Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/gInJcvgluSOeZ5nlfbOPe9P4rxQ.roa
File:                     gInJcvgluSOeZ5nlfbOPe9P4rxQ.roa (raw, json)
Hash identifier:          C4e562UVo0wmJ8eK71EsaI5spbrCKysNlOoCD0Q+89s=
Subject key identifier:   80:89:C9:72:F8:25:B9:23:9E:67:99:E5:7D:B3:8F:7B:D3:F8:AF:14
Certificate issuer:       /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial:       018A2DCA2ECAAE9BCC5E9259E79C21BD320E
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/gInJcvgluSOeZ5nlfbOPe9P4rxQ.roa
Signing time:             Fri 25 Aug 2023 17:42:19 +0000
ROA not before:           Fri 25 Aug 2023 17:42:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213023
IP address blocks:        2a0b:f380:a:1::/64 maxlen: 64

Validation:               Failed, certificate revoked on Fri 25 Aug 2023 22:34:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:2d:ca:2e:ca:ae:9b:cc:5e:92:59:e7:9c:21:bd:32:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
        Validity
            Not Before: Aug 25 17:42:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8089c972f825b9239e6799e57db38f7bd3f8af14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:41:09:6b:d4:87:b2:9e:e7:fd:a9:cd:df:08:
                    7c:24:45:fb:3b:0b:d8:bf:f4:ed:9e:1f:f1:59:01:
                    f7:af:8c:fb:c9:bf:93:99:d9:4e:66:c3:2e:87:44:
                    33:ed:a7:8f:24:b8:03:97:90:36:63:99:7a:f6:8a:
                    b8:17:82:53:30:eb:57:64:cd:c5:9b:f2:5a:ea:b5:
                    b3:ee:9c:eb:2a:67:a6:58:09:a3:91:3d:aa:5e:58:
                    7c:0f:14:ed:bb:ee:5e:40:bb:6f:ed:5f:14:ed:77:
                    bb:d8:83:1d:e3:e8:25:f1:19:0a:cf:c4:39:5e:e7:
                    10:73:ca:67:76:3c:34:3c:55:f0:7e:d6:28:9c:19:
                    16:9e:21:04:54:65:44:5a:2c:9e:9a:24:88:b8:fe:
                    e3:95:c3:9a:e1:3c:aa:6a:67:60:13:d3:10:c0:bf:
                    bb:a7:93:04:9e:b2:4a:f0:3e:cc:14:7f:25:53:e8:
                    06:57:02:1e:6d:1d:6e:6b:99:13:1f:2d:f3:0c:00:
                    a7:8f:42:a1:fd:8d:02:ed:56:86:21:a8:86:4b:49:
                    74:bc:3c:d9:75:ae:c6:1a:fe:23:9c:40:b9:96:80:
                    20:82:ae:bd:08:e7:c0:67:16:a2:49:f5:3a:e9:fb:
                    0e:31:33:b5:40:df:b5:17:23:55:45:03:c2:da:e3:
                    ca:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:89:C9:72:F8:25:B9:23:9E:67:99:E5:7D:B3:8F:7B:D3:F8:AF:14
            X509v3 Authority Key Identifier:
                keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/gInJcvgluSOeZ5nlfbOPe9P4rxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:f380:a:1::/64

    Signature Algorithm: sha256WithRSAEncryption
         c3:7a:f0:f9:f1:02:b8:3b:5f:72:22:6c:9d:aa:1f:66:0b:72:
         05:6e:35:6a:a8:58:c6:4e:9f:f2:69:4a:7f:3f:25:15:43:48:
         67:59:05:58:8d:de:ba:05:d4:93:26:6f:e2:6b:7f:6d:bc:93:
         d1:d1:68:33:ae:e0:43:3b:c1:80:24:42:73:34:54:7e:5d:8d:
         ca:99:fe:9b:8b:fe:3b:c6:4a:e2:7b:bb:b8:ce:69:57:4c:e0:
         e3:b8:24:f7:6f:23:79:0e:6b:34:16:3e:fc:9c:52:7c:31:46:
         13:4b:e9:2e:5a:0f:c4:73:ae:a2:d7:4e:d8:c9:17:2b:e9:f1:
         f6:8b:c8:07:21:d4:5a:68:f4:2f:0f:ce:0a:c7:4d:ab:c5:dd:
         80:55:13:23:7f:db:c3:d3:3d:05:1c:ed:98:26:c0:38:0e:0f:
         58:90:ca:69:bf:32:9c:30:6c:f3:0b:bb:80:83:0d:38:61:64:
         e4:ac:f0:55:5f:30:84:9d:55:32:6e:19:7b:37:6d:61:6d:c9:
         1b:70:bf:df:fd:11:b0:06:f2:43:1f:4e:34:34:d9:a4:8c:29:
         62:5d:4a:5b:3f:05:69:60:68:6e:15:2c:c9:92:fb:95:5b:f8:
         53:4e:50:47:b2:56:14:c5:53:29:fe:d4:41:2e:99:a1:04:8d:
         88:3d:be:33
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYotyi7KrpvMXpJZ55whvTIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjMwODI1MTc0MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg5Yzk3MmY4MjViOTIzOWU2Nzk5ZTU3ZGIzOGY3YmQzZjhhZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEEJa9SHsp7n/anN3wh8JEX7OwvY
v/Ttnh/xWQH3r4z7yb+TmdlOZsMuh0Qz7aePJLgDl5A2Y5l69oq4F4JTMOtXZM3F
m/Ja6rWz7pzrKmemWAmjkT2qXlh8DxTtu+5eQLtv7V8U7Xe72IMd4+gl8RkKz8Q5
XucQc8pndjw0PFXwftYonBkWniEEVGVEWiyemiSIuP7jlcOa4TyqamdgE9MQwL+7
p5MEnrJK8D7MFH8lU+gGVwIebR1ua5kTHy3zDACnj0Kh/Y0C7VaGIaiGS0l0vDzZ
da7GGv4jnEC5loAggq69COfAZxaiSfU66fsOMTO1QN+1FyNVRQPC2uPKrQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFICJyXL4JbkjnmeZ5X2zj3vT+K8UMB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvZ0luSmN2Z2x1U09lWjVubGZiT1BlOVA0cnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKgvzgAAK
AAEwDQYJKoZIhvcNAQELBQADggEBAMN68PnxArg7X3IibJ2qH2YLcgVuNWqoWMZO
n/JpSn8/JRVDSGdZBViN3roF1JMmb+Jrf228k9HRaDOu4EM7wYAkQnM0VH5djcqZ
/puL/jvGSuJ7u7jOaVdM4OO4JPdvI3kOazQWPvycUnwxRhNL6S5aD8RzrqLXTtjJ
Fyvp8faLyAch1Fpo9C8PzgrHTavF3YBVEyN/28PTPQUc7ZgmwDgOD1iQymm/Mpww
bPMLu4CDDThhZOSs8FVfMISdVTJuGXs3bWFtyRtwv9/9EbAG8kMfTjQ02aSMKWJd
Sls/BWlgaG4VLMmS+5Vb+FNOUEeyVhTFUyn+1EEumaEEjYg9vjM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:21 2024 by rpki-client on console-fra.rpki-client.org