Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/NFdk7d8cCpD7rMnJObs_lq97Sac.roa
File:                     NFdk7d8cCpD7rMnJObs_lq97Sac.roa (raw, json)
Hash identifier:          82llv8Ytd8dyt8I+CCYd0pWcmmebf2PcuCUIxQ8M3AY=
Subject key identifier:   34:57:64:ED:DF:1C:0A:90:FB:AC:C9:C9:39:BB:3F:96:AF:7B:49:A7
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       018D90F0C81F0E9B83A004ED07003EBA822D
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/NFdk7d8cCpD7rMnJObs_lq97Sac.roa
Signing time:             Sat 10 Feb 2024 02:55:15 +0000
ROA not before:           Sat 10 Feb 2024 02:55:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        77.81.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 08 Mar 2024 12:40:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:90:f0:c8:1f:0e:9b:83:a0:04:ed:07:00:3e:ba:82:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Feb 10 02:55:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=345764eddf1c0a90fbacc9c939bb3f96af7b49a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3f:ca:92:69:aa:d9:b1:c8:88:e9:4b:2f:2e:
                    0e:23:a2:e6:96:b9:f1:74:1a:45:a8:2f:88:3c:77:
                    84:5e:dc:6b:8e:31:9b:9a:a6:a8:91:5c:33:8d:50:
                    db:84:11:2b:6b:3e:52:b7:c0:fb:76:66:ca:45:f6:
                    00:21:1a:4f:ee:1b:44:a6:de:53:87:db:29:f7:48:
                    75:27:37:f8:11:af:9a:5a:df:b8:c2:18:98:5d:8a:
                    3d:52:db:6b:13:fe:69:f5:ed:7d:8d:0a:d9:86:e1:
                    c7:3b:0b:40:01:0a:4d:98:b4:1e:73:b6:aa:4a:d8:
                    a1:f3:25:d6:c5:10:17:af:49:a9:b7:b4:86:bd:b3:
                    8b:01:52:bb:07:00:08:37:a4:15:4f:59:84:cd:21:
                    08:89:10:f6:19:d0:80:5a:62:28:c6:33:9a:e3:00:
                    ec:31:6c:d5:55:fe:f4:06:42:cc:7f:a0:3e:11:f7:
                    a6:a8:05:5a:73:49:f7:74:bc:fe:06:08:1a:64:81:
                    97:3f:73:4f:58:69:48:d5:11:b3:49:7b:22:47:cd:
                    44:27:82:10:60:70:bf:b3:14:94:9d:f4:58:24:86:
                    d3:bc:ac:8f:9b:92:65:79:ca:32:e3:d9:b1:f3:6d:
                    40:45:b8:08:d7:7d:9c:70:51:14:95:b9:50:9a:d1:
                    23:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:57:64:ED:DF:1C:0A:90:FB:AC:C9:C9:39:BB:3F:96:AF:7B:49:A7
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/NFdk7d8cCpD7rMnJObs_lq97Sac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:ff:a8:e8:c8:60:26:ff:4e:a0:a2:8a:50:42:2e:19:47:5d:
         bd:46:e6:93:03:41:c2:a0:b7:47:16:c3:9b:2a:07:87:49:7c:
         a4:6c:52:43:9c:ff:a4:7f:41:62:5c:b8:32:60:4d:56:f7:9e:
         69:fe:40:17:4e:88:a2:ae:e7:74:67:5e:b5:5d:95:34:9a:15:
         ac:6c:56:52:d6:c6:2b:97:92:bf:53:6e:e1:2d:72:e8:68:90:
         7f:d3:f5:84:08:1a:6e:18:6b:9e:27:1f:63:33:46:b0:d9:89:
         73:e9:b6:3e:77:82:87:5d:39:18:13:8c:1c:ce:db:e9:54:32:
         65:5e:ed:fd:ea:2f:3e:55:7d:8b:8c:fe:4e:89:cd:d1:78:1e:
         31:74:2c:4a:8b:68:c2:5a:94:d7:45:77:ad:b4:cc:56:52:b3:
         cd:4b:21:a5:63:62:2f:b3:0f:9b:f0:b5:57:3e:d9:af:ad:3b:
         c0:ff:ae:11:3d:7b:b2:ea:51:2a:8f:0a:0c:53:dd:d8:57:b1:
         8f:13:d8:ba:78:11:2b:60:71:53:b5:51:9f:0c:2f:95:67:c7:
         6e:4c:b1:69:43:3f:a3:63:dd:4a:cb:39:06:08:18:0e:13:be:
         be:42:11:09:88:31:e8:03:52:58:2a:68:e5:ac:e7:27:a1:d6:
         74:ce:ac:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Q8MgfDpuDoATtBwA+uoItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMjEwMDI1NTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU3NjRlZGRmMWMwYTkwZmJhY2M5YzkzOWJiM2Y5NmFmN2I0OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj/Kkmmq2bHIiOlLLy4OI6Lmlrnx
dBpFqC+IPHeEXtxrjjGbmqaokVwzjVDbhBEraz5St8D7dmbKRfYAIRpP7htEpt5T
h9sp90h1Jzf4Ea+aWt+4whiYXYo9UttrE/5p9e19jQrZhuHHOwtAAQpNmLQec7aq
Stih8yXWxRAXr0mpt7SGvbOLAVK7BwAIN6QVT1mEzSEIiRD2GdCAWmIoxjOa4wDs
MWzVVf70BkLMf6A+EfemqAVac0n3dLz+BggaZIGXP3NPWGlI1RGzSXsiR81EJ4IQ
YHC/sxSUnfRYJIbTvKyPm5Jlecoy49mx821ARbgI132ccFEUlblQmtEj0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRXZO3fHAqQ+6zJyTm7P5ave0mnMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvTkZkazdkOGNDcEQ3ck1uSk9ic19scTk3U2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFPMA0G
CSqGSIb3DQEBCwUAA4IBAQCE/6joyGAm/06goopQQi4ZR129RuaTA0HCoLdHFsOb
KgeHSXykbFJDnP+kf0FiXLgyYE1W955p/kAXToiirud0Z161XZU0mhWsbFZS1sYr
l5K/U27hLXLoaJB/0/WECBpuGGueJx9jM0aw2Ylz6bY+d4KHXTkYE4wcztvpVDJl
Xu396i8+VX2LjP5Oic3ReB4xdCxKi2jCWpTXRXettMxWUrPNSyGlY2Ivsw+b8LVX
PtmvrTvA/64RPXuy6lEqjwoMU93YV7GPE9i6eBErYHFTtVGfDC+VZ8duTLFpQz+j
Y91KyzkGCBgOE76+QhEJiDHoA1JYKmjlrOcnodZ0zqxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org