Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gGKa9sjXkJQcAtlkZWBftF-fvA4.roa
File:                     gGKa9sjXkJQcAtlkZWBftF-fvA4.roa (raw, json)
Hash identifier:          BtDp3EqoR83p51YYUeBo91T3lBozTnPdHHwyjL/EJkU=
Subject key identifier:   80:62:9A:F6:C8:D7:90:94:1C:02:D9:64:65:60:5F:B4:5F:9F:BC:0E
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       01857390019705D0D214A0FEBE2EFB8CDAF6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gGKa9sjXkJQcAtlkZWBftF-fvA4.roa
Signing time:             Mon 02 Jan 2023 17:38:15 +0000
ROA not before:           Mon 02 Jan 2023 17:38:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207649
IP address blocks:        2a0b:b87:ffb6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:01:97:05:d0:d2:14:a0:fe:be:2e:fb:8c:da:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80629af6c8d790941c02d96465605fb45f9fbc0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:d3:47:c9:2e:b7:de:8e:42:55:6d:ac:68:b7:
                    82:26:4b:30:19:a6:b3:84:3c:5c:d6:0d:15:ce:e8:
                    d9:3e:d3:e8:c5:c5:cf:7e:54:bd:db:72:75:1d:7c:
                    5c:cf:6a:95:67:b9:2e:83:93:80:9a:ed:08:19:39:
                    39:41:80:dd:48:1c:09:40:20:c8:75:e5:53:6c:9d:
                    cc:c5:f1:3e:37:f9:2e:c9:8e:ab:36:6b:50:09:ae:
                    c0:00:6d:06:d2:e1:29:a3:9f:e2:fd:92:9a:cb:e5:
                    ab:f0:ab:d7:65:5c:36:c4:51:53:4f:d1:16:30:65:
                    d0:b9:84:37:9c:79:00:69:19:7f:dc:d2:bd:40:ef:
                    87:4c:e0:16:d7:0d:3f:96:d4:aa:d2:69:5f:ff:2c:
                    95:81:fa:31:dd:05:7e:a9:69:c1:49:e8:7d:87:ef:
                    3f:01:65:a0:b6:d1:a7:38:41:de:fd:9c:a4:c2:84:
                    45:6e:4e:0a:35:a7:35:c7:f3:e4:f8:53:04:17:f7:
                    76:fe:aa:e2:77:d0:be:05:d0:09:06:a7:28:c7:9e:
                    b4:9e:e4:79:8c:80:26:39:d7:74:a4:7f:61:21:9d:
                    b4:38:25:c2:1c:d0:5a:de:78:fd:ab:6c:03:9a:50:
                    f2:59:c2:3f:3d:87:c2:cd:0f:63:c4:ca:00:5d:9c:
                    0f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:62:9A:F6:C8:D7:90:94:1C:02:D9:64:65:60:5F:B4:5F:9F:BC:0E
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gGKa9sjXkJQcAtlkZWBftF-fvA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffb6::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:f9:ca:6a:34:75:8f:4d:fa:5d:3c:37:06:61:8c:bf:ed:a7:
         2f:72:a0:27:71:8c:e0:d2:56:a1:30:10:c5:da:93:99:0b:85:
         d4:35:a3:71:40:45:89:bf:00:1a:0d:7b:57:23:00:cb:99:0a:
         0b:16:90:15:31:eb:a7:1c:e1:7f:d6:e9:0a:64:d0:0b:d2:91:
         6f:cb:7b:08:90:8f:44:b1:58:fb:33:61:0c:6f:d8:8c:d4:40:
         1d:9f:ab:1e:38:43:bf:67:a8:bd:66:f8:2b:bd:1d:a2:51:5f:
         6b:89:a8:3e:7b:3b:25:36:05:ef:ff:af:f2:07:9b:4c:db:83:
         da:ed:80:a2:65:19:69:d9:e2:7b:5d:43:36:a2:5b:4c:9b:4d:
         dc:3c:3d:89:01:8a:ba:04:15:9f:ec:a4:9e:c7:80:79:be:37:
         84:ab:bb:a3:fc:0d:a9:e8:a0:39:b3:1a:8b:59:ba:69:af:eb:
         b0:10:1c:18:e1:ac:05:53:16:b8:c9:a2:83:bf:a6:79:b0:0e:
         62:20:d0:b9:0d:ed:31:53:2a:c2:24:23:ba:c5:3e:ba:b9:f3:
         f9:b9:2d:63:d4:54:9e:df:d4:e9:f9:43:39:6c:66:a8:ec:51:
         2d:c7:88:93:ba:a3:a1:e2:db:b5:39:f6:a6:93:77:15:37:8b:
         1c:4f:e7:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkAGXBdDSFKD+vi77jNr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDYyOWFmNmM4ZDc5MDk0MWMwMmQ5NjQ2NTYwNWZiNDVmOWZiYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19NHyS633o5CVW2saLeCJkswGaaz
hDxc1g0VzujZPtPoxcXPflS923J1HXxcz2qVZ7kug5OAmu0IGTk5QYDdSBwJQCDI
deVTbJ3MxfE+N/kuyY6rNmtQCa7AAG0G0uEpo5/i/ZKay+Wr8KvXZVw2xFFTT9EW
MGXQuYQ3nHkAaRl/3NK9QO+HTOAW1w0/ltSq0mlf/yyVgfox3QV+qWnBSeh9h+8/
AWWgttGnOEHe/ZykwoRFbk4KNac1x/Pk+FMEF/d2/qrid9C+BdAJBqcox560nuR5
jIAmOdd0pH9hIZ20OCXCHNBa3nj9q2wDmlDyWcI/PYfCzQ9jxMoAXZwPKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIBimvbI15CUHALZZGVgX7Rfn7wOMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZ0dLYTlzalhrSlFjQXRsa1pXQmZ0Ri1mdkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+2
MA0GCSqGSIb3DQEBCwUAA4IBAQAf+cpqNHWPTfpdPDcGYYy/7acvcqAncYzg0lah
MBDF2pOZC4XUNaNxQEWJvwAaDXtXIwDLmQoLFpAVMeunHOF/1ukKZNAL0pFvy3sI
kI9EsVj7M2EMb9iM1EAdn6seOEO/Z6i9ZvgrvR2iUV9riag+ezslNgXv/6/yB5tM
24Pa7YCiZRlp2eJ7XUM2oltMm03cPD2JAYq6BBWf7KSex4B5vjeEq7uj/A2p6KA5
sxqLWbppr+uwEBwY4awFUxa4yaKDv6Z5sA5iINC5De0xUyrCJCO6xT66ufP5uS1j
1FSe39Tp+UM5bGao7FEtx4iTuqOh4tu1Ofamk3cVN4scT+df
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org