Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/IjGo7PkC42hsTVk-_kd4v7Ibn7E.roa
File:                     IjGo7PkC42hsTVk-_kd4v7Ibn7E.roa (raw, json)
Hash identifier:          pgnHnBbo8cogXG86MBvsTNKzQt46cn1KlmyGzDTG6yk=
Subject key identifier:   22:31:A8:EC:F9:02:E3:68:6C:4D:59:3E:FE:47:78:BF:B2:1B:9F:B1
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       018ABFB6B6F6EFE4D0AA6D4FD2F5F8E6A867
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/IjGo7PkC42hsTVk-_kd4v7Ibn7E.roa
Signing time:             Sat 23 Sep 2023 01:45:37 +0000
ROA not before:           Sat 23 Sep 2023 01:45:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        77.81.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Oct 2023 23:59:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:bf:b6:b6:f6:ef:e4:d0:aa:6d:4f:d2:f5:f8:e6:a8:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Sep 23 01:45:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2231a8ecf902e3686c4d593efe4778bfb21b9fb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:f1:5b:a4:9a:87:21:61:17:b4:28:2c:10:c2:
                    a6:8a:0a:6d:35:ca:02:cf:70:52:3c:f3:04:4b:b0:
                    d5:7a:7b:ad:1c:29:ea:51:bb:66:9b:d3:4e:8a:77:
                    94:36:85:fe:78:2d:d1:71:8d:6b:db:36:a3:82:bb:
                    7a:a7:cd:67:2c:bb:ca:52:73:68:42:b2:05:cb:e9:
                    3c:4a:5f:91:c5:0f:62:e3:93:45:5d:75:9d:ea:ce:
                    46:a7:a5:5c:c9:b8:39:ba:61:0c:c7:e7:2e:83:35:
                    ec:97:00:b2:9d:3d:53:e7:a6:ed:c1:e4:68:31:e3:
                    43:46:be:a3:87:79:1a:62:20:b2:08:63:ee:41:ec:
                    64:41:76:be:73:93:bf:00:d5:10:6c:f9:d8:bc:d4:
                    54:6e:91:13:30:82:23:84:2d:2c:76:7f:4f:d2:76:
                    88:d9:35:b5:ca:84:c4:7c:b3:4d:58:6e:93:c9:c7:
                    41:ae:c2:a2:2e:68:db:17:31:f5:fd:fa:24:83:00:
                    27:a2:ce:ac:e5:e9:b8:2b:7e:59:10:54:16:71:8a:
                    2d:63:dc:9c:1c:c4:bd:ef:44:4e:b0:ea:76:da:98:
                    5d:03:74:ed:32:05:4c:38:6b:3b:ff:c8:0c:ee:fb:
                    ea:49:f8:56:4e:63:86:57:5e:86:de:4d:ae:d6:78:
                    fb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:31:A8:EC:F9:02:E3:68:6C:4D:59:3E:FE:47:78:BF:B2:1B:9F:B1
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/IjGo7PkC42hsTVk-_kd4v7Ibn7E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:02:b1:db:69:33:01:6c:60:fa:ef:3b:ff:33:8f:bc:42:4d:
         9b:92:65:a5:00:88:80:6d:d7:d5:f6:94:64:2a:86:12:40:4a:
         d7:cf:9d:3e:56:b3:e0:f2:ba:4a:69:97:9a:d8:8f:79:bc:4f:
         02:91:97:bb:0f:91:dc:10:9d:86:cd:94:18:27:6c:9b:e5:ff:
         59:bf:fd:a9:6e:1f:c6:6b:dd:84:d3:79:9a:44:62:01:b9:6a:
         77:c9:29:47:21:1d:46:fc:25:0b:1b:00:14:7d:45:83:06:9d:
         10:e8:f5:3c:50:57:79:78:9c:e5:f8:e8:8b:08:85:00:fa:43:
         66:d0:4a:4d:16:72:8f:ad:90:8e:92:6c:85:85:24:a9:7c:c1:
         6f:36:f3:ed:fd:47:4e:fc:21:2b:75:8f:28:42:98:24:99:98:
         c7:4f:fb:9e:27:76:cd:47:9c:4a:12:2d:fd:54:f0:30:cc:74:
         7e:d7:84:cc:f4:a6:73:cb:ad:e5:65:1f:7a:44:38:ed:65:cc:
         db:67:d1:98:fe:14:91:d1:49:fb:30:5e:34:20:d1:d2:d9:87:
         7e:be:23:95:26:bc:87:9c:16:88:29:e6:37:4c:d2:3c:db:28:
         9e:e3:fc:e2:f0:ba:f8:42:39:a3:19:3d:17:60:d8:6a:32:e6:
         73:15:e4:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq/trb27+TQqm1P0vX45qhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwOTIzMDE0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjMxYThlY2Y5MDJlMzY4NmM0ZDU5M2VmZTQ3NzhiZmIyMWI5ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvFbpJqHIWEXtCgsEMKmigptNcoC
z3BSPPMES7DVenutHCnqUbtmm9NOineUNoX+eC3RcY1r2zajgrt6p81nLLvKUnNo
QrIFy+k8Sl+RxQ9i45NFXXWd6s5Gp6Vcybg5umEMx+cugzXslwCynT1T56btweRo
MeNDRr6jh3kaYiCyCGPuQexkQXa+c5O/ANUQbPnYvNRUbpETMIIjhC0sdn9P0naI
2TW1yoTEfLNNWG6TycdBrsKiLmjbFzH1/fokgwAnos6s5em4K35ZEFQWcYotY9yc
HMS970ROsOp22phdA3TtMgVMOGs7/8gM7vvqSfhWTmOGV16G3k2u1nj7TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIxqOz5AuNobE1ZPv5HeL+yG5+xMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvSWpHbzdQa0M0MmhzVFZrLV9rZDR2N0libjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFPMA0G
CSqGSIb3DQEBCwUAA4IBAQAGArHbaTMBbGD67zv/M4+8Qk2bkmWlAIiAbdfV9pRk
KoYSQErXz50+VrPg8rpKaZea2I95vE8CkZe7D5HcEJ2GzZQYJ2yb5f9Zv/2pbh/G
a92E03maRGIBuWp3ySlHIR1G/CULGwAUfUWDBp0Q6PU8UFd5eJzl+OiLCIUA+kNm
0EpNFnKPrZCOkmyFhSSpfMFvNvPt/UdO/CErdY8oQpgkmZjHT/ueJ3bNR5xKEi39
VPAwzHR+14TM9KZzy63lZR96RDjtZczbZ9GY/hSR0Un7MF40INHS2Yd+viOVJryH
nBaIKeY3TNI82yie4/zi8Lr4QjmjGT0XYNhqMuZzFeQQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org