Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/y8Cu2hxeTN4TG-r7L98iw7ktZC4.roa
File:                     y8Cu2hxeTN4TG-r7L98iw7ktZC4.roa (raw, json)
Hash identifier:          R2RU9lVM9GpJhJgV+gGreHlLqnPGOT/R8vykUp/uRTY=
Subject key identifier:   CB:C0:AE:DA:1C:5E:4C:DE:13:1B:EA:FB:2F:DF:22:C3:B9:2D:64:2E
Certificate issuer:       /CN=bd82e60d072e5185435a900e323f463806d433c9
Certificate serial:       018770BA92F5E2898F9093AC0909EF647D26
Authority key identifier: BD:82:E6:0D:07:2E:51:85:43:5A:90:0E:32:3F:46:38:06:D4:33:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vYLmDQcuUYVDWpAOMj9GOAbUM8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/y8Cu2hxeTN4TG-r7L98iw7ktZC4.roa
Signing time:             Tue 11 Apr 2023 14:31:28 +0000
ROA not before:           Tue 11 Apr 2023 14:31:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43356
IP address blocks:        77.92.2.0/24 maxlen: 24
                          77.92.3.0/24 maxlen: 24
                          77.92.0.0/20 maxlen: 20
                          77.92.1.0/24 maxlen: 24
                          77.92.4.0/24 maxlen: 24
                          193.201.131.0/24 maxlen: 24
                          193.201.129.0/24 maxlen: 24
                          193.201.130.0/24 maxlen: 24
                          77.92.8.0/22 maxlen: 22
                          77.92.6.0/24 maxlen: 24
                          77.92.7.0/24 maxlen: 24
                          193.201.128.0/24 maxlen: 24
                          77.92.5.0/24 maxlen: 24
                          77.92.16.0/22 maxlen: 22
                          77.92.15.0/24 maxlen: 24
                          77.92.13.0/24 maxlen: 24
                          77.92.14.0/24 maxlen: 24
                          77.92.12.0/24 maxlen: 24
                          77.92.23.0/24 maxlen: 24
                          77.92.22.0/24 maxlen: 24
                          77.92.20.0/24 maxlen: 24
                          77.92.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 15:51:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:ba:92:f5:e2:89:8f:90:93:ac:09:09:ef:64:7d:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd82e60d072e5185435a900e323f463806d433c9
        Validity
            Not Before: Apr 11 14:31:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbc0aeda1c5e4cde131beafb2fdf22c3b92d642e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cc:95:38:e8:ec:02:15:2a:0c:42:5d:08:ea:
                    00:2a:32:99:5f:22:3f:f2:ae:e6:5b:f5:3b:80:40:
                    81:c0:dc:14:e1:cb:d6:ee:cb:74:92:a0:42:2d:2a:
                    84:52:6b:c8:ab:4d:0c:40:34:31:c9:3a:7e:ec:20:
                    3b:62:25:f7:40:b2:7c:4a:71:0e:8c:16:b8:75:82:
                    96:3b:5c:a5:df:e3:b6:68:ad:d8:93:68:a9:87:5f:
                    1e:c0:2f:59:c7:ba:9d:70:31:37:bd:64:cc:ba:02:
                    e5:1d:f7:43:99:ec:35:fc:41:da:1a:47:21:07:21:
                    b4:8d:0d:28:42:02:78:3f:1f:5e:d1:cf:1e:f4:ae:
                    37:e4:e1:d9:5b:3e:85:c6:8c:a7:40:b3:d7:40:be:
                    ea:b5:7d:f2:21:4d:47:95:d3:b2:2a:33:af:57:7b:
                    be:f1:51:ab:9d:b6:0b:6c:6c:24:33:60:49:34:4d:
                    6f:f8:dd:36:21:d4:b0:ab:e3:aa:a3:ad:ec:a1:10:
                    b8:06:d9:a7:a5:c8:11:17:7c:73:8f:85:2a:64:e8:
                    f3:1f:af:b4:e9:ca:64:f3:79:0d:8b:24:52:3f:77:
