Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/lQ-Zl_xUwaqMZGrtIyJeaiTL-e4.roa
File:                     lQ-Zl_xUwaqMZGrtIyJeaiTL-e4.roa (raw, json)
Hash identifier:          Y4VwAaDq51gJjCWpK70YFLJeDTj24SUIztXRuaSycXw=
Subject key identifier:   95:0F:99:97:FC:54:C1:AA:8C:64:6A:ED:23:22:5E:6A:24:CB:F9:EE
Certificate issuer:       /CN=bd82e60d072e5185435a900e323f463806d433c9
Certificate serial:       018571D79D5778512029CA7B13380BB12686
Authority key identifier: BD:82:E6:0D:07:2E:51:85:43:5A:90:0E:32:3F:46:38:06:D4:33:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vYLmDQcuUYVDWpAOMj9GOAbUM8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/lQ-Zl_xUwaqMZGrtIyJeaiTL-e4.roa
Signing time:             Mon 02 Jan 2023 09:37:13 +0000
ROA not before:           Mon 02 Jan 2023 09:37:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43356
IP address blocks:        77.92.2.0/24 maxlen: 24
                          77.92.3.0/24 maxlen: 24
                          77.92.1.0/24 maxlen: 24
                          77.92.4.0/24 maxlen: 24
                          193.201.131.0/24 maxlen: 24
                          193.201.129.0/24 maxlen: 24
                          193.201.130.0/24 maxlen: 24
                          77.92.8.0/22 maxlen: 22
                          77.92.6.0/24 maxlen: 24
                          77.92.7.0/24 maxlen: 24
                          193.201.128.0/24 maxlen: 24
                          77.92.5.0/24 maxlen: 24
                          77.92.16.0/22 maxlen: 22
                          77.92.15.0/24 maxlen: 24
                          77.92.13.0/24 maxlen: 24
                          77.92.14.0/24 maxlen: 24
                          77.92.12.0/24 maxlen: 24
                          77.92.23.0/24 maxlen: 24
                          77.92.22.0/24 maxlen: 24
                          77.92.20.0/24 maxlen: 24
                          77.92.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 14:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:9d:57:78:51:20:29:ca:7b:13:38:0b:b1:26:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd82e60d072e5185435a900e323f463806d433c9
        Validity
            Not Before: Jan  2 09:37:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=950f9997fc54c1aa8c646aed23225e6a24cbf9ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f1:94:94:00:8c:f9:ce:24:b8:9b:24:5e:1d:
                    1e:08:ba:fe:4f:b8:45:de:a1:c4:be:12:70:fd:a1:
                    b8:97:76:be:58:4d:08:af:7a:97:a1:d8:e3:68:42:
                    32:bd:d4:54:c4:7c:50:96:e8:5f:c6:b9:9a:c0:1d:
                    bf:5f:bc:93:34:be:47:7f:67:1e:10:41:f7:9a:e1:
                    99:09:2e:fa:b3:a0:8d:c7:1b:fa:f7:b6:a5:79:6e:
                    00:53:43:22:01:58:76:64:61:ff:d8:e4:6a:56:46:
                    8b:4c:4c:7c:b6:7d:7b:9c:ec:84:d2:a1:ce:c2:15:
                    be:58:f7:b9:d6:cc:bd:b1:06:f3:5b:4b:7f:ef:23:
                    6c:47:fd:fe:a7:1f:02:fe:30:8e:51:9b:2f:05:bf:
                    4c:55:b6:ec:c6:aa:dd:65:f7:ce:db:a9:fd:61:bb:
                    12:3c:fe:07:11:ab:c6:43:bc:c1:e3:16:61:a9:73:
                    14:3b:07:89:3e:76:d6:05:d9:98:a1:d4:fd:08:5c:
                    27:fa:b8:83:66:63:9e:e2:42:ad:ea:20:07:f6:b8:
                    d6:b0:2d:81:7c:97:57:0e:fe:66:e4:9e:96:27:44:
                    97:9e:13:e9:c2:ec:5b:53:6d:87:b8:45:19:31:8e:
