Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/x4CdPq06RgR2JbbCcB2ZEfvxOyg.roa
File:                     x4CdPq06RgR2JbbCcB2ZEfvxOyg.roa (raw, json)
Hash identifier:          k5y6KLqrM6i408dWSbgieQOZiSO0iCVjKtoVO65LlpU=
Subject key identifier:   C7:80:9D:3E:AD:3A:46:04:76:25:B6:C2:70:1D:99:11:FB:F1:3B:28
Certificate issuer:       /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial:       0187BCEFC02C8A00DE7DFB1462558B8C6D78
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/x4CdPq06RgR2JbbCcB2ZEfvxOyg.roa
Signing time:             Wed 26 Apr 2023 09:40:41 +0000
ROA not before:           Wed 26 Apr 2023 09:40:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39040
IP address blocks:        77.95.120.64/26 maxlen: 26
                          77.95.120.0/26 maxlen: 26
                          77.95.120.192/26 maxlen: 26
                          77.95.120.128/27 maxlen: 27
                          77.95.120.160/27 maxlen: 27
                          77.95.120.0/24 maxlen: 24
                          194.187.90.0/23 maxlen: 23
                          194.187.89.0/24 maxlen: 24
                          212.103.64.0/24 maxlen: 24
                          2a02:388::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 11:21:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bc:ef:c0:2c:8a:00:de:7d:fb:14:62:55:8b:8c:6d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
        Validity
            Not Before: Apr 26 09:40:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7809d3ead3a46047625b6c2701d9911fbf13b28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:30:67:bb:40:31:9e:36:86:80:c8:72:32:c5:
                    39:d7:d9:7f:04:b4:4a:e7:f2:86:71:17:d0:3b:e9:
                    ea:1a:59:37:4e:7c:89:85:94:27:04:51:cc:d8:8a:
                    c9:48:65:df:aa:d8:c1:e5:98:1c:91:22:92:2f:4d:
                    cf:5b:88:d4:28:73:c8:b5:b1:a7:a8:39:20:6e:85:
                    f2:74:a3:af:e1:ba:fd:09:dd:c9:dd:de:ce:df:85:
                    70:c1:b4:dc:99:0c:eb:dc:3e:2d:84:c5:bf:63:ba:
                    f1:73:ee:51:b8:4a:32:df:97:29:bf:34:41:03:a4:
                    dd:ee:b1:cb:17:38:70:64:6b:1d:b1:85:a7:34:47:
                    10:1c:d1:f7:f1:2c:90:8a:5b:3d:38:89:22:86:3c:
                    56:9e:54:b8:2c:26:85:94:da:2c:72:5f:24:47:58:
                    11:b4:9d:c7:63:6d:cf:93:b1:e0:eb:ca:29:8a:d0:
                    a2:79:37:cf:1b:cc:fd:1d:11:d4:a0:09:ee:c0:40:
                    e4:4e:ca:f3:bf:51:5f:e9:e8:41:53:da:bc:4c:17:
                    06:f6:7a:5f:96:57:f3:84:c8:23:5e:ad:5f:ac:84:
                    7a:97:62:1c:1c:bd:8f:ac:ef:ab:fe:5e:30:76:94:
                    1e:48:eb:cc:65:95:45:35:d2:10:6f:07:21:86:37:
                    98:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:80:9D:3E:AD:3A:46:04:76:25:B6:C2:70:1D:99:11:FB:F1:3B:28
            X509v3 Authority Key Identifier:
                keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/x4CdPq06RgR2JbbCcB2ZEfvxOyg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.95.120.0/24
                  194.187.89.0-194.187.91.255
                  212.103.64.0/24
                IPv6:
                  2a02:388::/32

    Signature Algorithm: sha256WithRSAEncryption
         4f:fb:82:a5:71:2c:06:25:f5:dc:35:58:c6:7b:68:a6:04:8a:
         33:a5:80:0a:ed:60:25:93:b5:b2:a5:4c:7b:e5:96:a7:7e:90:
         9d:00:47:a1:a8:94:6c:c3:2b:bf:fc:11:90:ac:07:fe:c4:c8:
         0d:70:26:45:94:de:7c:29:63:cb:25:bb:a5:c4:bd:a5:a5:bf:
         67:be:14:68:91:92:c8:6b:80:f7:df:d3:fb:d4:3b:f3:bf:11:
         cd:4f:aa:18:6a:e1:da:63:3f:16:9f:c1:8b:69:51:5b:32:c3:
         82:7c:fa:17:f0:29:93:65:32:7e:ea:74:34:a9:ca:e1:eb:0c:
         6e:f7:79:c7:81:96:ec:9d:da:db:3a:7a:89:52:47:36:bf:fb:
         59:4a:07:5a:13:2b:1b:ef:ac:cb:d4:05:08:71:50:95:86:5c:
         ac:f5:44:1a:a3:fc:e1:c5:47:23:ae:4c:84:dd:36:97:ff:d6:
         41:a4:b0:65:fd:e3:60:e4:cd:5b:8c:de:b2:84:ad:eb:df:8f:
         81:18:4f:d7:b9:4e:98:cd:1e:50:26:ff:6f:f3:b8:16:d9:23:
         61:f8:96:dd:97:23:95:1e:44:bc:28:6a:78:dc:24:d5:3d:cb:
         27:38:b5:c9:2f:31:ee:9f:fe:60:8f:51:da:0d:89:66:5c:56:
         74:23:d7:9b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYe878AsigDeffsUYlWLjG14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjMwNDI2MDk0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzgwOWQzZWFkM2E0NjA0NzYyNWI2YzI3MDFkOTkxMWZiZjEzYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujBnu0AxnjaGgMhyMsU519l/BLRK
5/KGcRfQO+nqGlk3TnyJhZQnBFHM2IrJSGXfqtjB5ZgckSKSL03PW4jUKHPItbGn
qDkgboXydKOv4br9Cd3J3d7O34VwwbTcmQzr3D4thMW/Y7rxc+5RuEoy35cpvzRB
A6Td7rHLFzhwZGsdsYWnNEcQHNH38SyQils9OIkihjxWnlS4LCaFlNoscl8kR1gR
tJ3HY23Pk7Hg68opitCieTfPG8z9HRHUoAnuwEDkTsrzv1Ff6ehBU9q8TBcG9npf
llfzhMgjXq1frIR6l2IcHL2PrO+r/l4wdpQeSOvMZZVFNdIQbwchhjeYWQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMeAnT6tOkYEdiW2wnAdmRH78TsoMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEveDRDZFBxMDZSZ1IySmJiQ2NCMlpFZnZ4T3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQATV94MAwD
BADCu1kDBALCu1gDBADUZ0AwDQQCAAIwBwMFACoCA4gwDQYJKoZIhvcNAQELBQAD
ggEBAE/7gqVxLAYl9dw1WMZ7aKYEijOlgArtYCWTtbKlTHvllqd+kJ0AR6GolGzD
K7/8EZCsB/7EyA1wJkWU3nwpY8slu6XEvaWlv2e+FGiRkshrgPff0/vUO/O/Ec1P
qhhq4dpjPxafwYtpUVsyw4J8+hfwKZNlMn7qdDSpyuHrDG73eceBluyd2ts6eolS
Rza/+1lKB1oTKxvvrMvUBQhxUJWGXKz1RBqj/OHFRyOuTITdNpf/1kGksGX942Dk
zVuM3rKErevfj4EYT9e5TpjNHlAm/2/zuBbZI2H4lt2XI5UeRLwoanjcJNU9yyc4
tckvMe6f/mCPUdoNiWZcVnQj15s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org