Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/2oqrt4oMnn3jy78J4gDU02oceEM.roa
File:                     2oqrt4oMnn3jy78J4gDU02oceEM.roa (raw, json)
Hash identifier:          QXMyEDVMDsqmYSA/dPYos7j1Z1gfE1Y45sX8EjX+Txw=
Subject key identifier:   DA:8A:AB:B7:8A:0C:9E:7D:E3:CB:BF:09:E2:00:D4:D3:6A:1C:78:43
Certificate issuer:       /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial:       019375422BE8F3C556A114C77302D6FA8D6F
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/2oqrt4oMnn3jy78J4gDU02oceEM.roa
Signing time:             Fri 29 Nov 2024 00:11:31 +0000
ROA not before:           Fri 29 Nov 2024 00:11:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199173
IP address blocks:        77.78.157.0/24 maxlen: 24
                          77.78.158.0/24 maxlen: 24
                          85.187.184.0/23 maxlen: 23
                          85.187.184.0/24 maxlen: 24
                          85.187.185.0/24 maxlen: 24
                          85.187.186.0/24 maxlen: 24
                          85.187.218.0/23 maxlen: 23
                          85.187.218.0/24 maxlen: 24
                          85.187.219.0/24 maxlen: 24
                          85.187.224.0/21 maxlen: 21
                          85.187.224.0/24 maxlen: 24
                          85.187.225.0/24 maxlen: 24
                          85.187.226.0/24 maxlen: 24
                          85.187.227.0/24 maxlen: 24
                          85.187.228.0/24 maxlen: 24
                          85.187.229.0/24 maxlen: 24
                          85.187.230.0/24 maxlen: 24
                          85.187.231.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 05:48:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:75:42:2b:e8:f3:c5:56:a1:14:c7:73:02:d6:fa:8d:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
        Validity
            Not Before: Nov 29 00:11:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=da8aabb78a0c9e7de3cbbf09e200d4d36a1c7843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:31:ce:76:d7:4a:17:5b:c8:9e:75:dd:9a:08:
                    a3:af:d8:61:8f:d7:cf:6c:5b:a4:92:c6:59:3f:04:
                    de:7c:74:ff:52:ad:ed:a2:9f:3d:86:8d:6d:49:13:
                    97:d5:39:53:d7:c4:00:60:00:7c:58:7b:be:17:6d:
                    be:04:6e:c7:78:f3:7c:a0:44:17:2a:03:b5:b8:15:
                    be:5c:b1:ac:9f:c9:eb:1e:6b:55:ca:8a:05:f1:92:
                    74:b0:95:f3:ff:0b:ef:6b:68:1c:79:16:5c:36:09:
                    9a:87:5f:ef:16:35:21:85:8c:65:45:8a:60:65:2b:
                    1a:d8:66:b7:fd:df:de:29:2d:23:d0:bc:18:97:f5:
                    76:89:b6:c5:c3:60:64:28:c9:cc:aa:96:94:aa:f4:
                    a3:05:b8:58:65:f7:79:32:58:b4:d2:7c:79:5f:9b:
                    4c:32:07:35:23:f9:b1:8a:f1:fc:04:e7:7e:fb:d1:
                    ed:da:d1:8e:c2:09:ee:c0:01:4d:c7:fd:ed:5c:9f:
                    36:c4:96:65:26:45:b3:89:43:75:e7:0d:e7:c6:71:
