Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/grnoOSns4KNlPZZWo1zUyLmMfqY.roa
File:                     grnoOSns4KNlPZZWo1zUyLmMfqY.roa (raw, json)
Hash identifier:          CH86X9Uv/9Pq6LPL2DqSpvyiLGLb7nLEy+EwzDXlFWQ=
Subject key identifier:   82:B9:E8:39:29:EC:E0:A3:65:3D:96:56:A3:5C:D4:C8:B9:8C:7E:A6
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018A83A960F5C36B4D92BE1C8E76AD20A64C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/grnoOSns4KNlPZZWo1zUyLmMfqY.roa
Signing time:             Mon 11 Sep 2023 09:53:50 +0000
ROA not before:           Mon 11 Sep 2023 09:53:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        217.156.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 06:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:83:a9:60:f5:c3:6b:4d:92:be:1c:8e:76:ad:20:a6:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Sep 11 09:53:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82b9e83929ece0a3653d9656a35cd4c8b98c7ea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:51:e1:46:7f:13:01:e8:c8:5c:c0:f6:9f:aa:
                    1f:3c:0b:cb:51:f6:df:9d:bf:c6:aa:e4:90:ef:9d:
                    3c:24:f7:f3:25:e0:28:9d:27:5e:53:e7:04:9d:1f:
                    25:c6:90:da:a8:c5:97:21:fd:71:30:55:25:24:b0:
                    8c:07:a5:95:f7:c6:67:a3:fb:49:40:7c:27:35:44:
                    4c:f2:2c:9f:09:3a:74:70:f6:50:75:20:18:61:31:
                    94:1a:f4:c1:a4:9c:89:fe:d5:12:8f:3a:64:6d:af:
                    67:54:e6:b0:49:d8:12:2d:e5:e8:07:20:67:ea:67:
                    87:13:ef:6e:8f:c9:3c:79:24:94:45:22:34:86:ce:
                    56:87:2f:3d:0d:96:09:a7:eb:df:41:23:a9:60:73:
                    a1:e0:ab:89:1a:de:e4:f4:ba:9f:10:bd:93:a1:9c:
                    40:af:76:40:88:8e:9f:93:90:59:3f:dc:1c:59:a6:
                    e9:7f:64:ab:82:bd:68:9e:31:ec:a3:35:78:4e:56:
                    fc:0f:7e:31:b8:e8:68:eb:77:ef:c5:66:23:2a:bc:
                    2b:7b:77:87:a0:f5:d6:e6:de:d2:e0:b1:0c:1e:8c:
                    71:31:23:eb:55:22:14:1c:6b:74:ad:37:44:cd:f1:
                    24:2f:94:94:9a:63:4f:d2:35:d7:3b:84:35:78:0e:
                    09:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:B9:E8:39:29:EC:E0:A3:65:3D:96:56:A3:5C:D4:C8:B9:8C:7E:A6
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/grnoOSns4KNlPZZWo1zUyLmMfqY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.156.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:a6:21:8b:b6:1a:d6:1c:e7:eb:20:e1:ab:52:07:b2:7a:a5:
         54:00:8a:78:78:8b:14:b7:7d:c5:11:d1:d5:bf:c3:89:0f:f3:
         94:ee:6f:89:e4:40:4f:65:32:44:02:a0:d8:dc:cd:7d:e2:ab:
         25:ec:e3:85:ef:43:96:fb:89:29:77:e8:1d:64:11:16:f7:72:
         e2:d8:ef:11:f8:c1:8c:68:22:45:ff:27:cf:2c:b9:49:57:4d:
         82:d8:85:b4:05:a7:51:8f:7f:03:11:0d:f0:d5:d9:93:46:40:
         c5:5e:66:52:d1:d1:18:9f:ae:f4:89:2f:cf:e9:a1:ec:0c:c4:
         18:06:7a:b4:a4:2e:98:60:3d:db:45:d8:62:a2:df:02:dc:cf:
         92:ce:c0:09:10:a5:fc:fa:6b:f7:8a:3c:a9:5e:0a:ba:d7:d2:
         bc:64:71:37:51:40:d1:0d:e4:66:47:75:a8:7d:5f:00:f5:ce:
         c2:9d:88:97:b1:9e:f8:b1:d7:66:22:b8:28:f4:22:f8:f5:4b:
         b3:eb:62:02:e4:7e:0e:f3:05:91:97:41:8c:f6:78:0f:84:b4:
         71:a5:a1:30:8c:47:6a:d3:11:73:52:80:cd:0e:23:c0:e7:5b:
         b4:d5:57:96:0b:ba:5d:78:ae:e3:d5:5a:01:94:08:50:57:4b:
         8a:5c:27:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqDqWD1w2tNkr4cjnatIKZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwOTExMDk1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI5ZTgzOTI5ZWNlMGEzNjUzZDk2NTZhMzVjZDRjOGI5OGM3ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1HhRn8TAejIXMD2n6ofPAvLUfbf
nb/GquSQ7508JPfzJeAonSdeU+cEnR8lxpDaqMWXIf1xMFUlJLCMB6WV98Zno/tJ
QHwnNURM8iyfCTp0cPZQdSAYYTGUGvTBpJyJ/tUSjzpkba9nVOawSdgSLeXoByBn
6meHE+9uj8k8eSSURSI0hs5Why89DZYJp+vfQSOpYHOh4KuJGt7k9LqfEL2ToZxA
r3ZAiI6fk5BZP9wcWabpf2Srgr1onjHsozV4Tlb8D34xuOho63fvxWYjKrwre3eH
oPXW5t7S4LEMHoxxMSPrVSIUHGt0rTdEzfEkL5SUmmNP0jXXO4Q1eA4J/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK56Dkp7OCjZT2WVqNc1Mi5jH6mMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZ3Jub09TbnM0S05sUFpaV28xelV5TG1NZnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZxgMA0G
CSqGSIb3DQEBCwUAA4IBAQBppiGLthrWHOfrIOGrUgeyeqVUAIp4eIsUt33FEdHV
v8OJD/OU7m+J5EBPZTJEAqDY3M194qsl7OOF70OW+4kpd+gdZBEW93Li2O8R+MGM
aCJF/yfPLLlJV02C2IW0BadRj38DEQ3w1dmTRkDFXmZS0dEYn670iS/P6aHsDMQY
Bnq0pC6YYD3bRdhiot8C3M+SzsAJEKX8+mv3ijypXgq619K8ZHE3UUDRDeRmR3Wo
fV8A9c7CnYiXsZ74sddmIrgo9CL49Uuz62IC5H4O8wWRl0GM9ngPhLRxpaEwjEdq
0xFzUoDNDiPA51u01VeWC7pdeK7j1VoBlAhQV0uKXCfF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org