                    e9:96:96:6b:ec:a4:31:a1:87:07:92:d2:38:e3:05:
                    ff:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:0F:99:97:FC:54:C1:AA:8C:64:6A:ED:23:22:5E:6A:24:CB:F9:EE
            X509v3 Authority Key Identifier:
                keyid:BD:82:E6:0D:07:2E:51:85:43:5A:90:0E:32:3F:46:38:06:D4:33:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vYLmDQcuUYVDWpAOMj9GOAbUM8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/lQ-Zl_xUwaqMZGrtIyJeaiTL-e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/vYLmDQcuUYVDWpAOMj9GOAbUM8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.92.1.0-77.92.23.255
                  193.201.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:e2:89:56:f5:90:1e:3d:ef:53:5b:08:fe:89:ec:b3:e9:a6:
         97:88:bf:b0:cb:cb:b2:eb:fd:98:09:55:a6:0f:e2:a3:0e:f4:
         81:8f:1b:ab:b8:71:51:df:04:a5:06:03:eb:44:16:9f:0f:7f:
         d2:f1:f1:08:8a:a4:57:1f:8d:9d:92:2f:d1:54:1d:a7:af:3f:
         cc:8a:67:84:3e:7a:1a:63:ba:cf:1c:6f:c1:6c:61:63:40:12:
         eb:fc:b8:41:62:8b:f1:a7:e2:c5:5f:a4:93:5b:24:81:83:f5:
         49:2a:bd:13:80:c6:5f:ee:7a:ac:82:40:9a:39:fa:8e:2b:68:
         8a:ad:03:55:0b:cb:f2:ea:8e:05:64:ca:2c:a0:c0:a5:2d:35:
         e1:67:5e:de:5c:ab:93:6f:e1:a6:f9:7c:6b:a2:d3:c6:c2:d8:
         b5:b5:93:41:4f:33:8d:0b:2b:b5:9f:ff:a4:68:11:b1:a9:08:
         5f:dc:8c:30:2e:2a:1f:c4:6c:25:d8:e7:e9:2f:f2:a1:ba:88:
         aa:65:d8:8f:b7:dc:81:21:ff:0f:5e:f0:31:cc:8f:e1:3b:6e:
         9b:d7:ce:4a:ee:c6:6d:48:34:b4:9b:a2:fd:da:8b:68:fd:d3:
         c8:e1:cd:8b:2f:0b:d5:76:fe:e3:03:e8:25:6a:33:2d:7e:c2:
         34:94:5a:2b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVx151XeFEgKcp7EzgLsSaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkODJlNjBkMDcyZTUxODU0MzVhOTAwZTMyM2Y0NjM4MDZk
NDMzYzkwHhcNMjMwMTAyMDkzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBmOTk5N2ZjNTRjMWFhOGM2NDZhZWQyMzIyNWU2YTI0Y2JmOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvGUlACM+c4kuJskXh0eCLr+T7hF
3qHEvhJw/aG4l3a+WE0Ir3qXodjjaEIyvdRUxHxQluhfxrmawB2/X7yTNL5Hf2ce
EEH3muGZCS76s6CNxxv697aleW4AU0MiAVh2ZGH/2ORqVkaLTEx8tn17nOyE0qHO
whW+WPe51sy9sQbzW0t/7yNsR/3+px8C/jCOUZsvBb9MVbbsxqrdZffO26n9YbsS
PP4HEavGQ7zB4xZhqXMUOweJPnbWBdmYodT9CFwn+riDZmOe4kKt6iAH9rjWsC2B
fJdXDv5m5J6WJ0SXnhPpwuxbU22HuEUZMY7plpZr7KQxoYcHktI44wX/TwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJUPmZf8VMGqjGRq7SMiXmoky/nuMB8GA1UdIwQY
MBaAFL2C5g0HLlGFQ1qQDjI/RjgG1DPJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdllMbURRY3VVWVZEV3BBT01qOUdPQWJVTThrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lM2JiYzktNzhjMy00M2EyLWI5YjAt
NDhhY2VmNjcyZTRhLzEvbFEtWmxfeFV3YXFNWkdydEl5SmVhaVRMLWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lM2JiYzktNzhjMy00M2EyLWI5YjAtNDhhY2VmNjcyZTRh
LzEvdllMbURRY3VVWVZEV3BBT01qOUdPQWJVTThrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABNXAED
BANNXBADBALByYAwDQYJKoZIhvcNAQELBQADggEBAGriiVb1kB4971NbCP6J7LPp
ppeIv7DLy7Lr/ZgJVaYP4qMO9IGPG6u4cVHfBKUGA+tEFp8Pf9Lx8QiKpFcfjZ2S
L9FUHaevP8yKZ4Q+ehpjus8cb8FsYWNAEuv8uEFii/Gn4sVfpJNbJIGD9UkqvROA
xl/ueqyCQJo5+o4raIqtA1ULy/LqjgVkyiygwKUtNeFnXt5cq5Nv4ab5fGui08bC
2LW1k0FPM40LK7Wf/6RoEbGpCF/cjDAuKh/EbCXY5+kv8qG6iKpl2I+33IEh/w9e
8DHMj+E7bpvXzkruxm1INLSbov3ai2j908jhzYsvC9V2/uMD6CVqMy1+wjSUWis=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:00 2024 by rpki-client on console-ams.rpki-client.org