Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/7e0b13-ec91-483d-b96a-659b4ccd7f4a/1/3IS3BGLT_4Ue0lioSaAqlQR9jgs.roa
File:                     3IS3BGLT_4Ue0lioSaAqlQR9jgs.roa (raw, json)
Hash identifier:          abEMsLCbo63ggExPxQdu/0DflOn3iRQwiXOmUSOLnFs=
Subject key identifier:   DC:84:B7:04:62:D3:FF:85:1E:D2:58:A8:49:A0:2A:95:04:7D:8E:0B
Certificate issuer:       /CN=9af188a04bb45d4ee74c44dc76d71fffbdc04f60
Certificate serial:       01856D8ADDE2B02A850D26D247AE67B2824A
Authority key identifier: 9A:F1:88:A0:4B:B4:5D:4E:E7:4C:44:DC:76:D7:1F:FF:BD:C0:4F:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mvGIoEu0XU7nTETcdtcf_73AT2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/7e0b13-ec91-483d-b96a-659b4ccd7f4a/1/3IS3BGLT_4Ue0lioSaAqlQR9jgs.roa
Signing time:             Sun 01 Jan 2023 13:34:55 +0000
ROA not before:           Sun 01 Jan 2023 13:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        77.83.236.0/22 maxlen: 22
                          2a09:9280::/29 maxlen: 29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:dd:e2:b0:2a:85:0d:26:d2:47:ae:67:b2:82:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9af188a04bb45d4ee74c44dc76d71fffbdc04f60
        Validity
            Not Before: Jan  1 13:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc84b70462d3ff851ed258a849a02a95047d8e0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d7:1f:59:c6:97:3b:9c:13:23:b1:15:37:df:
                    9b:c4:6e:e3:cf:87:4b:6a:89:7c:91:3b:a5:83:3c:
                    a7:68:47:7b:fd:15:b0:aa:1a:39:36:0f:f1:2e:8d:
                    a8:17:f1:2e:49:9b:d8:95:46:cc:c4:18:6f:ee:d6:
                    cf:da:13:10:58:3b:2b:41:51:12:e1:81:30:3d:3e:
                    3b:f9:9a:c9:8d:1b:68:65:cc:87:fe:a4:8e:20:a9:
                    32:69:92:21:b6:37:2a:51:3c:eb:1e:61:f3:d3:fd:
                    0d:36:8f:df:ab:f1:30:1a:bc:9a:33:33:32:e6:06:
                    ff:94:3a:63:4e:96:93:86:91:ec:c1:fc:53:e0:27:
                    7d:c9:1e:88:fa:41:91:18:7b:ea:bb:a5:34:56:cd:
                    97:e4:d0:2d:2d:6b:c4:0a:8a:42:5a:f7:24:a7:5b:
                    9d:31:cc:4f:e4:7f:50:64:b6:b1:85:19:ad:9f:2f:
                    5b:1d:b1:c0:0b:26:78:d2:99:5b:cc:81:8c:ec:03:
                    a8:06:49:f4:5e:91:bb:67:d4:91:57:55:73:e3:d3:
                    d1:4f:7d:05:d5:33:7a:68:b5:6f:7d:9b:34:4e:aa:
                    f1:9d:c4:eb:f2:f6:59:98:f9:b3:0d:27:db:51:cc:
                    a0:da:e3:3d:90:65:f6:8a:05:31:82:36:46:1e:e5:
                    3a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:84:B7:04:62:D3:FF:85:1E:D2:58:A8:49:A0:2A:95:04:7D:8E:0B
            X509v3 Authority Key Identifier:
                keyid:9A:F1:88:A0:4B:B4:5D:4E:E7:4C:44:DC:76:D7:1F:FF:BD:C0:4F:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvGIoEu0XU7nTETcdtcf_73AT2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/7e0b13-ec91-483d-b96a-659b4ccd7f4a/1/3IS3BGLT_4Ue0lioSaAqlQR9jgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/7e0b13-ec91-483d-b96a-659b4ccd7f4a/1/mvGIoEu0XU7nTETcdtcf_73AT2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.236.0/22
