Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/GaCzdeGX9idY9w_nX8JdVQRwE-w.roa
File:                     GaCzdeGX9idY9w_nX8JdVQRwE-w.roa (raw, json)
Hash identifier:          XqgBC1+drzY0hKlhmzy43mFE/vHMN7AtyUucXKecRVQ=
Subject key identifier:   19:A0:B3:75:E1:97:F6:27:58:F7:0F:E7:5F:C2:5D:55:04:70:13:EC
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018E0E39512B95AEA34D651AF57C79D3DE8A
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/GaCzdeGX9idY9w_nX8JdVQRwE-w.roa
Signing time:             Tue 05 Mar 2024 10:47:01 +0000
ROA not before:           Tue 05 Mar 2024 10:47:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        212.16.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 10 Mar 2024 12:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0e:39:51:2b:95:ae:a3:4d:65:1a:f5:7c:79:d3:de:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Mar  5 10:47:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19a0b375e197f62758f70fe75fc25d55047013ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:97:f2:fb:d9:b5:bc:de:39:bc:77:e9:12:ad:
                    2d:fc:20:b2:b5:73:3d:de:c4:54:b4:a7:3b:53:34:
                    7b:8f:89:16:cc:31:d0:98:94:c6:76:dd:56:0d:5b:
                    87:c2:de:a3:18:72:b0:02:13:21:c1:b1:37:d4:4b:
                    51:da:c6:c1:cc:d5:29:9f:f0:4d:46:20:fd:e0:5d:
                    42:9d:12:4c:0d:d3:e5:4e:0c:e5:81:a0:67:e0:32:
                    c4:cd:e3:6f:5d:94:81:b3:d5:8d:2c:df:5f:8f:bb:
                    d7:5b:84:b0:41:79:0c:29:e3:97:e2:a5:5d:7c:25:
                    04:5c:e5:80:dc:f5:74:5f:9b:c5:fd:22:89:e9:1c:
                    01:89:44:80:2a:f7:6e:90:25:74:91:2b:ec:d8:ec:
                    cb:5f:24:14:d8:32:73:40:4e:c5:06:d1:b7:17:ec:
                    3e:43:e4:c0:ec:4a:fa:49:a7:2b:12:2b:1a:05:ba:
                    8c:25:4c:14:d0:7d:0b:63:48:e8:4b:c9:e7:c0:83:
                    3b:b0:69:41:7a:ce:17:f8:ed:71:c6:40:05:79:8f:
                    d9:62:7a:15:68:fe:b6:7f:63:d3:11:5a:9a:ea:a2:
                    77:a1:7a:65:fc:c6:44:5d:a8:98:fa:c8:9e:5e:8f:
                    90:6d:a1:90:df:b8:f4:69:b1:e0:04:f1:74:d7:0e:
                    c9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A0:B3:75:E1:97:F6:27:58:F7:0F:E7:5F:C2:5D:55:04:70:13:EC
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/GaCzdeGX9idY9w_nX8JdVQRwE-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.16.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:ef:10:2f:f4:7e:52:4b:9a:a7:f9:33:0d:59:3b:aa:14:5e:
         5a:db:61:7a:d0:1d:f4:a8:b5:8d:0a:7b:28:44:da:07:c4:b4:
         c8:a6:68:b9:d3:31:33:a7:66:99:d0:13:73:64:f2:5f:05:2b:
         fc:c0:04:f2:8d:03:82:f8:02:c0:33:fd:6e:06:17:e6:c6:59:
         e4:bf:9d:7e:fa:a1:e4:14:e8:4e:12:47:e5:4f:24:3e:41:b9:
         34:43:15:13:39:3a:b0:a0:e7:c5:7c:22:49:96:51:59:b8:0f:
         9c:8e:b6:a2:c3:d4:79:bb:c7:36:61:ac:56:d2:e1:b9:2a:c6:
         6a:2f:a6:49:5b:30:53:4f:33:c4:69:6b:90:a9:93:74:a8:0a:
         f5:bc:81:3e:15:72:3e:74:dd:d6:08:75:b4:d7:8b:d7:21:d1:
         4e:ce:5b:18:3a:4a:d1:8b:fe:a1:13:7a:35:70:af:64:3e:45:
         dd:5e:a0:b6:7a:68:9d:96:b8:9a:b8:3e:7b:f6:12:62:f7:2e:
         9d:e0:de:75:7b:f8:c8:cd:3c:42:e4:8e:7a:ed:fe:28:0b:60:
         f5:76:aa:1d:b4:55:7b:16:62:c1:10:5b:91:2c:cd:4b:2c:cc:
         55:86:41:38:73:d7:14:c3:b7:fc:de:b0:88:9e:35:a9:0d:47:
         05:75:fc:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4OOVErla6jTWUa9Xx5096KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMzA1MTA0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWEwYjM3NWUxOTdmNjI3NThmNzBmZTc1ZmMyNWQ1NTA0NzAxM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJfy+9m1vN45vHfpEq0t/CCytXM9
3sRUtKc7UzR7j4kWzDHQmJTGdt1WDVuHwt6jGHKwAhMhwbE31EtR2sbBzNUpn/BN
RiD94F1CnRJMDdPlTgzlgaBn4DLEzeNvXZSBs9WNLN9fj7vXW4SwQXkMKeOX4qVd
fCUEXOWA3PV0X5vF/SKJ6RwBiUSAKvdukCV0kSvs2OzLXyQU2DJzQE7FBtG3F+w+
Q+TA7Er6SacrEisaBbqMJUwU0H0LY0joS8nnwIM7sGlBes4X+O1xxkAFeY/ZYnoV
aP62f2PTEVqa6qJ3oXpl/MZEXaiY+sieXo+QbaGQ37j0abHgBPF01w7JPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmgs3Xhl/YnWPcP51/CXVUEcBPsMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvR2FDemRlR1g5aWRZOXdfblg4SmRWUVJ3RS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BBPMA0G
CSqGSIb3DQEBCwUAA4IBAQAb7xAv9H5SS5qn+TMNWTuqFF5a22F60B30qLWNCnso
RNoHxLTIpmi50zEzp2aZ0BNzZPJfBSv8wATyjQOC+ALAM/1uBhfmxlnkv51++qHk
FOhOEkflTyQ+Qbk0QxUTOTqwoOfFfCJJllFZuA+cjraiw9R5u8c2YaxW0uG5KsZq
L6ZJWzBTTzPEaWuQqZN0qAr1vIE+FXI+dN3WCHW014vXIdFOzlsYOkrRi/6hE3o1
cK9kPkXdXqC2emidlriauD579hJi9y6d4N51e/jIzTxC5I567f4oC2D1dqodtFV7
FmLBEFuRLM1LLMxVhkE4c9cUw7f83rCInjWpDUcFdfzx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org