Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/o-GiJqR5fdc9IiO0TgJOezcxA2c.roa
File:                     o-GiJqR5fdc9IiO0TgJOezcxA2c.roa (raw, json)
Hash identifier:          7rIfgtkoOir2yqYfXWx16V8sEkrI1ZP2JzJrv459+FI=
Subject key identifier:   A3:E1:A2:26:A4:79:7D:D7:3D:22:23:B4:4E:02:4E:7B:37:31:03:67
Certificate issuer:       /CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
Certificate serial:       01873772F9BD81E93264F6C57BD6D03027F2
Authority key identifier: AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/o-GiJqR5fdc9IiO0TgJOezcxA2c.roa
Signing time:             Fri 31 Mar 2023 11:34:54 +0000
ROA not before:           Fri 31 Mar 2023 11:34:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58075
IP address blocks:        185.187.100.0/22 maxlen: 24
                          2a0a:47c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:37:72:f9:bd:81:e9:32:64:f6:c5:7b:d6:d0:30:27:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
        Validity
            Not Before: Mar 31 11:34:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3e1a226a4797dd73d2223b44e024e7b37310367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:a0:37:ab:6f:3b:fc:30:15:02:48:27:45:b6:
                    db:18:1b:5e:ec:16:c0:4b:ee:85:fd:b6:30:55:39:
                    fa:7b:a0:ad:3d:d3:b0:e8:f3:84:48:0f:f1:8a:f0:
                    bb:19:7d:74:fb:89:20:7b:50:01:e3:b2:13:9c:1c:
                    fb:75:ff:17:aa:b6:5d:0b:aa:c3:0d:5e:33:7b:19:
                    8b:b7:90:7e:8e:48:61:a5:5b:39:57:e3:ce:e1:f5:
                    b6:df:dd:81:b8:2c:bb:f4:3e:ea:1c:61:ce:28:2b:
                    08:d2:37:4c:ad:d2:b8:e5:9f:cc:4d:63:e5:ea:79:
                    09:2e:ec:3d:b2:c4:f1:c4:05:16:08:fb:16:d2:6a:
                    98:31:3d:76:66:e4:1e:b5:28:20:24:d3:bf:cf:35:
                    53:f5:d8:f2:30:a6:bd:0b:52:e3:98:7d:2a:6d:46:
                    e0:29:1c:3c:c3:96:ef:59:b7:d6:6d:62:1f:22:c4:
                    ff:2f:14:74:65:0b:5b:5a:d8:c8:7a:7c:bb:3d:a7:
                    fb:b9:ad:25:15:a4:3b:6e:63:ed:7d:00:43:a2:45:
                    65:ec:c7:e2:28:a1:45:56:31:72:e4:f5:ca:9d:d4:
                    46:b0:99:07:d3:bb:dd:40:36:7c:24:3e:ab:8d:cf:
                    ab:87:57:45:1c:fc:f5:32:9f:f9:9e:6c:18:83:b4:
                    b7:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:E1:A2:26:A4:79:7D:D7:3D:22:23:B4:4E:02:4E:7B:37:31:03:67
            X509v3 Authority Key Identifier:
                keyid:AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/o-GiJqR5fdc9IiO0TgJOezcxA2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/q5-ExqSNXG3-ZBSYc7FI0RILAJs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.187.100.0/22
                IPv6:
                  2a0a:47c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         48:b3:d4:6d:44:97:7b:79:06:11:e8:7d:0f:4e:ed:15:0a:66:
         87:54:33:88:4e:a4:a9:24:65:74:e6:bd:aa:85:59:9b:43:2c:
         66:13:f5:87:71:9c:be:23:c1:bc:bc:1f:e9:9c:d5:c1:c2:fa:
         d0:0a:4d:47:d8:de:b8:29:6f:df:eb:c7:ad:d6:1d:76:6b:8c:
         8c:ff:ca:4f:be:c7:a9:69:94:35:13:99:1c:54:b4:68:3d:eb:
         3f:8b:87:a7:5f:2e:1b:dc:bd:a7:0e:59:a4:03:5a:fd:2c:52:
         ec:73:84:bd:51:e3:f4:87:a4:8e:27:ee:b2:9f:22:70:bb:52:
         63:e6:5c:b0:34:b2:1a:02:f2:7e:0a:e2:82:aa:77:f2:cb:fb:
         9a:91:f1:58:ca:58:56:db:49:03:ed:ed:a9:c4:de:de:26:a0:
         c1:12:28:0c:66:f1:9c:64:ec:a0:6d:63:ac:c7:da:cf:b5:57:
         39:bf:0a:03:05:69:65:ba:11:d9:03:8f:41:f4:b0:38:56:7f:
         d9:aa:a1:d2:20:bd:bf:94:bd:17:9a:c3:90:05:21:c1:f3:d4:
         f2:e8:b6:f4:ce:0e:b9:e5:67:ba:56:e0:b5:26:67:b5:ee:3f:
         88:aa:2a:d1:85:4a:54:65:a5:f0:1c:c3:56:37:9c:22:c2:fc:
         7f:86:60:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYc3cvm9gekyZPbFe9bQMCfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWY4NGM2YTQ4ZDVjNmRmZTY0MTQ5ODczYjE0OGQxMTIw
YjAwOWIwHhcNMjMwMzMxMTEzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UxYTIyNmE0Nzk3ZGQ3M2QyMjIzYjQ0ZTAyNGU3YjM3MzEwMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaA3q287/DAVAkgnRbbbGBte7BbA
S+6F/bYwVTn6e6CtPdOw6POESA/xivC7GX10+4kge1AB47ITnBz7df8XqrZdC6rD
DV4zexmLt5B+jkhhpVs5V+PO4fW2392BuCy79D7qHGHOKCsI0jdMrdK45Z/MTWPl
6nkJLuw9ssTxxAUWCPsW0mqYMT12ZuQetSggJNO/zzVT9djyMKa9C1LjmH0qbUbg
KRw8w5bvWbfWbWIfIsT/LxR0ZQtbWtjIeny7Paf7ua0lFaQ7bmPtfQBDokVl7Mfi
KKFFVjFy5PXKndRGsJkH07vdQDZ8JD6rjc+rh1dFHPz1Mp/5nmwYg7S3kwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKPhoiakeX3XPSIjtE4CTns3MQNnMB8GA1UdIwQY
MBaAFKufhMakjVxt/mQUmHOxSNESCwCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODkt
MjEzZDY0YmVmZjcxLzEvby1HaUpxUjVmZGM5SWlPMFRnSk9lemN4QTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODktMjEzZDY0YmVmZjcx
LzEvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubtkMA0E
AgACMAcDBQMqCkfAMA0GCSqGSIb3DQEBCwUAA4IBAQBIs9RtRJd7eQYR6H0PTu0V
CmaHVDOITqSpJGV05r2qhVmbQyxmE/WHcZy+I8G8vB/pnNXBwvrQCk1H2N64KW/f
68et1h12a4yM/8pPvsepaZQ1E5kcVLRoPes/i4enXy4b3L2nDlmkA1r9LFLsc4S9
UeP0h6SOJ+6ynyJwu1Jj5lywNLIaAvJ+CuKCqnfyy/uakfFYylhW20kD7e2pxN7e
JqDBEigMZvGcZOygbWOsx9rPtVc5vwoDBWlluhHZA49B9LA4Vn/ZqqHSIL2/lL0X
msOQBSHB89Ty6Lb0zg655We6VuC1Jme17j+IqirRhUpUZaXwHMNWN5wiwvx/hmD+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:35 2024 by rpki-client on console-fra.rpki-client.org