Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9a99f9-2d6c-4a4a-a096-0c73bec5107c/1/GL-MD0E40RODetuvxvmNRKHup3k.roa
File:                     GL-MD0E40RODetuvxvmNRKHup3k.roa (raw, json)
Hash identifier:          6AFHI0v5/wHh+Wsxf3/z1ORDD0romezym5ANcFQYXFM=
Subject key identifier:   18:BF:8C:0F:41:38:D1:13:83:7A:DB:AF:C6:F9:8D:44:A1:EE:A7:79
Certificate issuer:       /CN=d0f313b640c6de7535b81ec68c40ee6ec99fff4d
Certificate serial:       018A6B9E596FE4246F32213AD6B831707EC8
Authority key identifier: D0:F3:13:B6:40:C6:DE:75:35:B8:1E:C6:8C:40:EE:6E:C9:9F:FF:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0PMTtkDG3nU1uB7GjEDubsmf_00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/9a99f9-2d6c-4a4a-a096-0c73bec5107c/1/GL-MD0E40RODetuvxvmNRKHup3k.roa
Signing time:             Wed 06 Sep 2023 17:50:54 +0000
ROA not before:           Wed 06 Sep 2023 17:50:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50600
IP address blocks:        109.197.72.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:6b:9e:59:6f:e4:24:6f:32:21:3a:d6:b8:31:70:7e:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0f313b640c6de7535b81ec68c40ee6ec99fff4d
        Validity
            Not Before: Sep  6 17:50:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=18bf8c0f4138d113837adbafc6f98d44a1eea779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:42:80:48:ab:5d:aa:79:1c:1d:09:8d:1a:49:
                    e3:66:a1:8a:f7:11:d5:5f:c6:bd:22:4f:39:6d:0e:
                    48:ac:89:6f:83:ae:63:5e:45:e7:d4:a3:e2:0b:89:
                    df:fe:eb:0d:02:45:3e:9e:04:22:8b:f6:39:a0:22:
                    12:a7:06:52:fb:34:96:cd:e4:42:17:d5:0f:1e:d4:
                    aa:de:aa:8f:55:64:ff:0c:b1:0f:4e:47:ff:aa:62:
                    c5:3e:cd:45:b0:d2:93:7f:c5:2a:66:f7:2b:2d:20:
                    e8:c9:be:1d:08:00:a1:22:f5:fb:d4:94:64:29:7b:
                    6c:5f:ca:73:74:bf:2f:dd:a9:58:ad:a0:8f:96:e3:
                    05:0c:28:61:16:7a:d0:fa:36:f7:7f:56:f3:00:ba:
                    82:71:5d:96:b9:b9:cc:25:c2:b4:20:c9:94:ad:18:
                    fb:5e:61:c7:8f:4e:4b:78:11:17:02:d7:04:54:7c:
                    88:14:7b:92:e1:6e:e0:bd:8c:b5:21:94:0b:d4:dc:
                    1c:57:c6:77:a5:81:44:6e:a6:9f:3b:31:e0:4f:c3:
                    ab:8a:71:01:50:e6:b8:ff:29:1d:86:3e:e3:b0:36:
                    a2:b5:89:9d:95:e2:f7:c1:2f:ed:ff:1e:f9:cf:7d:
                    fb:72:30:34:ef:ab:32:bc:de:54:4d:48:8a:11:db:
                    3b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:BF:8C:0F:41:38:D1:13:83:7A:DB:AF:C6:F9:8D:44:A1:EE:A7:79
            X509v3 Authority Key Identifier:
