Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/gZYDWLzuwWjCvutYr-vCDCgImJs.roa
File:                     gZYDWLzuwWjCvutYr-vCDCgImJs.roa (raw, json)
Hash identifier:          m/fs/lu9zv3/wkOhBxFEYpoD3nF2YkLi5uH6DQo6mJA=
Subject key identifier:   81:96:03:58:BC:EE:C1:68:C2:BE:EB:58:AF:EB:C2:0C:28:08:98:9B
Certificate issuer:       /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial:       018C63BC2F7B3BA9DBEC0448B3512922974D
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/gZYDWLzuwWjCvutYr-vCDCgImJs.roa
Signing time:             Wed 13 Dec 2023 15:12:06 +0000
ROA not before:           Wed 13 Dec 2023 15:12:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6762
IP address blocks:        212.24.113.0/24 maxlen: 24
                          185.252.211.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:63:bc:2f:7b:3b:a9:db:ec:04:48:b3:51:29:22:97:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
        Validity
            Not Before: Dec 13 15:12:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81960358bceec168c2beeb58afebc20c2808989b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:87:a5:a6:a3:9b:5b:6e:c9:93:a1:0a:f2:ae:
                    e8:60:ca:7e:a6:00:6b:52:50:e8:f9:8a:0e:a4:91:
                    90:d1:3f:0b:6b:14:80:f2:6c:9c:42:48:2d:a2:cf:
                    f3:f3:b3:73:ee:b4:d4:06:46:56:ba:0e:63:b9:a9:
                    51:09:73:dd:49:3d:fe:cc:7d:18:ed:02:2f:49:0f:
                    97:a9:bc:eb:df:94:38:27:b4:5d:ea:1d:cd:f6:e3:
                    aa:5f:c5:67:85:be:59:f0:93:81:7b:18:bb:06:19:
                    76:47:54:ca:43:4f:20:b7:f6:52:6f:35:9d:2c:c5:
                    fc:06:a3:51:6a:1c:92:b5:d8:78:e0:ad:e0:89:cd:
                    90:a5:0e:10:43:9a:16:58:8c:ee:0b:a6:15:25:48:
                    fe:37:05:23:b4:18:cd:2d:1e:19:48:e9:f1:8d:ef:
                    67:95:55:58:bb:a9:55:d8:4b:d5:4e:aa:b2:87:83:
                    85:85:90:f9:69:3b:b5:bd:12:f5:44:aa:49:9a:75:
                    b8:57:3d:db:0b:b2:47:d6:a4:fb:65:52:a1:88:4b:
                    56:9c:ca:93:09:e8:12:4d:b6:3e:9d:43:c7:ab:9f:
                    81:c1:63:9a:8c:dc:9f:fe:47:07:d8:a9:73:e4:e5:
                    9d:3b:21:86:75:eb:ed:3b:16:a5:99:82:eb:b1:1c:
                    81:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:96:03:58:BC:EE:C1:68:C2:BE:EB:58:AF:EB:C2:0C:28:08:98:9B
            X509v3 Authority Key Identifier:
                keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/gZYDWLzuwWjCvutYr-vCDCgImJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.252.211.0/24
                  212.24.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:89:8f:dc:7a:7e:3c:88:42:b6:cf:25:26:ff:8d:d3:ff:b1:
         be:26:b3:d7:d5:45:29:4f:33:94:5d:76:d4:d7:c8:e6:68:c7:
         0a:a8:15:bb:6f:63:b7:57:dc:6e:93:d7:c6:07:02:e5:a9:47:
         e7:3a:74:f1:d1:b3:d1:25:94:a0:0c:f0:68:33:48:46:95:b4:
         3f:e5:8a:74:63:b1:96:b3:ca:2a:2c:99:94:8b:cc:ed:03:09:
         e2:f2:b1:68:74:73:6a:db:98:ad:44:f0:d2:58:a0:04:84:01:
         ad:42:23:4f:3d:8e:1e:1d:c2:d9:bf:ed:4e:45:6a:d8:f1:f7:
         a4:d0:9f:0d:28:26:8a:e4:31:6f:2a:7f:69:33:ac:46:ae:72:
         3e:c1:e9:7a:0d:53:b4:6e:e8:46:db:63:c4:ce:1c:10:14:8b:
         da:5f:84:0b:19:a9:9c:74:f9:3c:7b:78:99:13:31:21:78:6d:
         20:e0:72:63:79:07:6b:e9:df:81:21:0a:4c:66:8d:2b:e4:2e:
         90:0c:f0:ef:79:b9:1b:2f:ef:f2:08:91:15:fe:f0:5d:59:b3:
         f6:92:45:1d:d6:06:1c:c9:52:5d:f9:1f:b9:39:10:c7:e2:a1:
         2f:ec:8c:49:5e:1c:33:5c:78:76:40:30:e5:5f:39:c2:f4:70:
         b9:ee:8c:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxjvC97O6nb7ARIs1EpIpdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjMxMjEzMTUxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTk2MDM1OGJjZWVjMTY4YzJiZWViNThhZmViYzIwYzI4MDg5ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYelpqObW27Jk6EK8q7oYMp+pgBr
UlDo+YoOpJGQ0T8LaxSA8mycQkgtos/z87Nz7rTUBkZWug5jualRCXPdST3+zH0Y
7QIvSQ+Xqbzr35Q4J7Rd6h3N9uOqX8Vnhb5Z8JOBexi7Bhl2R1TKQ08gt/ZSbzWd
LMX8BqNRahyStdh44K3gic2QpQ4QQ5oWWIzuC6YVJUj+NwUjtBjNLR4ZSOnxje9n
lVVYu6lV2EvVTqqyh4OFhZD5aTu1vRL1RKpJmnW4Vz3bC7JH1qT7ZVKhiEtWnMqT
CegSTbY+nUPHq5+BwWOajNyf/kcH2Klz5OWdOyGGdevtOxalmYLrsRyB6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGWA1i87sFowr7rWK/rwgwoCJibMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvZ1pZRFdMenV3V2pDdnV0WXItdkNEQ2dJbUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufzTAwQA
1BhxMA0GCSqGSIb3DQEBCwUAA4IBAQCWiY/cen48iEK2zyUm/43T/7G+JrPX1UUp
TzOUXXbU18jmaMcKqBW7b2O3V9xuk9fGBwLlqUfnOnTx0bPRJZSgDPBoM0hGlbQ/
5Yp0Y7GWs8oqLJmUi8ztAwni8rFodHNq25itRPDSWKAEhAGtQiNPPY4eHcLZv+1O
RWrY8fek0J8NKCaK5DFvKn9pM6xGrnI+wel6DVO0buhG22PEzhwQFIvaX4QLGamc
dPk8e3iZEzEheG0g4HJjeQdr6d+BIQpMZo0r5C6QDPDvebkbL+/yCJEV/vBdWbP2
kkUd1gYcyVJd+R+5ORDH4qEv7IxJXhwzXHh2QDDlXznC9HC57oyo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:24 2024 by rpki-client on console-ams.rpki-client.org