Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L3GBKWNhoRGHTx4278B90TyzqRk.roa
File:                     L3GBKWNhoRGHTx4278B90TyzqRk.roa (raw, json)
Hash identifier:          IPkh7OfUvBGNNd936sYFAJ5tduGxSt2ro1/uIT27Gc0=
Subject key identifier:   2F:71:81:29:63:61:A1:11:87:4F:1E:36:EF:C0:7D:D1:3C:B3:A9:19
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F671396765B0EE031B8B7849980356A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L3GBKWNhoRGHTx4278B90TyzqRk.roa
Signing time:             Sun 01 Jan 2023 22:15:04 +0000
ROA not before:           Sun 01 Jan 2023 22:15:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211415
IP address blocks:        192.124.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:13:96:76:5b:0e:e0:31:b8:b7:84:99:80:35:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:15:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f7181296361a111874f1e36efc07dd13cb3a919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:c5:02:20:9e:c7:67:e0:35:c8:8a:fa:6e:91:
                    78:48:09:a8:e2:eb:30:64:22:1d:5b:e6:c9:f3:70:
                    1c:f3:9c:fa:70:8b:72:f7:18:5a:95:0a:25:1b:ec:
                    19:51:36:e0:18:4a:24:80:4d:97:e1:86:99:30:b6:
                    38:ef:74:d0:df:69:cc:6f:07:07:58:11:ef:8d:47:
                    ec:15:7f:62:56:6c:3c:45:ff:2f:79:6b:7c:73:84:
                    68:70:08:e5:f1:ed:ce:30:5c:72:af:86:ef:93:9c:
                    3f:4d:72:cf:33:c9:c5:9d:80:21:a1:9e:65:22:b3:
                    42:9a:30:2b:2d:98:89:e5:62:b8:b3:52:b0:63:85:
                    3f:e8:0f:fd:c7:de:b3:c0:c1:a8:cd:5f:b2:0b:cb:
                    a4:4c:fc:b0:11:da:8c:39:f3:4e:09:31:6f:c1:e3:
                    7c:17:7c:d1:ce:30:94:c0:91:11:28:7b:e0:20:bc:
                    f0:45:56:d8:3a:85:81:8f:fe:a4:1c:58:ce:52:fc:
                    e6:2f:3f:fc:77:ec:bf:35:27:b6:09:35:76:a2:3b:
                    37:ee:51:d0:49:93:2b:62:c3:e0:5e:93:3d:ae:f5:
                    c0:99:cd:a2:c8:8d:9c:ec:f1:c2:58:bc:b5:40:4c:
                    81:ed:15:97:17:d2:5e:f4:8a:7c:71:96:13:d2:94:
                    78:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:71:81:29:63:61:A1:11:87:4F:1E:36:EF:C0:7D:D1:3C:B3:A9:19
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L3GBKWNhoRGHTx4278B90TyzqRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:7d:59:66:5e:d7:f6:09:4e:eb:80:e5:64:88:af:07:7c:b3:
         f7:b1:c7:4c:c6:54:17:dc:12:28:9a:68:f8:0d:db:a0:f1:54:
         3e:a0:fc:ba:d5:78:b5:03:c8:18:1c:b7:dd:b5:86:a3:3a:0d:
         e7:d7:02:05:95:4b:47:3e:78:20:af:a3:94:d2:5e:84:ee:2c:
         3a:92:6f:03:35:af:91:84:29:79:2f:07:d3:72:76:89:36:73:
         a8:dd:6d:b7:ca:8b:23:db:57:ca:bf:25:76:1f:65:88:7e:01:
         26:a5:fa:d6:8c:db:4b:80:f0:c2:db:01:e5:f7:ac:5d:42:73:
         dc:8e:d2:7f:d3:af:4e:a1:a2:f2:ad:58:0b:17:cd:bd:1c:7f:
         72:f6:98:4d:f0:64:2a:a2:9e:85:be:6b:db:4b:e2:39:f4:54:
         80:2f:5f:80:00:88:ad:f9:36:86:4d:f0:bf:c9:4f:ca:7c:a1:
         13:fb:3d:b9:8c:80:77:86:23:2e:56:3d:7d:0b:ce:ec:0e:2b:
         90:96:ae:99:1b:82:2b:0b:d2:3e:7e:1b:02:10:9a:92:de:16:
         cc:37:a4:43:18:5a:ef:50:90:3a:8b:8a:1d:f7:21:d1:d8:0a:
         b1:73:11:9f:35:d1:50:49:58:48:16:33:e3:08:64:4d:8a:0f:
         51:83:a7:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZxOWdlsO4DG4t4SZgDVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjcxODEyOTYzNjFhMTExODc0ZjFlMzZlZmMwN2RkMTNjYjNhOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMUCIJ7HZ+A1yIr6bpF4SAmo4usw
ZCIdW+bJ83Ac85z6cIty9xhalQolG+wZUTbgGEokgE2X4YaZMLY473TQ32nMbwcH
WBHvjUfsFX9iVmw8Rf8veWt8c4RocAjl8e3OMFxyr4bvk5w/TXLPM8nFnYAhoZ5l
IrNCmjArLZiJ5WK4s1KwY4U/6A/9x96zwMGozV+yC8ukTPywEdqMOfNOCTFvweN8
F3zRzjCUwJERKHvgILzwRVbYOoWBj/6kHFjOUvzmLz/8d+y/NSe2CTV2ojs37lHQ
SZMrYsPgXpM9rvXAmc2iyI2c7PHCWLy1QEyB7RWXF9Je9Ip8cZYT0pR4RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9xgSljYaERh08eNu/AfdE8s6kZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTDNHQktXTmhvUkdIVHg0Mjc4QjkwVHl6cVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHytMA0G
CSqGSIb3DQEBCwUAA4IBAQBpfVlmXtf2CU7rgOVkiK8HfLP3scdMxlQX3BIommj4
Ddug8VQ+oPy61Xi1A8gYHLfdtYajOg3n1wIFlUtHPnggr6OU0l6E7iw6km8DNa+R
hCl5LwfTcnaJNnOo3W23yosj21fKvyV2H2WIfgEmpfrWjNtLgPDC2wHl96xdQnPc
jtJ/069OoaLyrVgLF829HH9y9phN8GQqop6FvmvbS+I59FSAL1+AAIit+TaGTfC/
yU/KfKET+z25jIB3hiMuVj19C87sDiuQlq6ZG4IrC9I+fhsCEJqS3hbMN6RDGFrv
UJA6i4od9yHR2AqxcxGfNdFQSVhIFjPjCGRNig9Rg6cC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org