Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gbgPoq84PDK8h7FZL2cbAshe3yY.roa
File:                     gbgPoq84PDK8h7FZL2cbAshe3yY.roa (raw, json)
Hash identifier:          W6OxN97VqemqCtJkQuW+YYW+QQke+eBhW4zcdjh9jEI=
Subject key identifier:   81:B8:0F:A2:AF:38:3C:32:BC:87:B1:59:2F:67:1B:02:C8:5E:DF:26
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185739010CF9A93F3A186E0FBC4919E93DB
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gbgPoq84PDK8h7FZL2cbAshe3yY.roa
Signing time:             Mon 02 Jan 2023 17:38:19 +0000
ROA not before:           Mon 02 Jan 2023 17:38:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212450
IP address blocks:        2a0b:b87:ffa5::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:10:cf:9a:93:f3:a1:86:e0:fb:c4:91:9e:93:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81b80fa2af383c32bc87b1592f671b02c85edf26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:83:36:de:56:68:bd:46:af:40:dc:99:2d:cd:
                    c1:4e:78:e1:9d:4e:6e:bb:eb:7b:7f:fd:23:3c:83:
                    17:74:5e:8b:f5:4a:7a:15:67:39:17:c5:96:fe:89:
                    36:13:89:04:ec:85:e4:ff:70:f9:17:34:68:00:8d:
                    dc:8e:12:c3:f0:ef:c8:96:32:1e:ce:bf:04:0e:ab:
                    de:a5:5c:55:5b:17:96:54:9e:9c:ef:60:31:ff:51:
                    68:66:37:8f:47:81:17:ac:f0:db:da:c8:d0:81:84:
                    98:43:d1:4a:f3:60:7f:3a:f2:2e:ae:d1:82:60:c0:
                    e6:69:e9:3b:01:ba:55:10:99:60:ca:94:21:52:65:
                    05:b5:98:42:8a:53:c8:70:d3:3a:bd:75:f9:c0:cb:
                    07:ef:fc:e7:73:9e:27:ac:7d:bf:3f:0c:e6:67:6a:
                    21:f0:91:3c:40:d4:82:30:67:6b:97:71:c9:8e:30:
                    c3:51:c5:e4:2d:f1:68:09:3c:c6:c5:db:c9:02:8e:
                    b5:a2:01:4b:23:47:2e:f5:ff:4f:ba:e6:4a:db:9b:
                    c7:cb:6c:54:a3:11:50:d4:c5:8b:ce:09:a1:8f:6c:
                    90:d8:67:f0:a2:c3:2e:e1:d1:b4:78:20:fd:7f:0a:
                    9f:15:10:2b:46:16:d8:4f:d5:a7:68:ba:f8:c2:f0:
                    0f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:B8:0F:A2:AF:38:3C:32:BC:87:B1:59:2F:67:1B:02:C8:5E:DF:26
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gbgPoq84PDK8h7FZL2cbAshe3yY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffa5::/48

    Signature Algorithm: sha256WithRSAEncryption
         3f:5e:03:4a:3a:a2:7a:95:e9:6e:8b:19:b7:eb:08:d7:00:00:
         ed:42:2d:32:ec:8f:b9:bd:2e:02:01:4f:89:51:3f:0d:fa:57:
         35:79:2d:29:ef:5e:8c:c6:a5:a1:e3:94:ea:54:dd:1c:ed:c5:
         33:28:9a:3b:41:83:37:c5:27:3c:7d:16:95:d2:b4:49:56:6c:
         07:13:2f:90:89:61:69:57:cf:3e:26:94:56:77:65:27:47:83:
         27:cf:04:a8:21:22:fb:98:85:ee:b5:6d:c3:d2:3d:bf:ac:1c:
         26:91:00:12:58:d6:8f:a8:75:23:89:45:f8:8e:c2:db:7b:2e:
         d7:53:2f:ec:f7:70:ff:18:8c:60:5b:38:e5:02:45:05:79:64:
         15:c4:12:6f:5a:65:0c:89:4a:5d:69:f6:bc:99:cd:e5:c4:93:
         0b:38:3e:1e:ff:e4:cb:a3:87:04:a8:39:a4:73:6e:2b:37:53:
         87:d9:2b:54:86:07:03:a2:65:1d:9a:ae:cc:e8:9e:c5:da:97:
         c3:72:7e:0b:71:be:7c:33:67:73:ae:53:78:14:79:43:e2:06:
         3c:04:7b:a0:17:d4:e5:12:dd:bf:fc:fe:3c:9c:e3:16:3f:c5:
         92:45:60:21:18:65:64:a1:4b:41:90:c2:c9:c7:49:d3:fc:11:
         91:88:a3:0f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkBDPmpPzoYbg+8SRnpPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI4MGZhMmFmMzgzYzMyYmM4N2IxNTkyZjY3MWIwMmM4NWVkZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIM23lZovUavQNyZLc3BTnjhnU5u
u+t7f/0jPIMXdF6L9Up6FWc5F8WW/ok2E4kE7IXk/3D5FzRoAI3cjhLD8O/IljIe
zr8EDqvepVxVWxeWVJ6c72Ax/1FoZjePR4EXrPDb2sjQgYSYQ9FK82B/OvIurtGC
YMDmaek7AbpVEJlgypQhUmUFtZhCilPIcNM6vXX5wMsH7/znc54nrH2/PwzmZ2oh
8JE8QNSCMGdrl3HJjjDDUcXkLfFoCTzGxdvJAo61ogFLI0cu9f9PuuZK25vHy2xU
oxFQ1MWLzgmhj2yQ2GfwosMu4dG0eCD9fwqfFRArRhbYT9WnaLr4wvAP5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIG4D6KvODwyvIexWS9nGwLIXt8mMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZ2JnUG9xODRQREs4aDdGWkwyY2JBc2hlM3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+l
MA0GCSqGSIb3DQEBCwUAA4IBAQA/XgNKOqJ6leluixm36wjXAADtQi0y7I+5vS4C
AU+JUT8N+lc1eS0p716MxqWh45TqVN0c7cUzKJo7QYM3xSc8fRaV0rRJVmwHEy+Q
iWFpV88+JpRWd2UnR4MnzwSoISL7mIXutW3D0j2/rBwmkQASWNaPqHUjiUX4jsLb
ey7XUy/s93D/GIxgWzjlAkUFeWQVxBJvWmUMiUpdafa8mc3lxJMLOD4e/+TLo4cE
qDmkc24rN1OH2StUhgcDomUdmq7M6J7F2pfDcn4Lcb58M2dzrlN4FHlD4gY8BHug
F9TlEt2//P48nOMWP8WSRWAhGGVkoUtBkMLJx0nT/BGRiKMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org