Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/gvhLnKfxGPSN2dZK8A12esbFYBA.roa
File:                     gvhLnKfxGPSN2dZK8A12esbFYBA.roa (raw, json)
Hash identifier:          jAAxSqZ2KuFTvss3SgefT8j6BMwf/ylIkQZvCPyYrwA=
Subject key identifier:   82:F8:4B:9C:A7:F1:18:F4:8D:D9:D6:4A:F0:0D:76:7A:C6:C5:60:10
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       0186A7EE0A6D22838CBE33889AC6280E5FBE
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/gvhLnKfxGPSN2dZK8A12esbFYBA.roa
Signing time:             Fri 03 Mar 2023 14:44:00 +0000
ROA not before:           Fri 03 Mar 2023 14:44:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48743
IP address blocks:        2a12:8fc6:500::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a7:ee:0a:6d:22:83:8c:be:33:88:9a:c6:28:0e:5f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Mar  3 14:44:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82f84b9ca7f118f48dd9d64af00d767ac6c56010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:83:b5:35:4b:26:d1:29:8b:cd:f1:f9:9c:a3:
                    cb:76:ad:75:e9:43:e6:ab:c6:2c:85:55:9c:5a:90:
                    57:25:7d:c3:7c:03:2b:dd:a6:1e:43:95:5e:b2:1b:
                    7b:aa:34:53:b6:54:97:80:7e:5b:6f:ba:44:78:36:
                    b5:e9:bb:8c:b3:b3:b8:a3:82:8d:08:66:17:28:8b:
                    97:21:f1:70:be:6e:e8:cf:48:70:d6:22:81:d1:c4:
                    a3:5a:03:ad:9c:f1:65:1e:72:89:a6:8d:c7:7b:26:
                    42:64:02:ed:d9:cf:74:0f:e8:ed:cc:c4:c8:2e:45:
                    89:83:d8:13:b3:71:e6:51:d0:2d:36:99:8d:0a:10:
                    a4:3e:8c:6b:de:86:c2:07:04:69:4f:8c:ed:c8:6b:
                    a3:2c:9e:98:b1:a8:44:23:92:09:11:24:25:1a:59:
                    65:a9:1f:23:c5:07:d4:5e:02:08:c4:89:6e:c2:6a:
                    76:64:5a:ac:13:a3:47:05:ab:ea:c2:aa:65:cc:18:
                    1e:6f:8c:fb:67:b5:4f:8f:29:02:23:9d:79:93:be:
                    d2:ec:88:05:bd:7c:e1:bb:d2:dc:55:46:1e:36:9f:
                    15:c9:d8:52:79:bb:58:83:96:e3:e0:7d:eb:9b:d9:
                    80:02:76:6c:93:71:73:32:b5:1b:aa:61:f4:8e:e0:
                    17:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F8:4B:9C:A7:F1:18:F4:8D:D9:D6:4A:F0:0D:76:7A:C6:C5:60:10
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/gvhLnKfxGPSN2dZK8A12esbFYBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6:500::/48

    Signature Algorithm: sha256WithRSAEncryption
         b0:9d:be:6a:c5:b5:6a:89:53:7a:b8:7b:16:d2:7f:10:8b:a7:
         5e:ce:a1:f6:35:10:f5:b1:ad:6b:0f:aa:7d:ff:ae:50:f3:52:
         06:d5:28:e8:ac:f2:f8:c7:a5:a5:21:85:ab:e0:e3:c1:aa:82:
         b7:c6:ea:12:5a:fd:72:a8:bf:7c:62:11:55:c0:84:8a:b2:65:
         56:8b:1d:8a:42:a4:d6:c8:1b:69:65:01:8d:66:a3:eb:42:65:
         24:6e:04:53:6c:6e:66:de:c5:d1:3b:78:5e:74:4e:c3:04:4f:
         65:20:f6:04:32:f3:8d:38:99:b2:11:76:d3:3c:03:a1:9f:27:
         7a:d9:cc:44:62:cd:eb:1a:53:48:53:73:ff:af:93:5a:2f:7e:
         57:c0:2c:5e:77:30:7f:d9:3b:67:f9:ec:87:86:f3:75:fb:fb:
         54:92:a2:3a:b2:61:56:11:da:c5:7a:1a:73:1b:c9:70:8a:31:
         c7:f2:8e:38:c6:e7:d6:29:ab:d6:1f:6b:c1:ec:8c:80:61:34:
         b4:89:de:17:e6:05:48:db:34:6a:87:5d:09:43:2b:66:21:90:
         2c:71:a2:e7:45:16:4a:79:91:38:1f:e3:e9:79:14:3d:fa:ae:
         7a:ca:df:28:36:49:e1:bd:f5:4e:8f:ce:7a:ab:dd:df:ed:d8:
         7f:34:eb:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYan7gptIoOMvjOImsYoDl++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMzAzMTQ0NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmY4NGI5Y2E3ZjExOGY0OGRkOWQ2NGFmMDBkNzY3YWM2YzU2MDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4O1NUsm0SmLzfH5nKPLdq116UPm
q8YshVWcWpBXJX3DfAMr3aYeQ5Vesht7qjRTtlSXgH5bb7pEeDa16buMs7O4o4KN
CGYXKIuXIfFwvm7oz0hw1iKB0cSjWgOtnPFlHnKJpo3HeyZCZALt2c90D+jtzMTI
LkWJg9gTs3HmUdAtNpmNChCkPoxr3obCBwRpT4ztyGujLJ6YsahEI5IJESQlGlll
qR8jxQfUXgIIxIluwmp2ZFqsE6NHBavqwqplzBgeb4z7Z7VPjykCI515k77S7IgF
vXzhu9LcVUYeNp8VydhSebtYg5bj4H3rm9mAAnZsk3FzMrUbqmH0juAXvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIL4S5yn8Rj0jdnWSvANdnrGxWAQMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvZ3ZoTG5LZnhHUFNOMmRaSzhBMTJlc2JGWUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxgUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwnb5qxbVqiVN6uHsW0n8Qi6dezqH2NRD1sa1r
D6p9/65Q81IG1SjorPL4x6WlIYWr4OPBqoK3xuoSWv1yqL98YhFVwISKsmVWix2K
QqTWyBtpZQGNZqPrQmUkbgRTbG5m3sXRO3hedE7DBE9lIPYEMvONOJmyEXbTPAOh
nyd62cxEYs3rGlNIU3P/r5NaL35XwCxedzB/2Ttn+eyHhvN1+/tUkqI6smFWEdrF
ehpzG8lwijHH8o44xufWKavWH2vB7IyAYTS0id4X5gVI2zRqh10JQytmIZAscaLn
RRZKeZE4H+PpeRQ9+q56yt8oNknhvfVOj856q93f7dh/NOtX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org