Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/gz5OXXRsRTfWhYskpgj27rFFnUY.roa
File:                     gz5OXXRsRTfWhYskpgj27rFFnUY.roa (raw, json)
Hash identifier:          KpWI53OD6xe4lqEx1QxM9mwZw9V7scI+/+mA7TYH1cM=
Subject key identifier:   83:3E:4E:5D:74:6C:45:37:D6:85:8B:24:A6:08:F6:EE:B1:45:9D:46
Certificate issuer:       /CN=6b22ad4cf647a48b631ff84f227ea0252130552d
Certificate serial:       01857230DD5FF4C6BD872C6EFBD50C915E0F
Authority key identifier: 6B:22:AD:4C:F6:47:A4:8B:63:1F:F8:4F:22:7E:A0:25:21:30:55:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayKtTPZHpItjH_hPIn6gJSEwVS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/gz5OXXRsRTfWhYskpgj27rFFnUY.roa
Signing time:             Mon 02 Jan 2023 11:14:42 +0000
ROA not before:           Mon 02 Jan 2023 11:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212083
IP address blocks:        147.189.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:30:dd:5f:f4:c6:bd:87:2c:6e:fb:d5:0c:91:5e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b22ad4cf647a48b631ff84f227ea0252130552d
        Validity
            Not Before: Jan  2 11:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=833e4e5d746c4537d6858b24a608f6eeb1459d46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:23:e4:f4:1b:12:2f:a7:74:a4:67:fc:68:7d:
                    88:35:7e:8e:47:2d:8b:d2:a2:d1:64:6f:2b:64:fa:
                    30:cb:d7:2b:85:00:32:d1:0b:82:ea:96:63:95:70:
                    b2:9a:ab:38:f6:0d:97:01:a4:1f:67:0c:bd:a5:48:
                    fa:e0:62:32:fa:27:88:6e:ef:0e:aa:63:51:6a:2b:
                    d8:46:60:5b:a7:bc:f5:20:44:85:43:fb:60:5b:7a:
                    0a:12:7f:75:0e:1c:50:d9:2c:b3:72:80:9c:1b:35:
                    36:b7:a2:d7:41:3c:bf:fe:90:22:22:67:ee:c6:dc:
                    86:43:f1:45:2e:9b:c5:13:97:ce:24:75:5c:cd:56:
                    23:c0:1b:18:9d:09:5e:8c:e0:aa:76:9c:c1:3a:13:
                    9b:59:30:34:34:c6:e8:19:98:61:03:78:19:4f:5e:
                    79:a7:e7:5a:31:3a:dc:bd:15:f8:a0:b2:00:91:b9:
                    a4:a6:a0:ab:cc:2e:3e:7f:3e:49:a0:77:0a:ed:45:
                    e1:74:bc:d5:e0:6b:0e:b5:08:83:6a:6a:fd:6f:35:
                    b9:41:52:a4:5f:d0:b3:60:4a:86:ea:10:3f:b0:a3:
                    ef:f8:c8:37:b3:bd:d7:d5:c1:93:9b:14:62:29:c2:
                    d0:d4:d0:b2:75:5e:2b:98:cb:52:28:ef:bc:ab:51:
                    ae:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:3E:4E:5D:74:6C:45:37:D6:85:8B:24:A6:08:F6:EE:B1:45:9D:46
            X509v3 Authority Key Identifier:
                keyid:6B:22:AD:4C:F6:47:A4:8B:63:1F:F8:4F:22:7E:A0:25:21:30:55:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayKtTPZHpItjH_hPIn6gJSEwVS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/gz5OXXRsRTfWhYskpgj27rFFnUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/ayKtTPZHpItjH_hPIn6gJSEwVS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.189.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:42:89:81:23:ff:12:78:f9:a1:d2:ca:e9:07:3f:4f:9d:81:
