Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/dvGPNkBWfy1UGCR5U5f8WhXjteU.roa
File:                     dvGPNkBWfy1UGCR5U5f8WhXjteU.roa (raw, json)
Hash identifier:          ZESNlRKXy9tAgbiNo/l7ec3wWWlpiki3auI4HZODYnU=
Subject key identifier:   76:F1:8F:36:40:56:7F:2D:54:18:24:79:53:97:FC:5A:15:E3:B5:E5
Certificate issuer:       /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial:       0187E0C338B61CBF5B24F0E597E8121D66CC
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/dvGPNkBWfy1UGCR5U5f8WhXjteU.roa
Signing time:             Wed 03 May 2023 08:38:23 +0000
ROA not before:           Wed 03 May 2023 08:38:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205630
IP address blocks:        2a07:22c0:8004::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e0:c3:38:b6:1c:bf:5b:24:f0:e5:97:e8:12:1d:66:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
        Validity
            Not Before: May  3 08:38:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76f18f3640567f2d541824795397fc5a15e3b5e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:1b:0a:e3:c5:85:ae:da:42:3b:e3:60:ad:5a:
                    fc:57:5c:85:0d:1c:50:c3:66:db:03:1b:b4:36:70:
                    17:2d:d3:5b:25:11:03:e5:a4:f9:8d:5b:e0:19:4e:
                    42:83:74:85:84:5f:84:65:2d:46:5a:8e:8c:f0:c2:
                    7a:a6:db:53:10:45:04:41:c2:b3:b9:04:75:08:ec:
                    0d:1a:7f:d2:bf:8b:25:83:e1:25:b9:97:34:bb:e3:
                    78:ec:60:f1:02:d9:1a:ae:60:e2:a5:3d:9c:e0:92:
                    13:4d:1f:d9:64:44:d1:99:ff:a7:f6:9a:00:6d:2f:
                    a4:2f:46:89:23:4b:37:31:61:78:34:d6:d4:ff:91:
                    19:e9:63:0b:3f:88:3d:28:89:59:82:7e:0f:09:68:
                    75:a4:e4:08:7a:74:26:11:08:12:a9:a4:66:a2:f6:
                    22:ca:ea:04:17:20:b5:f1:69:89:6d:06:de:bc:a1:
                    e2:b5:7d:6b:47:5e:01:88:9f:73:d7:76:88:18:28:
                    3a:74:cd:7c:d9:f3:25:8d:0c:bb:10:1f:54:c2:0f:
                    39:d1:9d:6c:6f:b3:e5:98:71:3c:4c:3d:15:92:0f:
                    56:01:ec:60:ca:43:d2:b3:1d:a4:de:ae:a3:d8:e3:
                    74:69:8a:07:7a:17:d2:95:7c:b7:9c:e5:74:83:db:
                    7c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F1:8F:36:40:56:7F:2D:54:18:24:79:53:97:FC:5A:15:E3:B5:E5
            X509v3 Authority Key Identifier:
                keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/dvGPNkBWfy1UGCR5U5f8WhXjteU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:22c0:8004::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:83:bc:1e:42:fe:57:61:81:71:38:0a:04:7d:0f:64:69:66:
         05:d5:a5:c6:cf:99:de:0a:a2:9b:22:3e:48:21:ec:de:af:d2:
         72:45:23:97:6e:e0:b4:7e:01:88:dc:e5:c5:96:9c:26:20:f4:
         65:87:93:74:2f:49:f4:3e:cb:20:9f:f2:a1:e6:d4:2d:f3:c5:
         fa:72:b8:2e:17:45:e5:c6:dc:1c:16:18:3b:a8:ac:d3:07:db:
         c1:a4:80:d3:ef:9f:83:d5:ac:53:27:f5:ba:1e:d7:03:7e:a2:
         76:79:1b:42:a8:d3:0c:ee:01:af:0d:39:a0:61:e9:6e:80:06:
         bd:22:db:23:05:f2:3d:46:18:f9:fe:ab:7a:77:90:4c:94:88:
         f1:aa:3f:bd:84:13:dc:e3:62:91:7a:39:73:d9:d9:57:e0:0b:
         bc:e7:25:7f:26:c9:62:4d:dc:e6:a5:3b:53:e6:46:83:d1:20:
         15:43:5e:02:a8:41:ad:2f:ed:19:23:ee:e2:90:c9:b1:41:27:
         ce:cf:3a:00:cf:1d:dc:aa:34:30:35:5f:ac:d6:08:72:5a:ce:
         10:c7:b6:b6:21:5f:07:a0:b6:13:c8:e2:25:57:d4:f0:69:f9:
         08:0d:95:d0:09:72:28:f9:06:0c:7c:83:db:71:50:e3:01:c3:
         08:84:96:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfgwzi2HL9bJPDll+gSHWbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYWI2YzExZDQxMTYyZGIwMzA2ODU4ZjgzZTVlNjUxMjEx
MzJhNmIwHhcNMjMwNTAzMDgzODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmYxOGYzNjQwNTY3ZjJkNTQxODI0Nzk1Mzk3ZmM1YTE1ZTNiNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hsK48WFrtpCO+NgrVr8V1yFDRxQ
w2bbAxu0NnAXLdNbJRED5aT5jVvgGU5Cg3SFhF+EZS1GWo6M8MJ6pttTEEUEQcKz
uQR1COwNGn/Sv4slg+EluZc0u+N47GDxAtkarmDipT2c4JITTR/ZZETRmf+n9poA
bS+kL0aJI0s3MWF4NNbU/5EZ6WMLP4g9KIlZgn4PCWh1pOQIenQmEQgSqaRmovYi
yuoEFyC18WmJbQbevKHitX1rR14BiJ9z13aIGCg6dM182fMljQy7EB9Uwg850Z1s
b7PlmHE8TD0Vkg9WAexgykPSsx2k3q6j2ON0aYoHehfSlXy3nOV0g9t8jQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHbxjzZAVn8tVBgkeVOX/FoV47XlMB8GA1UdIwQY
MBaAFHurbBHUEWLbAwaFj4Pl5lEhEyprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAt
OWY1YmY3MzY3MjBlLzEvZHZHUE5rQldmeTFVR0NSNVU1ZjhXaFhqdGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAtOWY1YmY3MzY3MjBl
LzEvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgciwIAE
MA0GCSqGSIb3DQEBCwUAA4IBAQA5g7weQv5XYYFxOAoEfQ9kaWYF1aXGz5neCqKb
Ij5IIezer9JyRSOXbuC0fgGI3OXFlpwmIPRlh5N0L0n0Pssgn/Kh5tQt88X6crgu
F0XlxtwcFhg7qKzTB9vBpIDT75+D1axTJ/W6HtcDfqJ2eRtCqNMM7gGvDTmgYelu
gAa9ItsjBfI9Rhj5/qt6d5BMlIjxqj+9hBPc42KRejlz2dlX4Au85yV/JsliTdzm
pTtT5kaD0SAVQ14CqEGtL+0ZI+7ikMmxQSfOzzoAzx3cqjQwNV+s1ghyWs4Qx7a2
IV8HoLYTyOIlV9TwafkIDZXQCXIo+QYMfIPbcVDjAcMIhJZx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:35 2024 by rpki-client on console-ams.rpki-client.org