                keyid:D0:F3:13:B6:40:C6:DE:75:35:B8:1E:C6:8C:40:EE:6E:C9:9F:FF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PMTtkDG3nU1uB7GjEDubsmf_00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9a99f9-2d6c-4a4a-a096-0c73bec5107c/1/GL-MD0E40RODetuvxvmNRKHup3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9a99f9-2d6c-4a4a-a096-0c73bec5107c/1/0PMTtkDG3nU1uB7GjEDubsmf_00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.197.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         67:ed:00:44:0b:2b:23:19:9a:4f:02:e4:82:41:b2:51:73:0a:
         d8:e5:b6:63:d1:cd:3a:12:a0:0b:62:76:3a:45:ab:ea:d5:ca:
         c7:ee:4f:38:4d:28:fa:eb:17:ed:cb:62:93:9b:5c:09:e5:82:
         2f:ee:45:dd:b9:07:6e:ae:43:43:18:54:96:1f:45:1b:7d:9e:
         12:e8:77:60:75:f4:a3:95:ed:dc:af:d5:4c:b1:84:7b:a4:be:
         c3:5b:e8:01:e1:6c:25:a7:63:5e:35:8a:80:c1:27:0a:c8:85:
         04:d9:43:71:a4:45:cb:02:1a:ec:77:65:3e:7b:ad:d8:77:d3:
         85:69:b0:d9:e4:b6:dc:dc:bf:d7:6e:76:c3:62:11:67:cd:3f:
         e9:5d:48:8e:17:92:1d:ad:78:96:e1:cc:0d:b7:72:36:25:f8:
         03:96:b6:99:18:58:b4:a2:4a:09:fd:3b:bb:37:4e:6e:85:dd:
         3b:73:44:36:00:3f:f8:a3:2e:6c:c1:d3:4a:f3:6c:e1:3f:87:
         52:37:b8:57:a7:27:8a:9d:90:36:ba:16:f7:4c:25:67:ab:e8:
         a4:ad:51:00:dd:e1:48:3c:c8:c9:60:da:2d:31:b6:06:b2:ff:
         23:61:bb:7d:2a:2d:fa:55:0d:c0:24:52:68:f8:e1:fd:fb:ac:
         90:27:12:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYprnllv5CRvMiE61rgxcH7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZjMxM2I2NDBjNmRlNzUzNWI4MWVjNjhjNDBlZTZlYzk5
ZmZmNGQwHhcNMjMwOTA2MTc1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGJmOGMwZjQxMzhkMTEzODM3YWRiYWZjNmY5OGQ0NGExZWVhNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0KASKtdqnkcHQmNGknjZqGK9xHV
X8a9Ik85bQ5IrIlvg65jXkXn1KPiC4nf/usNAkU+ngQii/Y5oCISpwZS+zSWzeRC
F9UPHtSq3qqPVWT/DLEPTkf/qmLFPs1FsNKTf8UqZvcrLSDoyb4dCAChIvX71JRk
KXtsX8pzdL8v3alYraCPluMFDChhFnrQ+jb3f1bzALqCcV2WubnMJcK0IMmUrRj7
XmHHj05LeBEXAtcEVHyIFHuS4W7gvYy1IZQL1NwcV8Z3pYFEbqafOzHgT8OrinEB
UOa4/ykdhj7jsDaitYmdleL3wS/t/x75z337cjA076syvN5UTUiKEds7VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBi/jA9BONETg3rbr8b5jUSh7qd5MB8GA1UdIwQY
MBaAFNDzE7ZAxt51NbgexoxA7m7Jn/9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFBNVHRrREczblUxdUI3R2pFRHVic21mXzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85YTk5ZjktMmQ2Yy00YTRhLWEwOTYt
MGM3M2JlYzUxMDdjLzEvR0wtTUQwRTQwUk9EZXR1dnh2bU5SS0h1cDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85YTk5ZjktMmQ2Yy00YTRhLWEwOTYtMGM3M2JlYzUxMDdj
LzEvMFBNVHRrREczblUxdUI3R2pFRHVic21mXzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbcVIMA0G
CSqGSIb3DQEBCwUAA4IBAQBn7QBECysjGZpPAuSCQbJRcwrY5bZj0c06EqALYnY6
Ravq1crH7k84TSj66xfty2KTm1wJ5YIv7kXduQdurkNDGFSWH0UbfZ4S6HdgdfSj
le3cr9VMsYR7pL7DW+gB4Wwlp2NeNYqAwScKyIUE2UNxpEXLAhrsd2U+e63Yd9OF
abDZ5Lbc3L/XbnbDYhFnzT/pXUiOF5IdrXiW4cwNt3I2JfgDlraZGFi0okoJ/Tu7
N05uhd07c0Q2AD/4oy5swdNK82zhP4dSN7hXpyeKnZA2uhb3TCVnq+ikrVEA3eFI
PMjJYNotMbYGsv8jYbt9Ki36VQ3AJFJo+OH9+6yQJxKF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org