Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/GcDet18uJWzu4rHRYbXQZwJ0SM8.roa
File:                     GcDet18uJWzu4rHRYbXQZwJ0SM8.roa (raw, json)
Hash identifier:          3IFIU91gkfTuGJuEQ6cvT9bpBGh/oEx6Dtt2xCOSf2Y=
Subject key identifier:   19:C0:DE:B7:5F:2E:25:6C:EE:E2:B1:D1:61:B5:D0:67:02:74:48:CF
Certificate issuer:       /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial:       0186C1DCB8870A5E618A7B8F1089E01576E6
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/GcDet18uJWzu4rHRYbXQZwJ0SM8.roa
Signing time:             Wed 08 Mar 2023 15:35:13 +0000
ROA not before:           Wed 08 Mar 2023 15:35:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200879
IP address blocks:        2a0a:280:1d00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c1:dc:b8:87:0a:5e:61:8a:7b:8f:10:89:e0:15:76:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
        Validity
            Not Before: Mar  8 15:35:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19c0deb75f2e256ceee2b1d161b5d067027448cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:47:c1:7f:9b:b8:64:31:ce:c2:36:40:25:d0:
                    c0:88:94:18:3d:aa:0e:5e:62:d2:05:a7:f6:02:dd:
                    24:5e:35:eb:e6:9c:30:e7:be:4d:07:e2:33:8e:23:
                    dd:72:f2:31:6e:67:36:05:1a:69:d6:85:c4:b8:6a:
                    2a:25:65:c5:4b:a2:c8:27:d3:f3:2b:59:fc:96:20:
                    0a:8a:07:9d:48:54:02:34:e4:cf:e1:16:8e:c3:75:
                    d8:49:81:7a:4d:db:76:35:6a:89:8b:13:20:c2:41:
                    f8:81:f5:71:fd:83:ae:08:1b:7e:55:25:58:58:af:
                    ba:0e:65:1d:c6:fc:d4:46:f5:05:8d:cb:3a:59:5a:
                    44:ef:20:f3:d4:0a:c4:25:c2:04:3f:2c:9d:55:a7:
                    be:8c:71:72:df:85:dc:09:eb:ba:40:52:12:2d:cc:
                    b4:a0:aa:65:e7:c4:bf:d2:36:f9:e8:fc:62:8d:4e:
                    28:a5:86:cf:4d:52:dd:0c:9a:b9:10:60:05:33:81:
                    15:ef:09:ea:ef:e6:bd:77:2a:f4:21:7a:ec:7e:81:
                    75:94:c9:d6:2f:82:b0:99:a2:11:7c:d3:9d:b3:04:
                    5c:36:32:a1:98:64:2f:42:f4:1a:d7:bd:cd:2e:b8:
                    00:f0:75:f9:d4:a4:c7:10:69:4c:c3:98:1f:ff:10:
                    bb:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C0:DE:B7:5F:2E:25:6C:EE:E2:B1:D1:61:B5:D0:67:02:74:48:CF
            X509v3 Authority Key Identifier:
                keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/GcDet18uJWzu4rHRYbXQZwJ0SM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:280:1d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         05:7b:77:c5:e4:ef:3f:52:6a:b1:ac:90:f3:1c:63:57:03:7f:
         7b:b8:f9:42:3a:5e:53:2d:5b:a9:6f:bd:43:b5:b9:b0:8e:f2:
         9e:9a:f0:0e:48:6d:c3:0f:43:8a:a2:b7:cd:4c:72:f8:93:fa:
         5a:48:03:9c:08:26:86:d5:a0:83:e2:20:3a:fc:99:89:3d:9e:
         a0:cb:5c:b3:8f:a1:49:a9:fb:b9:dc:b5:aa:15:d0:aa:ba:c5:
         0b:df:30:f1:6a:3d:93:e9:08:c5:33:e1:78:ec:b9:72:ea:93:
         cf:fe:4c:df:f3:33:9f:0f:a7:23:26:38:cf:8c:f4:eb:eb:26:
         68:2a:64:04:be:cd:c9:9a:87:77:b9:7a:4b:44:81:13:9d:70:
         53:4d:2f:91:45:c9:fe:95:e4:61:b2:2f:d2:92:f9:4f:be:bc:
         bc:c8:f1:73:9d:c9:2c:7e:db:f4:0d:f2:7c:d0:b0:2c:1f:31:
         12:ce:68:7f:cb:b4:7a:3f:c7:6e:cd:0c:c3:e8:2d:af:27:05:
         11:d5:8c:04:aa:b0:60:21:43:13:62:01:74:13:1e:a8:ee:88:
         44:f8:f7:84:46:3a:f0:54:8b:a1:45:91:db:2a:ac:4d:9c:bf:
         89:32:8b:eb:9c:8a:dc:76:39:a7:ee:62:6d:75:1b:f2:5b:51:
         8a:78:e7:ff
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYbB3LiHCl5hinuPEIngFXbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzA4MTUzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWMwZGViNzVmMmUyNTZjZWVlMmIxZDE2MWI1ZDA2NzAyNzQ0OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUfBf5u4ZDHOwjZAJdDAiJQYPaoO
XmLSBaf2At0kXjXr5pww575NB+IzjiPdcvIxbmc2BRpp1oXEuGoqJWXFS6LIJ9Pz
K1n8liAKigedSFQCNOTP4RaOw3XYSYF6Tdt2NWqJixMgwkH4gfVx/YOuCBt+VSVY
WK+6DmUdxvzURvUFjcs6WVpE7yDz1ArEJcIEPyydVae+jHFy34XcCeu6QFISLcy0
oKpl58S/0jb56PxijU4opYbPTVLdDJq5EGAFM4EV7wnq7+a9dyr0IXrsfoF1lMnW
L4KwmaIRfNOdswRcNjKhmGQvQvQa173NLrgA8HX51KTHEGlMw5gf/xC71QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBnA3rdfLiVs7uKx0WG10GcCdEjPMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvR2NEZXQxOHVKV3p1NHJIUlliWFFad0owU004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgB0w
DQYJKoZIhvcNAQELBQADggEBAAV7d8Xk7z9SarGskPMcY1cDf3u4+UI6XlMtW6lv
vUO1ubCO8p6a8A5IbcMPQ4qit81McviT+lpIA5wIJobVoIPiIDr8mYk9nqDLXLOP
oUmp+7nctaoV0Kq6xQvfMPFqPZPpCMUz4XjsuXLqk8/+TN/zM58PpyMmOM+M9Ovr
JmgqZAS+zcmah3e5ektEgROdcFNNL5FFyf6V5GGyL9KS+U++vLzI8XOdySx+2/QN
8nzQsCwfMRLOaH/LtHo/x27NDMPoLa8nBRHVjASqsGAhQxNiAXQTHqjuiET494RG
OvBUi6FFkdsqrE2cv4kyi+ucitx2OafuYm11G/JbUYp45/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org