Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/gtUY5YcSpAiymJ1Ril1_bdZueYs.roa
File:                     gtUY5YcSpAiymJ1Ril1_bdZueYs.roa (raw, json)
Hash identifier:          zaAwTr68cP5SULgcVsuUxWnd7wlqMoSzvbHpPZ5/AO4=
Subject key identifier:   82:D5:18:E5:87:12:A4:08:B2:98:9D:51:8A:5D:7F:6D:D6:6E:79:8B
Certificate issuer:       /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial:       018733C2260C61DC1AF48F9C9E72E8C780AD
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/gtUY5YcSpAiymJ1Ril1_bdZueYs.roa
Signing time:             Thu 30 Mar 2023 18:22:54 +0000
ROA not before:           Thu 30 Mar 2023 18:22:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41683
IP address blocks:        213.238.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:33:c2:26:0c:61:dc:1a:f4:8f:9c:9e:72:e8:c7:80:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
        Validity
            Not Before: Mar 30 18:22:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82d518e58712a408b2989d518a5d7f6dd66e798b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:38:cd:25:d7:a7:d2:6d:d2:2e:be:f5:02:9e:
                    4e:b8:85:a8:8e:5e:c4:61:61:3a:f8:2c:eb:b7:44:
                    4d:af:03:35:03:44:79:5a:ea:fc:8e:f6:39:d8:7e:
                    bb:d5:b4:58:64:e6:3f:86:dc:fd:14:7a:a1:ba:bb:
                    aa:3f:b2:c0:34:ce:f0:04:00:ec:66:d9:f1:19:53:
                    2a:42:93:b1:5b:66:02:d0:9a:53:b5:ed:29:e3:3b:
                    87:9c:51:c2:21:69:db:bd:22:73:98:3f:ad:1b:d1:
                    7d:fc:b1:ff:fa:15:7f:b9:c7:a4:cc:8b:46:41:eb:
                    b7:98:9d:04:78:ae:f0:88:95:db:63:45:ec:c3:70:
                    b3:05:2a:1a:60:31:30:e0:a1:d1:2c:f4:44:3b:80:
                    29:d7:a8:3a:2b:8f:9d:93:29:24:3f:57:cc:49:9a:
                    72:9b:87:64:42:cf:3f:ab:3a:64:60:e7:f9:5b:ca:
                    c4:de:c6:82:c3:58:f3:09:78:dd:da:28:e5:0d:6c:
                    83:09:4b:d4:3a:e0:7c:e9:15:83:bd:ee:ff:b1:d7:
                    6f:6d:b1:cf:d9:55:5c:41:48:89:b4:ed:27:cd:3a:
                    3b:e1:28:df:66:74:a4:d8:22:fb:2e:2f:54:b0:38:
                    f0:54:fe:d3:74:4a:aa:85:a8:31:8f:23:05:e5:97:
                    c8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:D5:18:E5:87:12:A4:08:B2:98:9D:51:8A:5D:7F:6D:D6:6E:79:8B
            X509v3 Authority Key Identifier:
                keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/gtUY5YcSpAiymJ1Ril1_bdZueYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.238.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:b1:37:12:6c:81:b5:f9:c9:f3:39:ff:03:be:8e:d0:b9:66:
         a3:6c:d1:86:4d:83:1b:15:af:b2:0d:58:cd:e4:54:f6:15:f5:
         31:ba:dc:5d:85:74:8a:cb:f9:66:a3:f9:e6:85:0e:94:7c:70:
         95:13:d9:39:18:1f:9c:4c:a6:32:2d:ab:61:08:3d:be:e9:80:
         85:49:8f:43:89:1c:b7:5f:f1:63:d4:7f:c0:83:1c:27:6b:4c:
         aa:33:58:9c:80:17:c6:9e:bf:7c:91:c5:2f:f8:18:54:50:bc:
         3b:02:8e:3c:c1:62:c5:0e:f5:54:23:aa:fd:24:37:36:a1:ee:
         7d:b4:f3:fa:1f:48:44:8a:d7:d3:d4:71:8e:70:bc:c4:95:fb:
         fd:a5:21:53:f7:d0:95:34:78:17:7e:82:d0:0c:2a:0b:e9:99:
         77:31:06:7c:20:31:52:39:9b:90:27:b8:65:77:3c:ca:ce:b6:
         76:7a:20:80:3e:28:43:1a:e2:03:ef:9d:a5:5a:1b:6b:10:21:
         eb:29:36:28:69:23:93:c4:4b:c4:24:26:c8:47:23:19:fd:ea:
         9e:93:a4:70:ec:3d:5b:f1:63:52:05:14:3b:7c:34:2b:43:d4:
         78:ec:8a:05:29:9c:de:a8:31:04:dc:5f:e6:5b:e2:2f:04:e1:
         aa:6f:10:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYczwiYMYdwa9I+cnnLox4CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwMzMwMTgyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQ1MThlNTg3MTJhNDA4YjI5ODlkNTE4YTVkN2Y2ZGQ2NmU3OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zjNJden0m3SLr71Ap5OuIWojl7E
YWE6+Czrt0RNrwM1A0R5Wur8jvY52H671bRYZOY/htz9FHqhuruqP7LANM7wBADs
ZtnxGVMqQpOxW2YC0JpTte0p4zuHnFHCIWnbvSJzmD+tG9F9/LH/+hV/ucekzItG
Qeu3mJ0EeK7wiJXbY0Xsw3CzBSoaYDEw4KHRLPREO4Ap16g6K4+dkykkP1fMSZpy
m4dkQs8/qzpkYOf5W8rE3saCw1jzCXjd2ijlDWyDCUvUOuB86RWDve7/sddvbbHP
2VVcQUiJtO0nzTo74SjfZnSk2CL7Li9UsDjwVP7TdEqqhagxjyMF5ZfIawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILVGOWHEqQIspidUYpdf23WbnmLMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvZ3RVWTVZY1NwQWl5bUoxUmlsMV9iZFp1ZVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1e6wMA0G
CSqGSIb3DQEBCwUAA4IBAQC9sTcSbIG1+cnzOf8Dvo7QuWajbNGGTYMbFa+yDVjN
5FT2FfUxutxdhXSKy/lmo/nmhQ6UfHCVE9k5GB+cTKYyLathCD2+6YCFSY9DiRy3
X/Fj1H/Agxwna0yqM1icgBfGnr98kcUv+BhUULw7Ao48wWLFDvVUI6r9JDc2oe59
tPP6H0hEitfT1HGOcLzElfv9pSFT99CVNHgXfoLQDCoL6Zl3MQZ8IDFSOZuQJ7hl
dzzKzrZ2eiCAPihDGuID752lWhtrECHrKTYoaSOTxEvEJCbIRyMZ/eqek6Rw7D1b
8WNSBRQ7fDQrQ9R47IoFKZzeqDEE3F/mW+IvBOGqbxBc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org