Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/G6uQaFaOE5bKeW22E36uZ1-WYVw.roa
File:                     G6uQaFaOE5bKeW22E36uZ1-WYVw.roa (raw, json)
Hash identifier:          9H7dWcaeD0u/xvt/UpCrgfYmvAri03Kc6ny/VnqVDXI=
Subject key identifier:   1B:AB:90:68:56:8E:13:96:CA:79:6D:B6:13:7E:AE:67:5F:96:61:5C
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       01859FF3E452C90B8E53E05B19A59BCB37F3
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/G6uQaFaOE5bKeW22E36uZ1-WYVw.roa
Signing time:             Wed 11 Jan 2023 08:30:39 +0000
ROA not before:           Wed 11 Jan 2023 08:30:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.191.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Feb 2023 05:25:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9f:f3:e4:52:c9:0b:8e:53:e0:5b:19:a5:9b:cb:37:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jan 11 08:30:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1bab9068568e1396ca796db6137eae675f96615c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:96:85:39:6c:94:fd:c5:5c:1a:2d:0c:58:33:
                    f3:ea:67:32:58:25:83:02:cf:a7:84:83:55:ce:e0:
                    4a:ff:7d:ee:89:6b:fa:a5:c4:c4:08:2f:af:06:90:
                    47:87:09:c4:9f:29:61:57:b9:76:93:64:a3:e9:62:
                    0a:4c:93:1c:bb:0b:34:6e:dc:91:48:4e:e6:08:9c:
                    c9:94:81:9f:ef:a3:57:f5:29:9e:28:4d:2a:12:ec:
                    c1:d2:26:56:b5:88:b1:b8:af:15:7a:7a:0c:a7:81:
                    99:10:b7:24:65:e2:98:76:45:06:64:ca:18:46:89:
                    6e:65:dd:d6:dd:ce:be:80:60:28:fb:00:d0:4b:a7:
                    07:49:6a:44:99:8b:69:46:94:ad:b9:01:32:b1:3a:
                    a7:12:bb:8b:89:81:c6:98:4a:59:be:87:8d:32:e4:
                    1c:e2:91:68:5b:68:4b:6e:05:48:28:28:d3:57:bc:
                    87:16:18:68:6b:4f:0b:29:4f:1b:36:2e:4c:b4:7c:
                    25:5a:49:89:ca:0b:62:7a:bc:c1:1c:bb:bc:a3:e1:
                    0f:e8:02:9e:ec:b6:8b:72:dd:b4:a8:30:de:8f:0e:
                    f1:54:eb:51:25:32:da:a7:cb:2d:01:5b:a7:cc:2e:
                    be:34:5c:97:93:89:d0:52:86:2c:8f:17:ce:53:8a:
                    48:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:AB:90:68:56:8E:13:96:CA:79:6D:B6:13:7E:AE:67:5F:96:61:5C
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/G6uQaFaOE5bKeW22E36uZ1-WYVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:30:06:c5:53:03:60:dc:52:b1:4d:a1:1d:d5:87:bc:81:d3:
         6b:c9:96:95:3e:9c:fa:bc:93:9f:09:bb:89:2b:d5:01:93:3d:
         09:c3:6d:85:7e:db:3b:08:28:c6:2e:c2:d1:69:54:a0:fd:77:
         47:11:74:92:21:db:24:a5:83:95:82:a5:78:9e:0a:55:96:1b:
         bc:87:fa:9f:35:1e:e1:ed:54:b9:0c:fd:98:14:cb:58:99:e8:
         f1:c7:f0:1f:1f:3b:2f:4c:f4:5d:d0:8c:a1:1c:a0:46:21:97:
         ce:d2:0e:da:c3:34:36:5c:c9:27:e8:fe:e2:e9:1b:ee:25:31:
         d1:55:f2:5a:16:61:51:95:9d:c2:0c:a8:5a:07:cb:23:d9:84:
         5e:55:b2:0f:92:8c:9c:b5:35:42:0f:32:69:cf:c3:0b:51:10:
         fe:90:63:7f:f3:72:4f:7d:f2:77:6e:4e:e4:ce:44:a9:01:98:
         e8:e6:d5:98:2d:da:ee:a7:12:ff:7f:3b:32:c9:0a:17:ff:e2:
         03:ab:f5:94:f0:49:ac:b0:c8:48:7c:b8:43:53:50:c4:eb:fe:
         04:45:e5:34:d0:bc:dc:c3:d5:4d:75:f4:47:19:71:d2:13:6b:
         bd:3a:d7:c8:c3:3a:e7:1b:eb:27:f2:4b:fd:74:d6:eb:1d:7e:
         ab:3f:1a:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWf8+RSyQuOU+BbGaWbyzfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMTExMDgzMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmFiOTA2ODU2OGUxMzk2Y2E3OTZkYjYxMzdlYWU2NzVmOTY2MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZaFOWyU/cVcGi0MWDPz6mcyWCWD
As+nhINVzuBK/33uiWv6pcTECC+vBpBHhwnEnylhV7l2k2Sj6WIKTJMcuws0btyR
SE7mCJzJlIGf76NX9SmeKE0qEuzB0iZWtYixuK8VenoMp4GZELckZeKYdkUGZMoY
RoluZd3W3c6+gGAo+wDQS6cHSWpEmYtpRpStuQEysTqnEruLiYHGmEpZvoeNMuQc
4pFoW2hLbgVIKCjTV7yHFhhoa08LKU8bNi5MtHwlWkmJygtierzBHLu8o+EP6AKe
7LaLct20qDDejw7xVOtRJTLap8stAVunzC6+NFyXk4nQUoYsjxfOU4pIswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBurkGhWjhOWynltthN+rmdflmFcMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvRzZ1UWFGYU9FNWJLZVcyMkUzNnVaMS1XWVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9kMA0G
CSqGSIb3DQEBCwUAA4IBAQBGMAbFUwNg3FKxTaEd1Ye8gdNryZaVPpz6vJOfCbuJ
K9UBkz0Jw22Ffts7CCjGLsLRaVSg/XdHEXSSIdskpYOVgqV4ngpVlhu8h/qfNR7h
7VS5DP2YFMtYmejxx/AfHzsvTPRd0IyhHKBGIZfO0g7awzQ2XMkn6P7i6RvuJTHR
VfJaFmFRlZ3CDKhaB8sj2YReVbIPkoyctTVCDzJpz8MLURD+kGN/83JPffJ3bk7k
zkSpAZjo5tWYLdrupxL/fzsyyQoX/+IDq/WU8EmssMhIfLhDU1DE6/4EReU00Lzc
w9VNdfRHGXHSE2u9OtfIwzrnG+sn8kv9dNbrHX6rPxpS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org