Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/65f0c1-fe9d-4b09-b528-5db030c1f14b/1/D7dGku23b7jQt76mbAzXwp0gSAs.roa
File:                     D7dGku23b7jQt76mbAzXwp0gSAs.roa (raw, json)
Hash identifier:          EBBeXXu37xCcDGDH3+HhHJGVGhryApggiNG0v6htuEo=
Subject key identifier:   0F:B7:46:92:ED:B7:6F:B8:D0:B7:BE:A6:6C:0C:D7:C2:9D:20:48:0B
Certificate issuer:       /CN=3f5a6d97fc7878429404578e5cc0cc652fe4b4d4
Certificate serial:       01857082C2163B92421E2D037B8DF989BA08
Authority key identifier: 3F:5A:6D:97:FC:78:78:42:94:04:57:8E:5C:C0:CC:65:2F:E4:B4:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P1ptl_x4eEKUBFeOXMDMZS_ktNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/65f0c1-fe9d-4b09-b528-5db030c1f14b/1/D7dGku23b7jQt76mbAzXwp0gSAs.roa
Signing time:             Mon 02 Jan 2023 03:24:55 +0000
ROA not before:           Mon 02 Jan 2023 03:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207533
IP address blocks:        212.6.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:82:c2:16:3b:92:42:1e:2d:03:7b:8d:f9:89:ba:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f5a6d97fc7878429404578e5cc0cc652fe4b4d4
        Validity
            Not Before: Jan  2 03:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fb74692edb76fb8d0b7bea66c0cd7c29d20480b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f8:9a:ba:75:14:12:76:15:d5:9c:32:a0:8d:
                    e6:1b:2c:51:42:fc:f0:23:a4:ed:b2:f7:f6:89:de:
                    ef:61:8f:7d:7f:26:be:38:a2:37:68:eb:3f:7b:94:
                    a4:b3:60:74:0b:32:ca:2c:05:9b:26:b6:eb:c5:55:
                    f4:a3:b4:cc:08:2a:3b:b6:6c:0e:91:3f:0c:3c:48:
                    90:49:05:74:df:ba:9a:d3:d0:a7:1c:28:80:af:bc:
                    96:43:ba:80:bf:ab:f8:aa:4d:57:c0:c9:01:1e:ae:
                    60:59:a7:9e:bc:f4:8d:37:5a:cf:9d:e3:08:32:73:
                    be:8e:4f:1d:9d:68:1d:13:d0:1c:e8:7e:e5:6e:5f:
                    9a:97:c5:a2:74:5b:94:91:2e:61:76:b9:14:3c:ba:
                    c1:aa:e6:d7:2e:91:a8:d3:3e:7b:62:ca:f5:ed:72:
                    76:14:42:2c:17:b9:5a:e3:54:af:9b:5e:f5:e3:18:
                    07:fb:26:0c:d2:46:95:ab:46:27:bb:4f:f9:6f:69:
                    8a:48:67:d1:ec:18:c3:6b:57:1a:3d:bf:09:1e:21:
                    9a:09:b2:3a:3e:7a:31:f6:4f:12:83:e3:7d:45:4a:
                    c8:4f:d2:99:79:24:62:bb:6c:83:c6:75:b0:a3:7d:
                    8d:d1:c6:2f:89:de:53:e8:81:a1:b2:c7:25:cf:64:
                    13:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:B7:46:92:ED:B7:6F:B8:D0:B7:BE:A6:6C:0C:D7:C2:9D:20:48:0B
            X509v3 Authority Key Identifier:
