Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1-GumESIG-DHa4S2eo__LLEa08lo.roa
File:                     1-GumESIG-DHa4S2eo__LLEa08lo.roa (raw, json)
Hash identifier:          xcCV1PPpZrTNRl/TDOjZih5uDUxH/tGKz/I9YVefZeI=
Subject key identifier:   F8:6B:A6:11:22:06:F8:31:DA:E1:2D:9E:A3:FF:CB:2C:46:B4:F2:5A
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       018A2738F90154184456317642206792BF26
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1-GumESIG-DHa4S2eo__LLEa08lo.roa
Signing time:             Thu 24 Aug 2023 11:05:59 +0000
ROA not before:           Thu 24 Aug 2023 11:05:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47843
IP address blocks:        87.248.128.0/24 maxlen: 24
                          87.248.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 12:27:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:27:38:f9:01:54:18:44:56:31:76:42:20:67:92:bf:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Aug 24 11:05:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f86ba6112206f831dae12d9ea3ffcb2c46b4f25a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:13:87:2b:00:83:09:c2:76:49:92:cb:1d:34:
                    c3:94:ad:85:4e:43:b9:ea:2a:4e:9a:32:9d:fe:c8:
                    41:82:f9:9b:fe:b6:12:ca:e9:56:f0:a9:36:0d:57:
                    60:0b:c0:1f:24:40:df:78:c2:9d:8c:f4:cd:19:bb:
                    f3:2a:5a:98:70:6f:01:d5:02:1d:b7:1f:a9:e1:43:
                    ba:b9:12:1d:d3:b1:37:54:b9:65:8b:37:60:1f:9d:
                    1b:3c:d7:01:ce:c8:e7:f7:03:96:5a:09:32:de:12:
                    49:60:5f:37:2a:f5:60:0d:81:b0:50:4d:20:71:fc:
                    c3:17:7f:c0:5c:c9:2e:6f:b2:42:25:c4:d7:11:f0:
                    51:e9:a6:2a:1d:22:f1:06:4d:15:45:7a:4c:28:d2:
                    88:c5:9f:f0:83:55:f2:37:64:33:e9:b0:b0:40:9f:
                    b0:2f:63:05:f5:1b:d8:d9:9c:d7:3c:a5:02:2a:45:
                    c9:c4:cb:d3:4f:f5:a5:8e:79:f4:4f:87:c9:c4:af:
                    f4:33:43:6b:2c:96:8e:b7:4b:fc:90:85:7d:e9:9e:
                    9c:22:a8:db:b2:ad:5a:b4:60:2f:bf:96:b8:89:25:
                    a3:a9:e0:87:6a:c4:8a:e8:a3:cf:66:b9:4b:e6:43:
                    01:db:64:1e:85:b5:56:26:7f:55:52:24:2e:33:f2:
                    5b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:6B:A6:11:22:06:F8:31:DA:E1:2D:9E:A3:FF:CB:2C:46:B4:F2:5A
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1-GumESIG-DHa4S2eo__LLEa08lo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.128.0/24
                  87.248.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:97:75:9b:5b:69:0b:b5:57:31:d6:15:5b:0d:6d:0a:1f:7a:
         91:fe:30:54:c3:38:ef:f1:5d:17:58:b8:0d:e8:fb:3f:ad:b2:
         82:bc:d5:d2:1d:af:16:45:eb:ea:db:b9:db:0c:76:90:cf:38:
         16:aa:6f:b3:ec:49:bb:e1:9c:5b:a5:d6:78:d1:b8:55:1b:e0:
         5a:4a:f2:58:4c:68:98:10:db:9a:45:7e:8c:92:b1:6e:73:d2:
         d8:db:5d:ab:68:d7:d9:49:f1:fd:bc:70:42:b1:d8:e5:a5:e7:
         41:0a:c2:ca:e1:df:d4:6b:9d:24:02:11:72:c8:d5:4d:a1:c7:
         a2:a2:1a:c4:56:92:34:55:ce:6e:5c:ce:60:08:b3:d1:9e:09:
         84:5b:71:22:ea:e1:fc:b5:49:a2:ca:d1:9f:eb:87:e8:61:cf:
         79:06:ef:15:a4:0b:e9:fd:8e:21:3c:17:08:82:38:a3:48:2d:
         3c:1f:3c:4c:21:55:9c:57:6a:07:34:89:29:d5:f9:2e:0a:97:
         a8:fc:c1:22:65:a1:0b:27:82:fa:d1:44:a7:be:85:eb:69:e9:
         26:c3:d5:c3:8a:18:3f:a6:50:84:7d:55:c3:cc:90:65:e1:02:
         89:24:d1:e3:cd:46:75:e0:c0:08:c6:61:64:e7:b4:4f:64:e2:
         97:d4:d3:91
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYonOPkBVBhEVjF2QiBnkr8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwODI0MTEwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODZiYTYxMTIyMDZmODMxZGFlMTJkOWVhM2ZmY2IyYzQ2YjRmMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBOHKwCDCcJ2SZLLHTTDlK2FTkO5
6ipOmjKd/shBgvmb/rYSyulW8Kk2DVdgC8AfJEDfeMKdjPTNGbvzKlqYcG8B1QId
tx+p4UO6uRId07E3VLllizdgH50bPNcBzsjn9wOWWgky3hJJYF83KvVgDYGwUE0g
cfzDF3/AXMkub7JCJcTXEfBR6aYqHSLxBk0VRXpMKNKIxZ/wg1XyN2Qz6bCwQJ+w
L2MF9RvY2ZzXPKUCKkXJxMvTT/Wljnn0T4fJxK/0M0NrLJaOt0v8kIV96Z6cIqjb
sq1atGAvv5a4iSWjqeCHasSK6KPPZrlL5kMB22QehbVWJn9VUiQuM/JbEQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPhrphEiBvgx2uEtnqP/yyxGtPJaMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvMS1HdW1FU0lHLURIYTRTMmVvX19MTEVhMDhsby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1
NC8xL2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFf4gAME
AFf4iTANBgkqhkiG9w0BAQsFAAOCAQEAY5d1m1tpC7VXMdYVWw1tCh96kf4wVMM4
7/FdF1i4Dej7P62ygrzV0h2vFkXr6tu52wx2kM84Fqpvs+xJu+GcW6XWeNG4VRvg
WkryWExomBDbmkV+jJKxbnPS2Ntdq2jX2Unx/bxwQrHY5aXnQQrCyuHf1GudJAIR
csjVTaHHoqIaxFaSNFXOblzOYAiz0Z4JhFtxIurh/LVJosrRn+uH6GHPeQbvFaQL
6f2OITwXCII4o0gtPB88TCFVnFdqBzSJKdX5LgqXqPzBImWhCyeC+tFEp76F62np
JsPVw4oYP6ZQhH1Vw8yQZeECiSTR481GdeDACMZhZOe0T2Til9TTkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org