                IPv6:
                  2a09:9280::/29

    Signature Algorithm: sha256WithRSAEncryption
         d2:aa:e2:57:b7:46:6f:70:2f:ed:c3:a0:cb:d6:ef:21:f0:75:
         dd:2d:05:d1:b1:e8:0a:d6:ef:ef:97:e2:cf:9e:09:a7:44:41:
         94:24:9c:e3:f1:8b:7a:76:a5:16:30:3c:f2:a8:22:f6:2b:c9:
         2d:f8:e8:43:4d:e6:3f:40:bc:51:c5:bb:05:fd:5c:57:48:29:
         a5:a1:4b:61:30:02:f0:d7:d6:98:2c:12:6d:37:08:d6:99:38:
         aa:58:e8:10:be:5a:64:dc:3f:c4:04:67:33:11:55:88:b1:2d:
         48:b2:ec:cc:61:cb:57:90:c2:ef:92:f2:b6:6f:b6:3a:ed:3c:
         45:83:b7:7b:27:0f:3f:ec:f1:49:0c:90:13:fa:77:c1:2c:fb:
         cc:9a:28:21:c9:0d:db:80:10:7f:3d:f0:7f:90:49:a9:c7:5d:
         e7:cb:a1:1a:21:eb:56:74:db:49:cd:d0:58:f8:09:34:a3:b4:
         b8:e6:b1:3c:2c:83:d2:0c:e9:41:bd:a5:a9:e4:db:c6:a1:d8:
         d6:e6:d7:bf:1e:16:5d:98:8a:dd:29:51:00:a7:3d:99:4a:2f:
         0b:0e:75:7c:d5:65:cc:cc:12:ef:d4:97:9e:a9:3f:be:8b:59:
         ed:9c:13:f1:57:67:4a:78:d7:5c:d1:6d:07:4b:da:02:e9:8a:
         ce:b3:ad:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtit3isCqFDSbSR65nsoJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjE4OGEwNGJiNDVkNGVlNzRjNDRkYzc2ZDcxZmZmYmRj
MDRmNjAwHhcNMjMwMTAxMTMzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzg0YjcwNDYyZDNmZjg1MWVkMjU4YTg0OWEwMmE5NTA0N2Q4ZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9cfWcaXO5wTI7EVN9+bxG7jz4dL
aol8kTulgzynaEd7/RWwqho5Ng/xLo2oF/EuSZvYlUbMxBhv7tbP2hMQWDsrQVES
4YEwPT47+ZrJjRtoZcyH/qSOIKkyaZIhtjcqUTzrHmHz0/0NNo/fq/EwGryaMzMy
5gb/lDpjTpaThpHswfxT4Cd9yR6I+kGRGHvqu6U0Vs2X5NAtLWvECopCWvckp1ud
McxP5H9QZLaxhRmtny9bHbHACyZ40plbzIGM7AOoBkn0XpG7Z9SRV1Vz49PRT30F
1TN6aLVvfZs0TqrxncTr8vZZmPmzDSfbUcyg2uM9kGX2igUxgjZGHuU6hwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNyEtwRi0/+FHtJYqEmgKpUEfY4LMB8GA1UdIwQY
MBaAFJrxiKBLtF1O50xE3HbXH/+9wE9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZHSW9FdTBYVTduVEVUY2R0Y2ZfNzNBVDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83ZTBiMTMtZWM5MS00ODNkLWI5NmEt
NjU5YjRjY2Q3ZjRhLzEvM0lTM0JHTFRfNFVlMGxpb1NhQXFsUVI5amdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83ZTBiMTMtZWM5MS00ODNkLWI5NmEtNjU5YjRjY2Q3ZjRh
LzEvbXZHSW9FdTBYVTduVEVUY2R0Y2ZfNzNBVDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCTVPsMA0E
AgACMAcDBQMqCZKAMA0GCSqGSIb3DQEBCwUAA4IBAQDSquJXt0ZvcC/tw6DL1u8h
8HXdLQXRsegK1u/vl+LPngmnREGUJJzj8Yt6dqUWMDzyqCL2K8kt+OhDTeY/QLxR
xbsF/VxXSCmloUthMALw19aYLBJtNwjWmTiqWOgQvlpk3D/EBGczEVWIsS1IsuzM
YctXkMLvkvK2b7Y67TxFg7d7Jw8/7PFJDJAT+nfBLPvMmighyQ3bgBB/PfB/kEmp
x13ny6EaIetWdNtJzdBY+Ak0o7S45rE8LIPSDOlBvaWp5NvGodjW5te/HhZdmIrd
KVEApz2ZSi8LDnV81WXMzBLv1JeeqT++i1ntnBPxV2dKeNdc0W0HS9oC6YrOs60S
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:03 2024 by rpki-client on console-ams.rpki-client.org