                    81:14:9e:d5:aa:5f:7b:e1:5a:c5:9e:14:42:8e:08:
                    bb:e9:84:86:37:26:46:5e:ea:91:6e:8e:3d:1f:a7:
                    b8:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:C0:AE:DA:1C:5E:4C:DE:13:1B:EA:FB:2F:DF:22:C3:B9:2D:64:2E
            X509v3 Authority Key Identifier:
                keyid:BD:82:E6:0D:07:2E:51:85:43:5A:90:0E:32:3F:46:38:06:D4:33:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vYLmDQcuUYVDWpAOMj9GOAbUM8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/y8Cu2hxeTN4TG-r7L98iw7ktZC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/vYLmDQcuUYVDWpAOMj9GOAbUM8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.92.0.0-77.92.23.255
                  193.201.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:24:21:76:7a:c3:88:4a:0b:b6:9c:26:5e:fa:dd:07:c8:0b:
         6e:f9:33:0f:40:3d:91:d4:6a:20:15:01:41:d6:a5:29:a1:c8:
         a1:3c:a5:32:fc:8e:fe:b5:5d:02:f3:d6:29:ba:fd:fc:4c:f7:
         ee:b5:ef:32:d9:ed:bb:99:33:1c:62:8e:e2:2c:7a:3e:79:e4:
         43:d7:3f:1f:17:83:19:d9:7d:48:25:8b:82:cf:84:63:d4:f7:
         f6:01:e8:d2:43:b9:a3:98:31:fa:ee:63:44:3f:69:15:02:8e:
         5d:b5:20:6c:ad:d4:f8:ba:5e:e1:ae:e3:73:62:a3:18:d4:65:
         57:5a:e9:61:4a:7c:f3:00:2b:6c:b6:90:04:41:d7:30:ff:9a:
         05:43:07:87:26:b0:3f:59:35:8d:af:a0:56:8f:66:a4:cc:84:
         5f:90:b0:13:3c:2b:f1:69:98:e3:6e:f8:44:59:80:95:0a:35:
         27:c8:b8:9c:c8:25:3b:24:15:a8:67:7f:7a:1d:ef:24:72:36:
         9b:b4:56:41:22:dc:f7:58:86:13:e3:df:be:0a:ab:6d:d8:ca:
         17:d8:1d:c3:63:30:d9:f8:58:2b:03:46:8e:cc:c4:02:43:68:
         6e:a5:6a:71:a3:a0:88:d6:e8:53:0e:a3:b4:e0:86:1f:f4:4a:
         f9:09:bc:89
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYdwupL14omPkJOsCQnvZH0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkODJlNjBkMDcyZTUxODU0MzVhOTAwZTMyM2Y0NjM4MDZk
NDMzYzkwHhcNMjMwNDExMTQzMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmMwYWVkYTFjNWU0Y2RlMTMxYmVhZmIyZmRmMjJjM2I5MmQ2NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8yVOOjsAhUqDEJdCOoAKjKZXyI/
8q7mW/U7gECBwNwU4cvW7st0kqBCLSqEUmvIq00MQDQxyTp+7CA7YiX3QLJ8SnEO
jBa4dYKWO1yl3+O2aK3Yk2iph18ewC9Zx7qdcDE3vWTMugLlHfdDmew1/EHaGkch
ByG0jQ0oQgJ4Px9e0c8e9K435OHZWz6FxoynQLPXQL7qtX3yIU1HldOyKjOvV3u+
8VGrnbYLbGwkM2BJNE1v+N02IdSwq+Oqo63soRC4BtmnpcgRF3xzj4UqZOjzH6+0
6cpk83kNiyRSP3eBFJ7Vql974VrFnhRCjgi76YSGNyZGXuqRbo49H6e4HQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMvArtocXkzeExvq+y/fIsO5LWQuMB8GA1UdIwQY
MBaAFL2C5g0HLlGFQ1qQDjI/RjgG1DPJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdllMbURRY3VVWVZEV3BBT01qOUdPQWJVTThrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lM2JiYzktNzhjMy00M2EyLWI5YjAt
NDhhY2VmNjcyZTRhLzEveThDdTJoeGVUTjRURy1yN0w5OGl3N2t0WkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lM2JiYzktNzhjMy00M2EyLWI5YjAtNDhhY2VmNjcyZTRh
LzEvdllMbURRY3VVWVZEV3BBT01qOUdPQWJVTThrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwJNXAME
A01cEAMEAsHJgDANBgkqhkiG9w0BAQsFAAOCAQEAKCQhdnrDiEoLtpwmXvrdB8gL
bvkzD0A9kdRqIBUBQdalKaHIoTylMvyO/rVdAvPWKbr9/Ez37rXvMtntu5kzHGKO
4ix6PnnkQ9c/HxeDGdl9SCWLgs+EY9T39gHo0kO5o5gx+u5jRD9pFQKOXbUgbK3U
+Lpe4a7jc2KjGNRlV1rpYUp88wArbLaQBEHXMP+aBUMHhyawP1k1ja+gVo9mpMyE
X5CwEzwr8WmY4274RFmAlQo1J8i4nMglOyQVqGd/eh3vJHI2m7RWQSLc91iGE+Pf
vgqrbdjKF9gdw2Mw2fhYKwNGjszEAkNobqVqcaOgiNboUw6jtOCGH/RK+Qm8iQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org