Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa
File:                     G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa (raw, json)
Hash identifier:          QEMnGVIj+y+FzmLMeuTco7fGZ4nZj9rg5eF9zV81q5Q=
Subject key identifier:   1B:BB:E7:22:DC:D8:91:3D:5A:31:66:06:A4:C7:EC:BD:3D:CF:B7:29
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FE17C5EA3BAAD11464645A11C6A46
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa
Signing time:             Mon 02 Jan 2023 17:38:07 +0000
ROA not before:           Mon 02 Jan 2023 17:38:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30823
IP address blocks:        78.108.216.0/24 maxlen: 24
                          85.202.163.0/24 maxlen: 24
                          185.234.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:e1:7c:5e:a3:ba:ad:11:46:46:45:a1:1c:6a:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1bbbe722dcd8913d5a316606a4c7ecbd3dcfb729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e0:17:72:9e:99:22:4b:cc:3d:fd:4a:f9:28:
                    75:50:d3:a8:cf:11:e0:c0:9e:e6:d7:8f:21:d2:09:
                    77:b1:30:08:d0:c5:ce:8a:5a:68:dd:b8:b5:3e:7c:
                    78:87:58:7d:e3:a2:8e:ed:a7:e8:2e:c9:5f:86:e2:
                    d1:87:1c:79:b0:ab:85:bd:46:20:de:4e:58:fc:42:
                    ef:36:47:0e:5d:76:21:b6:a7:06:d6:5d:79:e9:33:
                    6e:d8:6f:c4:90:04:81:db:88:4a:78:30:a7:25:63:
                    66:7a:b4:9e:b3:87:14:0b:29:57:e5:95:48:c1:22:
                    ed:0e:bf:f7:c1:d1:7a:81:bf:54:b0:dc:ab:ac:a7:
                    7b:88:fc:b1:89:99:f9:97:2e:33:e0:09:cf:19:08:
                    98:c0:38:0e:a3:70:e4:0f:82:a6:86:97:d8:29:df:
                    52:c6:50:f4:de:f9:fe:eb:19:c5:3d:cb:9d:59:ec:
                    43:57:9e:16:51:ca:d4:a0:60:a8:7b:14:fe:61:49:
                    49:ad:79:ab:8b:67:a4:ff:e0:41:17:80:a7:fa:67:
                    41:32:50:14:c5:82:18:0c:66:3b:5a:77:39:aa:44:
                    27:7e:87:91:11:27:72:88:e4:a1:07:a7:0a:f9:15:
                    f1:39:39:12:d9:07:19:e1:a4:ef:5d:fe:97:ad:da:
                    8a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:BB:E7:22:DC:D8:91:3D:5A:31:66:06:A4:C7:EC:BD:3D:CF:B7:29
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.108.216.0/24
                  85.202.163.0/24
                  185.234.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:59:8f:6b:93:b5:2e:bb:6a:49:b9:dc:06:4d:65:2b:42:af:
         89:d0:55:bb:0c:30:57:a7:81:c2:e7:ab:84:0d:b3:b5:74:ff:
         b0:0c:b6:6c:8b:3f:29:1d:8d:2b:68:1f:1c:0f:8c:35:0a:d5:
         3f:07:f3:eb:91:3e:26:18:da:7d:ce:cd:0f:75:d8:e0:42:83:
         78:d9:bd:19:cf:03:dd:92:13:99:6d:ae:b5:5e:c3:67:b1:26:
         56:81:81:cd:d8:bd:ea:c8:12:c9:10:d5:21:06:32:97:33:ad:
         13:96:d3:48:21:ce:fa:cc:19:52:51:48:05:17:58:58:fc:de:
         e9:1b:19:ab:70:a2:67:f9:31:dd:da:5c:53:f7:2d:24:4b:dd:
         dd:3f:5c:bd:7e:7f:5c:d7:ce:85:e8:86:32:85:8c:a1:45:15:
         7b:57:67:84:cd:cc:05:74:84:9c:a0:a4:e5:9e:90:42:7d:79:
         d0:83:ae:03:cc:bd:79:8a:43:88:79:5c:e3:b5:e8:64:da:a3:
         f9:bc:97:5f:dc:67:b3:a9:65:41:ed:a9:6c:1d:b6:d4:53:20:
         6d:79:cf:23:bd:59:e6:48:1c:7b:0b:d9:4f:6e:44:85:f2:f8:
         45:f9:a0:e7:35:b4:ae:81:25:1c:8c:08:91:1f:29:83:a6:71:
         c8:8d:08:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzj+F8XqO6rRFGRkWhHGpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJiZTcyMmRjZDg5MTNkNWEzMTY2MDZhNGM3ZWNiZDNkY2ZiNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOAXcp6ZIkvMPf1K+Sh1UNOozxHg
wJ7m148h0gl3sTAI0MXOilpo3bi1Pnx4h1h946KO7afoLslfhuLRhxx5sKuFvUYg
3k5Y/ELvNkcOXXYhtqcG1l156TNu2G/EkASB24hKeDCnJWNmerSes4cUCylX5ZVI
wSLtDr/3wdF6gb9UsNyrrKd7iPyxiZn5ly4z4AnPGQiYwDgOo3DkD4KmhpfYKd9S
xlD03vn+6xnFPcudWexDV54WUcrUoGCoexT+YUlJrXmri2ek/+BBF4Cn+mdBMlAU
xYIYDGY7Wnc5qkQnfoeRESdyiOShB6cK+RXxOTkS2QcZ4aTvXf6XrdqKFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBu75yLc2JE9WjFmBqTH7L09z7cpMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRzd2bkl0ellrVDFhTVdZR3BNZnN2VDNQdHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATmzYAwQA
VcqjAwQAuepIMA0GCSqGSIb3DQEBCwUAA4IBAQCvWY9rk7Uuu2pJudwGTWUrQq+J
0FW7DDBXp4HC56uEDbO1dP+wDLZsiz8pHY0raB8cD4w1CtU/B/PrkT4mGNp9zs0P
ddjgQoN42b0ZzwPdkhOZba61XsNnsSZWgYHN2L3qyBLJENUhBjKXM60TltNIIc76
zBlSUUgFF1hY/N7pGxmrcKJn+THd2lxT9y0kS93dP1y9fn9c186F6IYyhYyhRRV7
V2eEzcwFdIScoKTlnpBCfXnQg64DzL15ikOIeVzjtehk2qP5vJdf3GezqWVB7als
HbbUUyBtec8jvVnmSBx7C9lPbkSF8vhF+aDnNbSugSUcjAiRHymDpnHIjQhX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org