Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GfbuzhjdRgByGmWYeWBgwA3KBrs.roa
File:                     GfbuzhjdRgByGmWYeWBgwA3KBrs.roa (raw, json)
Hash identifier:          Vr8DUsMdliM/0zdq60d+sZlIOnToUGalNnm/mtSpJdo=
Subject key identifier:   19:F6:EE:CE:18:DD:46:00:72:1A:65:98:79:60:60:C0:0D:CA:06:BB
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7B52AA7AC9C5B309BBBDA184C958A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GfbuzhjdRgByGmWYeWBgwA3KBrs.roa
Signing time:             Mon 02 Jan 2023 08:44:54 +0000
ROA not before:           Mon 02 Jan 2023 08:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205911
IP address blocks:        2a13:4800::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:b5:2a:a7:ac:9c:5b:30:9b:bb:da:18:4c:95:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19f6eece18dd4600721a6598796060c00dca06bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ed:a3:d1:eb:8f:81:e9:ad:a3:57:32:ab:e9:
                    3c:88:a6:88:a2:b8:13:0a:e4:26:2c:6b:5a:fe:7c:
                    cd:fc:e0:ee:25:fe:66:ac:d6:8c:e8:e1:bc:bc:f3:
                    66:0d:af:d2:e2:22:fd:06:94:d7:f7:fb:70:1b:47:
                    0b:2e:f8:9a:5c:e8:f2:c8:4f:82:61:c9:e6:fd:13:
                    7a:1d:20:be:d0:ef:28:99:c6:9e:bc:fd:f5:da:5f:
                    a3:16:af:ee:5f:7d:4b:1a:12:3b:51:8a:0a:49:99:
                    15:1e:5b:64:c7:0c:c8:b2:20:97:bd:23:87:6f:65:
                    24:02:3c:6a:7b:0b:76:63:91:f1:08:0e:9b:97:c9:
                    dd:c9:81:dd:79:53:df:b9:60:fa:fa:3c:19:cb:12:
                    12:1e:b8:63:63:22:64:95:27:c5:95:68:8c:19:af:
                    d1:33:1b:78:24:fd:6a:d4:4e:21:d1:47:cf:15:7a:
                    4e:44:3e:5f:71:65:39:46:43:46:3f:7a:9b:f3:05:
                    75:33:c1:0c:d7:c4:67:20:56:cd:b5:e2:7a:de:68:
                    1f:c0:d3:2d:db:73:86:c8:83:09:dd:45:c4:18:e2:
                    42:21:fb:24:cf:b6:26:83:21:c0:9f:ad:cd:2a:bf:
                    97:b1:ff:fa:a4:a5:b5:68:39:26:42:05:7c:1a:f6:
                    7c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:F6:EE:CE:18:DD:46:00:72:1A:65:98:79:60:60:C0:0D:CA:06:BB
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GfbuzhjdRgByGmWYeWBgwA3KBrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:4800::/29

    Signature Algorithm: sha256WithRSAEncryption
         2a:54:63:4a:3f:46:6f:29:47:cf:49:a8:fc:4e:c7:3a:00:35:
         06:0f:79:94:4a:53:64:0f:61:ba:8e:ae:5f:7e:56:95:c4:cb:
         4c:db:29:88:93:9e:55:9c:c2:9a:fb:73:ed:f6:7f:b9:4c:87:
         8f:51:47:a9:09:a4:5a:30:8e:07:86:55:e6:63:91:4b:b2:a9:
         8b:12:84:27:eb:df:ac:d1:6d:48:ac:02:40:6c:a1:b3:6c:be:
         f4:d9:55:f7:1a:f8:59:b3:11:80:03:2a:d0:cc:69:2c:26:6f:
         fc:1d:44:be:e7:f6:73:f7:c8:6c:1e:da:03:98:91:91:c9:a3:
         28:45:c9:be:ef:b1:36:1b:73:5e:ec:d5:5e:97:09:8f:e7:1a:
         d4:2d:87:44:af:4a:12:c7:53:d2:5a:b4:06:01:3b:d1:f5:f8:
         3a:97:96:37:e8:54:39:bf:09:a3:a7:35:d7:ff:03:f4:d1:7b:
         46:f9:7f:0b:b4:7d:f0:ec:a2:e1:71:51:85:08:42:17:4e:39:
         e6:09:16:4b:72:89:43:41:2d:0e:b0:d8:c4:84:49:1e:e8:66:
         d3:77:6f:b3:0c:09:b8:3c:48:3b:04:91:72:3e:d3:b4:e1:6e:
         0f:dc:cf:a5:2e:fe:05:94:42:d6:2b:e3:36:09:38:3d:3e:53:
         c7:f7:42:f5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxp7Uqp6ycWzCbu9oYTJWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWY2ZWVjZTE4ZGQ0NjAwNzIxYTY1OTg3OTYwNjBjMDBkY2EwNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou2j0euPgemto1cyq+k8iKaIorgT
CuQmLGta/nzN/ODuJf5mrNaM6OG8vPNmDa/S4iL9BpTX9/twG0cLLviaXOjyyE+C
Ycnm/RN6HSC+0O8omcaevP312l+jFq/uX31LGhI7UYoKSZkVHltkxwzIsiCXvSOH
b2UkAjxqewt2Y5HxCA6bl8ndyYHdeVPfuWD6+jwZyxISHrhjYyJklSfFlWiMGa/R
Mxt4JP1q1E4h0UfPFXpORD5fcWU5RkNGP3qb8wV1M8EM18RnIFbNteJ63mgfwNMt
23OGyIMJ3UXEGOJCIfskz7YmgyHAn63NKr+Xsf/6pKW1aDkmQgV8GvZ81QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBn27s4Y3UYAchplmHlgYMANyga7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvR2ZidXpoamRSZ0J5R21XWWVXQmd3QTNLQnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNIADAN
BgkqhkiG9w0BAQsFAAOCAQEAKlRjSj9GbylHz0mo/E7HOgA1Bg95lEpTZA9huo6u
X35WlcTLTNspiJOeVZzCmvtz7fZ/uUyHj1FHqQmkWjCOB4ZV5mORS7KpixKEJ+vf
rNFtSKwCQGyhs2y+9NlV9xr4WbMRgAMq0MxpLCZv/B1Evuf2c/fIbB7aA5iRkcmj
KEXJvu+xNhtzXuzVXpcJj+ca1C2HRK9KEsdT0lq0BgE70fX4OpeWN+hUOb8Jo6c1
1/8D9NF7Rvl/C7R98Oyi4XFRhQhCF0455gkWS3KJQ0EtDrDYxIRJHuhm03dvswwJ
uDxIOwSRcj7TtOFuD9zPpS7+BZRC1ivjNgk4PT5Tx/dC9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org