Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GA5okb_66Gz76VEx4L4yO6AW2oc.roa
File:                     GA5okb_66Gz76VEx4L4yO6AW2oc.roa (raw, json)
Hash identifier:          Ide7PGuu7io+jptOerDEuPxk+1UHXdY3Jh+G3Lwo/uE=
Subject key identifier:   18:0E:68:91:BF:FA:E8:6C:FB:E9:51:31:E0:BE:32:3B:A0:16:DA:87
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7A60CE8BA1F1D51CC99B225794D37
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GA5okb_66Gz76VEx4L4yO6AW2oc.roa
Signing time:             Mon 02 Jan 2023 08:44:50 +0000
ROA not before:           Mon 02 Jan 2023 08:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60127
IP address blocks:        185.147.51.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:a6:0c:e8:ba:1f:1d:51:cc:99:b2:25:79:4d:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=180e6891bffae86cfbe95131e0be323ba016da87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f1:7f:bf:32:5b:1b:90:f5:ed:f0:82:75:d5:
                    10:1e:e3:f9:4b:ab:77:24:1f:8f:9a:73:56:f4:0d:
                    fa:63:bc:62:0d:f1:82:cb:77:d1:17:49:e3:4b:82:
                    a5:ca:04:f9:38:64:24:e2:0c:04:18:2f:f1:c8:25:
                    75:77:30:b9:d0:64:6c:2c:e5:25:d7:b2:5a:c8:72:
                    48:3e:4f:bd:2c:d7:41:b4:c0:9a:6d:77:bd:40:4a:
                    64:06:ca:bd:a2:5b:e8:44:2e:8e:00:87:0e:4e:49:
                    56:8b:6c:00:d2:5a:16:fe:6e:20:24:a9:74:2f:0a:
                    72:ea:63:cf:4c:a6:59:cd:81:ef:48:0c:3e:66:9b:
                    8f:a2:7c:57:17:33:89:f5:9f:bc:3a:e4:8b:b5:15:
                    31:76:63:17:95:74:33:94:ff:4b:68:88:7e:80:af:
                    4f:91:de:e5:d7:de:a9:08:d2:44:f0:5a:9c:cd:82:
                    89:1e:95:8a:0f:a5:2f:83:f6:97:26:2f:a1:3e:a6:
                    6e:8e:4f:4a:62:78:b2:57:38:20:31:4c:ee:f6:b3:
                    7d:6d:4c:83:0d:6b:e7:e6:b1:89:ae:d6:ae:8d:66:
                    1e:ba:b2:cf:b4:5c:3c:de:f1:b7:0d:5f:a9:67:03:
                    11:6e:5e:8c:15:ec:b2:74:87:a5:7e:56:ff:09:7d:
                    83:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:0E:68:91:BF:FA:E8:6C:FB:E9:51:31:E0:BE:32:3B:A0:16:DA:87
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GA5okb_66Gz76VEx4L4yO6AW2oc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.147.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:a6:1b:4a:78:03:8e:1d:11:66:7e:f6:1b:b3:a8:7f:a2:33:
         4b:d5:4c:58:4c:6b:6f:78:96:14:bf:1b:bf:5a:1f:e6:7c:d0:
         44:ab:c0:06:ea:89:fb:86:28:7c:7b:54:83:67:6b:b5:0b:fa:
         d8:5f:fa:65:ad:c4:94:b0:dd:9a:f9:4d:ed:56:53:45:ce:4e:
         49:20:36:3f:b1:f2:0e:d4:91:e4:2b:81:62:ba:5c:c7:06:53:
         a2:01:e4:b0:c8:61:62:94:e8:8e:77:c1:18:01:a1:01:18:92:
         0c:69:af:f3:0f:9f:7e:ad:94:5d:05:b4:9b:a1:02:b7:4f:ea:
         12:79:69:ea:bc:73:c1:e9:49:89:9c:27:5c:16:44:dc:c5:8a:
         c7:f7:71:9a:9c:d7:db:5a:67:77:fb:1f:e1:60:ce:75:99:90:
         db:6c:fa:35:fc:3b:76:ae:97:9a:36:58:a4:aa:b3:4e:d5:f0:
         ce:71:7d:ce:17:7e:56:4b:52:88:7d:e6:f6:83:4b:9a:ed:b1:
         12:8c:d7:cf:d5:28:cf:78:4a:a0:a2:8d:12:c2:d7:19:16:a1:
         ec:1b:c7:be:2e:96:e7:6f:38:30:63:5f:34:b1:ab:7b:e2:09:
         a1:9b:5a:b1:e4:46:1f:50:b2:fd:6a:60:de:9b:61:41:44:57:
         62:60:4c:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp6YM6LofHVHMmbIleU03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODBlNjg5MWJmZmFlODZjZmJlOTUxMzFlMGJlMzIzYmEwMTZkYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifF/vzJbG5D17fCCddUQHuP5S6t3
JB+PmnNW9A36Y7xiDfGCy3fRF0njS4KlygT5OGQk4gwEGC/xyCV1dzC50GRsLOUl
17JayHJIPk+9LNdBtMCabXe9QEpkBsq9olvoRC6OAIcOTklWi2wA0loW/m4gJKl0
Lwpy6mPPTKZZzYHvSAw+ZpuPonxXFzOJ9Z+8OuSLtRUxdmMXlXQzlP9LaIh+gK9P
kd7l196pCNJE8FqczYKJHpWKD6Uvg/aXJi+hPqZujk9KYniyVzggMUzu9rN9bUyD
DWvn5rGJrtaujWYeurLPtFw83vG3DV+pZwMRbl6MFeyydIelflb/CX2DPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgOaJG/+uhs++lRMeC+MjugFtqHMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvR0E1b2tiXzY2R3o3NlZFeDRMNHlPNkFXMm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZMzMA0G
CSqGSIb3DQEBCwUAA4IBAQB2phtKeAOOHRFmfvYbs6h/ojNL1UxYTGtveJYUvxu/
Wh/mfNBEq8AG6on7hih8e1SDZ2u1C/rYX/plrcSUsN2a+U3tVlNFzk5JIDY/sfIO
1JHkK4FiulzHBlOiAeSwyGFilOiOd8EYAaEBGJIMaa/zD59+rZRdBbSboQK3T+oS
eWnqvHPB6UmJnCdcFkTcxYrH93GanNfbWmd3+x/hYM51mZDbbPo1/Dt2rpeaNlik
qrNO1fDOcX3OF35WS1KIfeb2g0ua7bESjNfP1SjPeEqgoo0SwtcZFqHsG8e+Lpbn
bzgwY180sat74gmhm1qx5EYfULL9amDem2FBRFdiYEwa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org