Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/GHvZ7Ldc6sb0cpbW-e8pbd9xWq0.roa
File:                     GHvZ7Ldc6sb0cpbW-e8pbd9xWq0.roa (raw, json)
Hash identifier:          q/gDCuiXarVFofD20v3wq+9j8zf6EHCtJyP/ofBEyTU=
Subject key identifier:   18:7B:D9:EC:B7:5C:EA:C6:F4:72:96:D6:F9:EF:29:6D:DF:71:5A:AD
Certificate issuer:       /CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Certificate serial:       01856C00FD1447953FEDC3C8DC8E91F29F71
Authority key identifier: 35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/GHvZ7Ldc6sb0cpbW-e8pbd9xWq0.roa
Signing time:             Sun 01 Jan 2023 06:24:42 +0000
ROA not before:           Sun 01 Jan 2023 06:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57366
IP address blocks:        178.215.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:00:fd:14:47:95:3f:ed:c3:c8:dc:8e:91:f2:9f:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
        Validity
            Not Before: Jan  1 06:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=187bd9ecb75ceac6f47296d6f9ef296ddf715aad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:dd:a4:48:1d:8f:f9:c3:29:6a:15:7a:6f:1c:
                    d2:b9:22:a1:0e:71:58:41:ff:9f:b8:f2:81:81:84:
                    05:96:67:ce:6f:54:92:e2:0d:d2:25:b7:93:f4:0c:
                    64:ac:0b:61:3f:1f:e8:77:39:48:28:b1:84:bb:f2:
                    41:14:5e:d8:0c:c2:82:bf:64:14:56:d7:14:74:3a:
                    6e:11:3a:7f:62:91:7f:40:79:21:d2:9b:87:03:73:
                    cd:12:92:f3:d1:ba:5e:3c:af:52:9f:2f:cc:62:9a:
                    4b:fd:42:42:b6:91:10:d2:6f:e4:c0:73:e1:1b:73:
                    22:03:1c:db:5b:98:b8:dd:e0:fc:0d:a4:87:5e:48:
                    ce:4f:50:4b:80:da:57:60:bf:ac:0f:d2:ef:ff:0e:
                    b1:3f:e5:77:72:e9:d7:25:26:d3:93:82:61:c9:d6:
                    b7:fd:de:dc:e6:88:93:1c:bd:9d:a6:11:58:df:50:
                    dc:49:48:c4:51:19:00:98:bd:a0:7d:b2:10:c8:8f:
                    ba:26:48:c7:26:34:4e:44:2d:67:5b:b2:09:8f:d3:
                    7d:ee:b6:da:60:18:61:c6:c8:a4:99:59:46:a7:cb:
                    da:6f:8f:a3:73:f5:ac:f8:26:3e:16:9a:ad:98:42:
                    dc:c4:08:38:fd:bc:4b:1b:89:f0:6a:2f:e9:39:79:
                    56:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:7B:D9:EC:B7:5C:EA:C6:F4:72:96:D6:F9:EF:29:6D:DF:71:5A:AD
            X509v3 Authority Key Identifier:
                keyid:35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/GHvZ7Ldc6sb0cpbW-e8pbd9xWq0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/NRNbgbbB7dL29bwcYIpfyf6SZHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.215.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:93:56:db:cd:b0:b9:4b:ab:15:77:2c:ee:5b:55:a9:fd:bc:
