3ZmUyLzEvS2hYNmU3dkVEeWdBcExCdlV0alJ2aTFRWlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMtMTM4YmJhYWM3ZmUy
LzEvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTfd0MA0G
CSqGSIb3DQEBCwUAA4IBAQC6dRs4lJjtYen15j/kguCM4mz5eSbDzfx8z8VWhmLk
+JPN/rHinww5EkEiez5aNuYloiZ7EAQjPsoLHbUcnfRPL3mk1Kk+ueq3NQw+5kcz
idx7YhP03yGLGF9wEH9tl85q1vJmizxQ7K+6B7/9HCoyW5tYg3JrgvaH9QHjMJQL
S0u4T9wqKwZ/msqG278KRt7miX/DXE/4iRX8xDh+D31ajzdjHxeM2U0ViRuagNbw
tdK8AtfHP5GmGqvXPfC1KJhfBcC+EeiJJanAGyDG2S+a9OpfVMYZrNVULPONWwwV
JSsAb/joSOMHoz4P+WSG1SKRF4TI4Fyemah4N/lmCuJa
-----END CERTIFICATE-----
Generated at Wed Jun 19 23:17:50 2024 by rpki-client on console-ams.rpki-client.org