                keyid:3F:5A:6D:97:FC:78:78:42:94:04:57:8E:5C:C0:CC:65:2F:E4:B4:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1ptl_x4eEKUBFeOXMDMZS_ktNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/65f0c1-fe9d-4b09-b528-5db030c1f14b/1/D7dGku23b7jQt76mbAzXwp0gSAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/65f0c1-fe9d-4b09-b528-5db030c1f14b/1/P1ptl_x4eEKUBFeOXMDMZS_ktNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.6.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:20:19:17:c1:ad:46:7d:6c:7c:a2:cb:29:56:2e:5f:c9:88:
         ca:4e:c3:f6:b6:c2:d2:b2:f0:4e:62:9c:7c:80:f6:f0:6b:37:
         4e:da:e2:1d:dd:f8:90:38:27:28:c8:3f:65:6a:ba:ed:f3:f7:
         4c:46:20:06:83:29:a9:a4:2e:4f:c4:1c:0e:2a:45:ee:f9:e8:
         b2:49:6b:45:87:55:5a:64:f8:b4:87:20:f5:a3:f2:09:ed:6c:
         06:01:67:af:12:f1:98:dd:43:07:80:6b:3d:da:85:a3:1a:ac:
         fa:9c:d9:02:55:34:b8:ea:d5:ac:8b:76:b9:a0:4d:22:8d:43:
         06:8b:e7:88:aa:33:2b:90:32:28:24:53:fb:4e:4e:0f:cd:89:
         dd:f6:10:48:22:e5:b2:24:04:8c:af:62:e9:cd:bf:70:52:04:
         e3:50:21:fc:41:ed:20:03:d0:c8:59:5b:40:26:d6:34:15:f9:
         8c:e6:8d:e1:58:1c:04:80:ec:1d:10:a3:43:d7:05:af:b6:28:
         f7:f5:e7:03:e7:b4:bc:80:1a:f3:fe:f9:0c:2f:39:96:16:31:
         d4:1f:4a:80:bc:27:de:9c:f6:e4:e9:58:c6:2a:5b:8f:b7:51:
         dc:32:79:56:3f:b5:4b:4c:af:9b:ef:89:ab:77:e7:2a:52:04:
         59:34:b0:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgsIWO5JCHi0De435iboIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNWE2ZDk3ZmM3ODc4NDI5NDA0NTc4ZTVjYzBjYzY1MmZl
NGI0ZDQwHhcNMjMwMTAyMDMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmI3NDY5MmVkYjc2ZmI4ZDBiN2JlYTY2YzBjZDdjMjlkMjA0ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPiaunUUEnYV1ZwyoI3mGyxRQvzw
I6Ttsvf2id7vYY99fya+OKI3aOs/e5Sks2B0CzLKLAWbJrbrxVX0o7TMCCo7tmwO
kT8MPEiQSQV037qa09CnHCiAr7yWQ7qAv6v4qk1XwMkBHq5gWaeevPSNN1rPneMI
MnO+jk8dnWgdE9Ac6H7lbl+al8WidFuUkS5hdrkUPLrBqubXLpGo0z57Ysr17XJ2
FEIsF7la41Svm1714xgH+yYM0kaVq0Ynu0/5b2mKSGfR7BjDa1caPb8JHiGaCbI6
Pnox9k8Sg+N9RUrIT9KZeSRiu2yDxnWwo32N0cYvid5T6IGhssclz2QTMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+3RpLtt2+40Le+pmwM18KdIEgLMB8GA1UdIwQY
MBaAFD9abZf8eHhClARXjlzAzGUv5LTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDFwdGxfeDRlRUtVQkZlT1hNRE1aU19rdE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82NWYwYzEtZmU5ZC00YjA5LWI1Mjgt
NWRiMDMwYzFmMTRiLzEvRDdkR2t1MjNiN2pRdDc2bWJBelh3cDBnU0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82NWYwYzEtZmU5ZC00YjA5LWI1MjgtNWRiMDMwYzFmMTRi
LzEvUDFwdGxfeDRlRUtVQkZlT1hNRE1aU19rdE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AYiMA0G
CSqGSIb3DQEBCwUAA4IBAQBqIBkXwa1GfWx8osspVi5fyYjKTsP2tsLSsvBOYpx8
gPbwazdO2uId3fiQOCcoyD9larrt8/dMRiAGgymppC5PxBwOKkXu+eiySWtFh1Va
ZPi0hyD1o/IJ7WwGAWevEvGY3UMHgGs92oWjGqz6nNkCVTS46tWsi3a5oE0ijUMG
i+eIqjMrkDIoJFP7Tk4PzYnd9hBIIuWyJASMr2Lpzb9wUgTjUCH8Qe0gA9DIWVtA
JtY0FfmM5o3hWBwEgOwdEKND1wWvtij39ecD57S8gBrz/vkMLzmWFjHUH0qAvCfe
nPbk6VjGKluPt1HcMnlWP7VLTK+b74mrd+cqUgRZNLDP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:10 2024 by rpki-client on console-ams.rpki-client.org