         21:d5:6d:0b:24:a4:93:a7:18:47:36:16:47:39:f0:df:ac:2c:
         5c:77:05:8c:36:aa:b1:18:92:b2:af:ed:2a:20:47:dd:6f:fe:
         f5:70:c2:7e:7a:33:73:a1:69:b1:cf:04:81:bb:d2:d0:4e:2c:
         b3:ef:8c:89:53:ec:ae:4f:00:f5:31:d6:d2:6c:d2:55:78:af:
         f6:5b:e1:9f:f2:39:99:92:af:12:6e:c3:5d:33:35:49:39:c2:
         f9:5f:ab:06:fe:ec:0e:a1:71:e5:77:19:89:10:84:1c:de:4e:
         9d:f4:fa:c0:6a:4b:90:51:2e:79:cb:5b:24:90:e3:49:db:5d:
         86:cc:4d:75:9c:b5:8e:00:15:7e:5f:0e:ff:52:c1:2f:d1:a3:
         25:40:9f:4b:a9:69:02:cd:74:b8:a3:bb:6b:4b:7c:49:65:23:
         63:cb:9d:ea:b7:54:77:8d:72:37:d1:78:83:bc:b9:2a:4b:b4:
         cb:7e:1f:d9:1d:b2:ca:e1:19:15:2f:b9:6a:7d:dd:d2:5c:57:
         42:1f:fd:4a:29:cf:70:01:c2:8e:2a:54:8e:42:64:63:40:b1:
         e8:3d:f3:82:54:00:93:72:38:ea:f5:40:1c:96:78:1f:fe:da:
         c7:fc:0b:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAP0UR5U/7cPI3I6R8p9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTM1YjgxYjZjMWVkZDJmNmY1YmMxYzYwOGE1ZmM5ZmU5
MjY0NzQwHhcNMjMwMTAxMDYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdiZDllY2I3NWNlYWM2ZjQ3Mjk2ZDZmOWVmMjk2ZGRmNzE1YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN2kSB2P+cMpahV6bxzSuSKhDnFY
Qf+fuPKBgYQFlmfOb1SS4g3SJbeT9AxkrAthPx/odzlIKLGEu/JBFF7YDMKCv2QU
VtcUdDpuETp/YpF/QHkh0puHA3PNEpLz0bpePK9Sny/MYppL/UJCtpEQ0m/kwHPh
G3MiAxzbW5i43eD8DaSHXkjOT1BLgNpXYL+sD9Lv/w6xP+V3cunXJSbTk4Jhyda3
/d7c5oiTHL2dphFY31DcSUjEURkAmL2gfbIQyI+6JkjHJjRORC1nW7IJj9N97rba
YBhhxsikmVlGp8vab4+jc/Ws+CY+FpqtmELcxAg4/bxLG4nwai/pOXlWowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBh72ey3XOrG9HKW1vnvKW3fcVqtMB8GA1UdIwQY
MBaAFDUTW4G2we3S9vW8HGCKX8n+kmR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJOYmdiYkI3ZEwyOWJ3Y1lJcGZ5ZjZTWkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kMGEwYTAtZDI1YS00NzQ2LTkxMzkt
YTcxNDU2ZGY5OTk3LzEvR0h2WjdMZGM2c2IwY3BiVy1lOHBiZDl4V3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kMGEwYTAtZDI1YS00NzQ2LTkxMzktYTcxNDU2ZGY5OTk3
LzEvTlJOYmdiYkI3ZEwyOWJ3Y1lJcGZ5ZjZTWkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstcDMA0G
CSqGSIb3DQEBCwUAA4IBAQAjk1bbzbC5S6sVdyzuW1Wp/bwh1W0LJKSTpxhHNhZH
OfDfrCxcdwWMNqqxGJKyr+0qIEfdb/71cMJ+ejNzoWmxzwSBu9LQTiyz74yJU+yu
TwD1MdbSbNJVeK/2W+Gf8jmZkq8SbsNdMzVJOcL5X6sG/uwOoXHldxmJEIQc3k6d
9PrAakuQUS55y1skkONJ212GzE11nLWOABV+Xw7/UsEv0aMlQJ9LqWkCzXS4o7tr
S3xJZSNjy53qt1R3jXI30XiDvLkqS7TLfh/ZHbLK4RkVL7lqfd3SXFdCH/1KKc9w
AcKOKlSOQmRjQLHoPfOCVACTcjjq9UAclngf/trH/AsQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:10 2024 by rpki-client on console-fra.rpki-client.org