Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/GRclTYMbjgfrXXWxoNbC03taE3s.roa
File:                     GRclTYMbjgfrXXWxoNbC03taE3s.roa (raw, json)
Hash identifier:          PaPWUlVN+VbDOzX3+50/GXzPrJN288KeYravaOFbqJw=
Subject key identifier:   19:17:25:4D:83:1B:8E:07:EB:5D:75:B1:A0:D6:C2:D3:7B:5A:13:7B
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       018CC64AD621ACC8BFE1A79FFD531CA8CA6E
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/GRclTYMbjgfrXXWxoNbC03taE3s.roa
Signing time:             Mon 01 Jan 2024 18:30:42 +0000
ROA not before:           Mon 01 Jan 2024 18:30:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50375
IP address blocks:        2a01:d0:3a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 23:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:d6:21:ac:c8:bf:e1:a7:9f:fd:53:1c:a8:ca:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Jan  1 18:30:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1917254d831b8e07eb5d75b1a0d6c2d37b5a137b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9d:5a:78:63:98:24:8a:c6:ea:93:06:1b:0d:
                    18:02:88:2e:ee:c6:73:3f:5c:9e:d3:1f:23:9b:37:
                    eb:e8:65:26:32:54:f8:ea:e5:c8:41:ee:42:6e:7e:
                    8f:b3:18:8c:7b:08:80:e8:ab:98:e7:29:65:e8:7a:
                    38:25:fd:bb:24:89:19:f9:03:e3:95:5e:b2:7f:ab:
                    c3:7a:99:80:d8:6e:2c:d2:37:2a:2c:7b:00:a7:e7:
                    11:3c:a6:d6:1d:b1:6b:d4:4f:20:d5:a0:0b:9f:73:
                    bc:0f:54:b5:48:d9:55:72:92:cb:12:2b:00:54:7d:
                    db:7c:12:0b:e2:cd:16:9b:33:22:55:34:5b:bd:90:
                    84:b0:77:62:7a:9e:c6:19:21:32:d7:38:dd:fe:b8:
                    33:8c:6c:de:4c:46:1f:ed:eb:13:1f:0d:12:fd:15:
                    0f:56:11:81:b6:75:2a:62:2e:1f:5c:c9:65:cd:7e:
                    df:7d:e8:97:25:c1:f2:39:5e:85:9c:28:27:87:80:
                    89:cf:79:87:5c:8b:57:b1:2d:63:a6:b3:cf:e1:ba:
                    db:29:6d:3b:ed:40:10:08:ac:c8:3a:6d:2e:38:99:
                    0a:20:64:84:91:8a:83:de:98:c1:88:48:f0:83:71:
                    e3:de:d4:5a:bb:c6:02:8c:8a:61:26:52:88:72:d7:
                    6c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:17:25:4D:83:1B:8E:07:EB:5D:75:B1:A0:D6:C2:D3:7B:5A:13:7B
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/GRclTYMbjgfrXXWxoNbC03taE3s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:d0:3a::/48

    Signature Algorithm: sha256WithRSAEncryption
         2d:9e:b9:9e:b9:24:53:7c:74:07:c3:0a:1d:63:de:f3:7d:dc:
         ef:ee:ee:21:07:bb:a9:69:e2:1b:78:f4:6e:76:a0:44:35:6e:
         14:24:2d:66:05:a3:b1:12:71:78:53:04:c6:39:23:89:8a:8f:
         9b:c6:47:ce:4d:50:0d:9a:54:3a:81:f7:5b:dc:2c:d8:b2:da:
         7f:6d:93:12:33:b7:f6:ee:e4:01:7c:38:fb:02:7f:a9:aa:36:
         7e:b6:7d:4f:d9:ca:dd:04:f0:87:22:9d:97:ce:53:be:d5:cb:
         f4:b3:a1:b3:ad:ae:33:74:76:2f:4f:ff:98:d5:f4:98:33:58:
         da:7a:61:05:4c:90:8b:b7:51:a8:13:67:a2:36:09:ed:f9:a0:
         c7:6c:0b:5c:eb:e5:e0:2c:38:ef:3e:06:6a:63:21:d3:3b:3c:
         42:9d:2c:3a:72:02:f9:63:e5:75:19:84:76:0d:f5:a5:c0:00:
         e9:0f:61:75:cb:ac:77:fe:4c:0e:7a:e0:35:30:18:46:56:d9:
         86:0d:e0:d9:ba:57:d3:1d:02:63:76:26:db:bd:ce:3f:00:c1:
         d3:34:5a:a6:0f:3b:cf:0b:dc:96:36:9e:97:0a:1d:e9:80:07:
         87:7a:5a:c8:db:9f:17:b8:64:32:94:bb:c8:dc:d7:89:2d:f7:
         f8:d4:df:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGStYhrMi/4aef/VMcqMpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTE3MjU0ZDgzMWI4ZTA3ZWI1ZDc1YjFhMGQ2YzJkMzdiNWExMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ1aeGOYJIrG6pMGGw0YAogu7sZz
P1ye0x8jmzfr6GUmMlT46uXIQe5Cbn6PsxiMewiA6KuY5yll6Ho4Jf27JIkZ+QPj
lV6yf6vDepmA2G4s0jcqLHsAp+cRPKbWHbFr1E8g1aALn3O8D1S1SNlVcpLLEisA
VH3bfBIL4s0WmzMiVTRbvZCEsHdiep7GGSEy1zjd/rgzjGzeTEYf7esTHw0S/RUP
VhGBtnUqYi4fXMllzX7ffeiXJcHyOV6FnCgnh4CJz3mHXItXsS1jprPP4brbKW07
7UAQCKzIOm0uOJkKIGSEkYqD3pjBiEjwg3Hj3tRau8YCjIphJlKIctdsGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBkXJU2DG44H6111saDWwtN7WhN7MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvR1JjbFRZTWJqZ2ZyWFhXeG9OYkMwM3RhRTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEA0AA6
MA0GCSqGSIb3DQEBCwUAA4IBAQAtnrmeuSRTfHQHwwodY97zfdzv7u4hB7upaeIb
ePRudqBENW4UJC1mBaOxEnF4UwTGOSOJio+bxkfOTVANmlQ6gfdb3CzYstp/bZMS
M7f27uQBfDj7An+pqjZ+tn1P2crdBPCHIp2XzlO+1cv0s6Gzra4zdHYvT/+Y1fSY
M1jaemEFTJCLt1GoE2eiNgnt+aDHbAtc6+XgLDjvPgZqYyHTOzxCnSw6cgL5Y+V1
GYR2DfWlwADpD2F1y6x3/kwOeuA1MBhGVtmGDeDZulfTHQJjdibbvc4/AMHTNFqm
DzvPC9yWNp6XCh3pgAeHelrI258XuGQylLvI3NeJLff41N/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org