         67:80:d8:5a:06:d3:07:41:4b:29:72:6e:4e:3a:c7:7c:67:d7:
         15:f1:c9:2c:0c:38:2e:ac:56:6d:6c:51:95:e5:9b:07:59:d9:
         7e:54:e5:20:46:1a:01:6a:8a:b1:ac:9f:4f:54:eb:29:f5:02:
         4f:a6:53:8d:e8:49:23:81:ce:ac:1e:89:7b:ce:60:63:6c:7e:
         f5:20:66:2f:47:6e:13:fd:c2:d6:ca:91:5f:00:64:3c:80:c2:
         e6:29:92:50:e1:b7:30:68:41:96:76:af:82:b1:b0:9e:95:5b:
         6e:38:8b:4f:e6:1e:e3:a1:c1:6c:3a:f9:2d:ea:3b:cb:46:44:
         af:9c:e2:8e:28:83:09:22:6c:c2:62:bb:e4:3b:fc:5b:eb:cf:
         dd:81:24:3a:ef:92:49:2a:e2:49:6b:56:07:5a:7b:1f:15:08:
         ec:87:8e:62:b2:37:76:dc:fe:ac:95:9d:b5:bf:98:7b:11:86:
         13:17:f7:98:43:33:97:16:82:fb:46:17:13:39:b0:57:d4:7c:
         85:51:a9:35:b7:15:ce:60:f5:26:67:1d:50:9a:f9:23:b5:e6:
         40:22:77:3e:99:e5:83:30:62:57:89:c3:eb:13:30:69:a2:ae:
         83:f8:13:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMN1f9Ma9hyxu+9UMkV4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjJhZDRjZjY0N2E0OGI2MzFmZjg0ZjIyN2VhMDI1MjEz
MDU1MmQwHhcNMjMwMTAyMTExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzNlNGU1ZDc0NmM0NTM3ZDY4NThiMjRhNjA4ZjZlZWIxNDU5ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCPk9BsSL6d0pGf8aH2INX6ORy2L
0qLRZG8rZPowy9crhQAy0QuC6pZjlXCymqs49g2XAaQfZwy9pUj64GIy+ieIbu8O
qmNRaivYRmBbp7z1IESFQ/tgW3oKEn91DhxQ2SyzcoCcGzU2t6LXQTy//pAiImfu
xtyGQ/FFLpvFE5fOJHVczVYjwBsYnQlejOCqdpzBOhObWTA0NMboGZhhA3gZT155
p+daMTrcvRX4oLIAkbmkpqCrzC4+fz5JoHcK7UXhdLzV4GsOtQiDamr9bzW5QVKk
X9CzYEqG6hA/sKPv+Mg3s73X1cGTmxRiKcLQ1NCydV4rmMtSKO+8q1GuQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIM+Tl10bEU31oWLJKYI9u6xRZ1GMB8GA1UdIwQY
MBaAFGsirUz2R6SLYx/4TyJ+oCUhMFUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlLdFRQWkhwSXRqSF9oUEluNmdKU0V3VlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81OTUwMjQtOGJmZi00ZjE4LThjY2It
NjlhNDRmMDQ4ZGI4LzEvZ3o1T1hYUnNSVGZXaFlza3BnajI3ckZGblVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81OTUwMjQtOGJmZi00ZjE4LThjY2ItNjlhNDRmMDQ4ZGI4
LzEvYXlLdFRQWkhwSXRqSF9oUEluNmdKU0V3VlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk72hMA0G
CSqGSIb3DQEBCwUAA4IBAQBFQomBI/8SePmh0srpBz9PnYFngNhaBtMHQUspcm5O
Osd8Z9cV8cksDDgurFZtbFGV5ZsHWdl+VOUgRhoBaoqxrJ9PVOsp9QJPplON6Ekj
gc6sHol7zmBjbH71IGYvR24T/cLWypFfAGQ8gMLmKZJQ4bcwaEGWdq+CsbCelVtu
OItP5h7jocFsOvkt6jvLRkSvnOKOKIMJImzCYrvkO/xb68/dgSQ675JJKuJJa1YH
WnsfFQjsh45isjd23P6slZ21v5h7EYYTF/eYQzOXFoL7RhcTObBX1HyFUak1txXO
YPUmZx1QmvkjteZAInc+meWDMGJXicPrEzBpoq6D+BOH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:26 2024 by rpki-client on console-fra.rpki-client.org