                    30:06:71:e9:07:6e:72:b6:98:3d:ae:de:41:b6:18:
                    3f:a3:76:ce:fe:f4:0b:4e:d2:cb:36:ca:ad:35:75:
                    39:87:32:a2:67:28:bb:e0:92:92:8c:d0:af:32:a6:
                    96:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:8A:AB:B7:8A:0C:9E:7D:E3:CB:BF:09:E2:00:D4:D3:6A:1C:78:43
            X509v3 Authority Key Identifier:
                keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/2oqrt4oMnn3jy78J4gDU02oceEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.78.157.0-77.78.158.255
                  85.187.184.0-85.187.186.255
                  85.187.218.0/23
                  85.187.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d6:1b:12:0f:7a:d2:91:5d:7b:89:d0:35:1f:e1:86:f4:8f:22:
         5c:50:56:29:4b:82:24:3a:3e:52:41:9d:dc:06:ed:e6:25:9c:
         84:f8:44:54:98:b0:dc:a0:7d:33:cf:ee:0b:ef:81:a0:64:04:
         61:56:21:85:f6:df:a8:e1:c4:01:43:30:a2:e8:0a:36:6c:31:
         65:dd:23:ac:e2:f8:55:9f:c1:30:36:83:a1:22:9b:30:c5:4f:
         75:4b:ae:61:91:5d:a0:31:d9:63:e9:19:1e:ce:02:9e:62:91:
         00:a2:ba:a1:1f:05:05:35:dd:e4:45:a1:05:52:1d:de:ce:3a:
         40:5a:0f:45:42:f5:4b:38:fe:e3:87:aa:e5:85:62:23:c0:db:
         e7:c8:46:d2:30:39:81:7a:63:d0:94:1b:ad:86:5a:30:d3:86:
         8c:63:08:e1:8e:69:77:51:d6:41:33:e2:11:c4:ec:2f:ed:d4:
         00:f0:6e:6d:52:18:00:7f:2d:0c:3c:5e:e9:75:e9:97:06:d2:
         5c:97:5a:72:29:64:46:fa:9b:b0:d4:c5:76:0a:e2:52:da:fa:
         44:00:79:c0:05:c7:cb:47:d2:f7:8c:a2:a0:21:7b:e5:22:18:
         b4:27:0e:dc:1e:74:6d:07:ae:46:cc:be:0c:e3:3e:a8:c1:4f:
         f9:ae:c8:aa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZN1Qivo88VWoRTHcwLW+o1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQxMTI5MDAxMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThhYWJiNzhhMGM5ZTdkZTNjYmJmMDllMjAwZDRkMzZhMWM3ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9DHOdtdKF1vInnXdmgijr9hhj9fP
bFukksZZPwTefHT/Uq3top89ho1tSROX1TlT18QAYAB8WHu+F22+BG7HePN8oEQX
KgO1uBW+XLGsn8nrHmtVyooF8ZJ0sJXz/wvva2gceRZcNgmah1/vFjUhhYxlRYpg
ZSsa2Ga3/d/eKS0j0LwYl/V2ibbFw2BkKMnMqpaUqvSjBbhYZfd5Mli00nx5X5tM
Mgc1I/mxivH8BOd++9Ht2tGOwgnuwAFNx/3tXJ82xJZlJkWziUN15w3nxnEwBnHp
B25ytpg9rt5Bthg/o3bO/vQLTtLLNsqtNXU5hzKiZyi74JKSjNCvMqaWFwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNqKq7eKDJ5948u/CeIA1NNqHHhDMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvMm9xcnQ0b01ubjNqeTc4SjRnRFUwMm9jZUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABNTp0D
BABNTp4wDAMEA1W7uAMEAFW7ugMEAVW72gMEA1W74DANBgkqhkiG9w0BAQsFAAOC
AQEA1hsSD3rSkV17idA1H+GG9I8iXFBWKUuCJDo+UkGd3Abt5iWchPhEVJiw3KB9
M8/uC++BoGQEYVYhhfbfqOHEAUMwougKNmwxZd0jrOL4VZ/BMDaDoSKbMMVPdUuu
YZFdoDHZY+kZHs4CnmKRAKK6oR8FBTXd5EWhBVId3s46QFoPRUL1Szj+44eq5YVi
I8Db58hG0jA5gXpj0JQbrYZaMNOGjGMI4Y5pd1HWQTPiEcTsL+3UAPBubVIYAH8t
DDxe6XXplwbSXJdacilkRvqbsNTFdgriUtr6RAB5wAXHy0fS94yioCF75SIYtCcO
3B50bQeuRsy+DOM+qMFP+a7Iqg==
-----END CERTIFICATE-----