Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Gzlpks8ZVn-GCZlDEwXXekRekg0.roa
File:                     Gzlpks8ZVn-GCZlDEwXXekRekg0.roa (raw, json)
Hash identifier:          BdoFcGDEColqAJVHD5A+lRqFpVSc4twrS8S1Eu/Ei2k=
Subject key identifier:   1B:39:69:92:CF:19:56:7F:86:09:99:43:13:05:D7:7A:44:5E:92:0D
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       018C38EEFA60FFC5009719BB38DB274D7FED
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Gzlpks8ZVn-GCZlDEwXXekRekg0.roa
Signing time:             Tue 05 Dec 2023 07:43:54 +0000
ROA not before:           Tue 05 Dec 2023 07:43:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215956
IP address blocks:        2a0e:8f02:2270::/44 maxlen: 44

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 16:17:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:38:ee:fa:60:ff:c5:00:97:19:bb:38:db:27:4d:7f:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Dec  5 07:43:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1b396992cf19567f860999431305d77a445e920d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e4:07:d7:82:05:a6:10:17:bc:e3:57:9f:45:
                    a1:a4:5d:7c:f1:0d:48:4e:6b:38:e0:4d:4a:12:7d:
                    85:64:07:4f:d1:3d:2c:32:8f:9f:c4:b7:d0:1e:60:
                    46:23:73:49:e6:de:8f:92:fe:40:86:67:f4:84:f4:
                    b2:06:ea:b5:8c:3a:64:50:c6:86:c9:ac:25:3c:84:
                    5f:a5:96:56:8e:2f:52:71:85:1e:f2:56:69:9b:43:
                    36:8c:89:9b:b3:9a:a4:29:5f:49:dc:6f:23:16:ac:
                    39:6b:fe:bc:07:ae:60:32:ff:c1:59:bf:49:52:53:
                    32:df:43:67:5f:7c:50:8c:a4:80:63:c7:b2:89:b2:
                    5e:2c:a4:2d:55:53:a7:1b:8d:16:f0:37:93:39:b5:
                    43:ee:7e:46:83:b5:5f:53:4c:3a:ce:3b:35:dd:eb:
                    ee:e5:49:e8:d7:0b:55:da:0d:73:d0:27:a9:46:83:
                    0d:2c:f0:9c:2e:a7:17:27:48:ee:82:bb:6c:7b:95:
                    0d:0e:41:45:d9:78:8c:cc:14:08:a2:6d:55:ee:b8:
                    77:55:38:bd:57:b2:cb:9f:40:87:ba:09:44:80:ad:
                    70:ae:07:1e:0a:fb:43:50:44:6d:ae:f8:fa:16:f9:
                    64:a3:58:2a:a9:d4:46:92:dd:fd:8b:23:f8:ca:6e:
                    af:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:39:69:92:CF:19:56:7F:86:09:99:43:13:05:D7:7A:44:5E:92:0D
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Gzlpks8ZVn-GCZlDEwXXekRekg0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:2270::/44

    Signature Algorithm: sha256WithRSAEncryption
         2d:d0:3a:14:14:00:ed:cd:26:d6:7a:01:4f:09:a8:17:bc:4e:
         31:cb:93:61:18:9f:ad:71:83:06:86:66:2a:85:71:9f:76:32:
         f1:10:53:a7:2c:8a:e3:75:e6:e7:75:4a:29:1a:86:29:bb:69:
         64:c7:65:9f:10:99:c3:aa:00:15:b3:ce:be:1e:c1:04:19:ea:
         3c:14:b8:6f:b2:a7:fb:cd:9c:04:42:de:3d:36:a8:dd:59:b9:
         88:b4:9f:99:98:7f:f8:7a:d5:15:ff:89:3b:fd:65:7e:85:36:
         ac:9f:1d:49:a8:62:8e:60:82:c2:7d:a8:1f:53:97:9d:f7:85:
         b4:01:52:1c:a8:54:e2:28:b9:e8:52:d3:53:e5:48:c9:42:e6:
         3c:17:ed:8a:3a:9d:c0:de:da:78:cd:53:0e:62:e1:a9:b2:60:
         b6:e3:3f:7f:e8:ad:72:08:7f:0a:7b:e2:89:06:56:2c:67:a0:
         90:11:bf:4a:3e:a8:c0:03:23:d5:25:fb:b6:67:c5:2e:72:a6:
         07:4a:fc:59:6c:93:66:f0:0b:43:2d:65:b4:3e:c2:8b:83:fc:
         e4:9b:f1:76:6b:31:3f:bb:dc:43:e8:db:ef:29:b1:ed:44:80:
         31:a8:cd:c7:6c:2b:14:f0:6f:86:25:99:1a:e3:0a:71:d3:33:
         4c:27:3f:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYw47vpg/8UAlxm7ONsnTX/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMxMjA1MDc0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM5Njk5MmNmMTk1NjdmODYwOTk5NDMxMzA1ZDc3YTQ0NWU5MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuQH14IFphAXvONXn0WhpF188Q1I
Tms44E1KEn2FZAdP0T0sMo+fxLfQHmBGI3NJ5t6Pkv5Ahmf0hPSyBuq1jDpkUMaG
yawlPIRfpZZWji9ScYUe8lZpm0M2jImbs5qkKV9J3G8jFqw5a/68B65gMv/BWb9J
UlMy30NnX3xQjKSAY8eyibJeLKQtVVOnG40W8DeTObVD7n5Gg7VfU0w6zjs13evu
5Uno1wtV2g1z0CepRoMNLPCcLqcXJ0jugrtse5UNDkFF2XiMzBQIom1V7rh3VTi9
V7LLn0CHuglEgK1wrgceCvtDUERtrvj6Fvlko1gqqdRGkt39iyP4ym6vawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBs5aZLPGVZ/hgmZQxMF13pEXpINMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvR3pscGtzOFpWbi1HQ1psREV3WFhla1Jla2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiJw
MA0GCSqGSIb3DQEBCwUAA4IBAQAt0DoUFADtzSbWegFPCagXvE4xy5NhGJ+tcYMG
hmYqhXGfdjLxEFOnLIrjdebndUopGoYpu2lkx2WfEJnDqgAVs86+HsEEGeo8FLhv
sqf7zZwEQt49NqjdWbmItJ+ZmH/4etUV/4k7/WV+hTasnx1JqGKOYILCfagfU5ed
94W0AVIcqFTiKLnoUtNT5UjJQuY8F+2KOp3A3tp4zVMOYuGpsmC24z9/6K1yCH8K
e+KJBlYsZ6CQEb9KPqjAAyPVJfu2Z8UucqYHSvxZbJNm8AtDLWW0PsKLg/zkm/F2
azE/u9xD6NvvKbHtRIAxqM3HbCsU8G+GJZka4wpx0zNMJz/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org