Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CGC_NxsCr8WUIbe6EhWl7J7F89c.roa
File:                     CGC_NxsCr8WUIbe6EhWl7J7F89c.roa (raw, json)
Hash identifier:          PMhUBdIAzxmBlZU2PVTHlmVNV0NgFWMS9qyOuhghXGc=
Subject key identifier:   08:60:BF:37:1B:02:AF:C5:94:21:B7:BA:12:15:A5:EC:9E:C5:F3:D7
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01898915B08F13E2A74F5FFB17C2C74E4EDA
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CGC_NxsCr8WUIbe6EhWl7J7F89c.roa
Signing time:             Mon 24 Jul 2023 18:07:27 +0000
ROA not before:           Mon 24 Jul 2023 18:07:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208121
IP address blocks:        139.28.86.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:89:15:b0:8f:13:e2:a7:4f:5f:fb:17:c2:c7:4e:4e:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jul 24 18:07:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0860bf371b02afc59421b7ba1215a5ec9ec5f3d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:3b:84:62:0b:4e:58:8a:39:37:70:60:90:68:
                    4c:2d:c0:b2:b1:da:da:20:e1:75:28:4e:a2:2c:b4:
                    be:9d:c4:95:fb:45:02:e0:81:3a:02:3a:04:e2:ad:
                    f0:85:24:fe:6a:f2:9f:6d:18:04:cf:fd:0b:d7:05:
                    a2:17:d9:fc:df:f3:fa:a1:b8:56:64:64:76:f4:93:
                    e2:15:f9:c9:d4:a7:d9:50:7d:a6:53:dd:b4:f1:fc:
                    d0:ce:e7:22:08:94:9e:c6:54:b0:8b:29:04:8b:7d:
                    9c:58:6c:6e:8f:f1:47:52:80:5b:69:f9:13:c7:7e:
                    aa:6d:e1:13:6f:2c:f5:d8:79:42:df:2f:d3:a9:5c:
                    4d:d9:35:c2:0e:ec:ef:19:21:fb:ec:fb:4f:1a:fe:
                    f7:e3:19:28:40:a4:ff:66:d9:ab:eb:6c:b0:48:db:
                    99:4e:07:59:02:15:91:1c:db:26:02:d6:44:6f:45:
                    78:85:1c:57:75:b9:9a:5a:d8:da:8b:cd:1e:f4:b7:
                    e8:d9:0b:f5:3f:96:31:d7:91:79:45:64:6b:b9:54:
                    3d:cd:b9:6c:dc:23:12:19:43:a8:c5:b3:2d:5c:64:
                    3c:39:90:d9:9a:3d:27:d1:5b:4c:57:ab:75:a3:56:
                    9e:1c:ea:21:ec:d1:df:16:b1:28:b8:ab:32:7c:84:
                    09:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:60:BF:37:1B:02:AF:C5:94:21:B7:BA:12:15:A5:EC:9E:C5:F3:D7
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CGC_NxsCr8WUIbe6EhWl7J7F89c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0f:03:cf:2e:5b:60:f8:51:5b:56:f9:80:aa:0d:69:b1:c4:c0:
         05:4a:58:1d:62:07:77:23:09:c1:7f:31:f3:6c:b8:18:9f:de:
         1e:bf:49:0c:63:fa:57:51:a4:e0:67:ae:66:55:c1:68:93:b6:
         e5:ec:30:5e:22:46:9f:ec:2d:b3:1f:d5:91:16:ff:51:19:10:
         28:2f:f7:11:15:83:e2:f5:d9:cc:53:a7:60:28:b0:a5:e2:29:
         e2:6b:fb:d1:48:ce:a0:b7:d1:50:2b:33:be:c3:70:93:f2:7a:
         52:dd:d3:81:01:c0:2d:79:96:fe:99:da:e6:98:ea:65:1e:11:
         b3:4a:4a:42:08:f7:31:54:23:63:cb:72:33:0c:be:87:19:34:
         05:2f:fa:21:f0:1d:33:65:22:50:78:2b:ae:4a:8a:98:7f:54:
         d6:eb:b3:f6:f7:7c:ef:9d:51:4a:99:e6:b2:68:55:b0:99:2c:
         03:1a:44:48:78:84:81:b4:9f:61:8a:71:57:85:71:67:e1:90:
         c8:7e:66:18:6f:7b:e8:90:5e:f7:d1:8c:dd:cf:c8:64:83:dc:
         52:97:ff:14:71:8a:d5:cd:8d:29:b0:09:7a:db:ea:3b:35:92:
         21:9d:7d:9b:9b:8e:31:82:4c:3d:14:06:e4:5e:17:4f:ed:4b:
         96:0f:42:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmJFbCPE+KnT1/7F8LHTk7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNzI0MTgwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYwYmYzNzFiMDJhZmM1OTQyMWI3YmExMjE1YTVlYzllYzVmM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DuEYgtOWIo5N3BgkGhMLcCysdra
IOF1KE6iLLS+ncSV+0UC4IE6AjoE4q3whST+avKfbRgEz/0L1wWiF9n83/P6obhW
ZGR29JPiFfnJ1KfZUH2mU9208fzQzuciCJSexlSwiykEi32cWGxuj/FHUoBbafkT
x36qbeETbyz12HlC3y/TqVxN2TXCDuzvGSH77PtPGv734xkoQKT/Ztmr62ywSNuZ
TgdZAhWRHNsmAtZEb0V4hRxXdbmaWtjai80e9Lfo2Qv1P5Yx15F5RWRruVQ9zbls
3CMSGUOoxbMtXGQ8OZDZmj0n0VtMV6t1o1aeHOoh7NHfFrEouKsyfIQJqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhgvzcbAq/FlCG3uhIVpeyexfPXMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQ0dDX054c0NyOFdVSWJlNkVoV2w3SjdGODljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBixxWMA0G
CSqGSIb3DQEBCwUAA4IBAQAPA88uW2D4UVtW+YCqDWmxxMAFSlgdYgd3IwnBfzHz
bLgYn94ev0kMY/pXUaTgZ65mVcFok7bl7DBeIkaf7C2zH9WRFv9RGRAoL/cRFYPi
9dnMU6dgKLCl4inia/vRSM6gt9FQKzO+w3CT8npS3dOBAcAteZb+mdrmmOplHhGz
SkpCCPcxVCNjy3IzDL6HGTQFL/oh8B0zZSJQeCuuSoqYf1TW67P293zvnVFKmeay
aFWwmSwDGkRIeISBtJ9hinFXhXFn4ZDIfmYYb3vokF730Yzdz8hkg9xSl/8UcYrV
zY0psAl62+o7NZIhnX2bm44xgkw9FAbkXhdP7UuWD0Kh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org