Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/rG3RPLCna217nua1WWAfLNMWTUQ.roa
File:                     rG3RPLCna217nua1WWAfLNMWTUQ.roa (raw, json)
Hash identifier:          7ZgnANzEVmoTjVenBcvj2lP2yj0U/l7sdvagfOP+B+k=
Subject key identifier:   AC:6D:D1:3C:B0:A7:6B:6D:7B:9E:E6:B5:59:60:1F:2C:D3:16:4D:44
Certificate issuer:       /CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Certificate serial:       01856FD505175E7E5A2049F7C8E0D27AEC6C
Authority key identifier: A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/rG3RPLCna217nua1WWAfLNMWTUQ.roa
Signing time:             Mon 02 Jan 2023 00:15:09 +0000
ROA not before:           Mon 02 Jan 2023 00:15:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207139
IP address blocks:        185.169.115.0/24 maxlen: 24
                          2a01:8787::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:05:17:5e:7e:5a:20:49:f7:c8:e0:d2:7a:ec:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3190f6efd79ea7333f9bccd85a04352d915b239
        Validity
            Not Before: Jan  2 00:15:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ac6dd13cb0a76b6d7b9ee6b559601f2cd3164d44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e1:74:44:dd:d2:3f:55:7c:f7:24:5e:0a:21:
                    60:6d:0a:67:24:bb:14:25:5c:f1:4a:04:7c:65:84:
                    64:a7:5b:26:c1:bc:50:3f:6c:97:be:26:55:d5:e3:
                    a1:fb:b3:01:58:c6:d1:45:3d:aa:19:a7:d6:42:6c:
                    dd:39:f4:83:4c:ca:29:24:d3:09:f1:83:c2:0f:c8:
                    ae:dc:f6:61:e8:c8:59:4d:f8:50:ba:70:e4:dc:46:
                    eb:ba:8f:08:33:a4:35:95:89:c3:87:72:fe:58:5f:
                    81:ac:f5:76:c5:be:ee:78:5f:d4:fc:d1:fe:29:52:
                    af:c2:81:bc:53:1e:04:11:2f:1a:b5:d1:dc:f6:61:
                    ec:0e:09:c1:29:c3:c9:f5:9a:7b:ea:52:3e:50:1e:
                    ed:56:a5:c9:e5:84:e7:64:c2:38:25:30:1b:b3:67:
                    f5:5e:d2:87:71:f5:23:81:25:c9:d2:cd:6f:7e:73:
                    f9:1a:52:e3:28:cc:21:3b:79:8f:c8:f7:84:14:2e:
                    b7:4c:57:53:60:c5:4b:ed:d1:aa:f6:d6:8e:3b:f6:
                    7c:0f:08:88:5e:25:d2:1f:36:3a:76:ed:10:9c:3a:
                    0a:c0:40:41:0c:cf:d4:31:a8:39:33:0c:3c:48:09:
                    71:14:94:bb:b2:f9:f8:7a:4d:32:b5:d5:5c:7b:87:
                    0b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:6D:D1:3C:B0:A7:6B:6D:7B:9E:E6:B5:59:60:1F:2C:D3:16:4D:44
            X509v3 Authority Key Identifier:
                keyid:A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/rG3RPLCna217nua1WWAfLNMWTUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.169.115.0/24
                IPv6:
                  2a01:8787::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:04:d2:41:3c:4b:44:1d:45:5a:b4:84:c6:eb:d5:61:90:79:
         14:a7:c8:78:a1:7c:3c:87:47:48:64:e4:2a:07:4c:96:6f:43:
         7f:a7:3d:31:b2:7f:be:ec:98:11:fd:c5:08:9a:18:bc:ee:b7:
         bb:53:40:9d:59:8d:c7:ad:a3:76:45:04:0c:d1:41:f6:db:98:
         52:27:43:73:3e:1d:af:e0:d0:63:34:2d:43:f7:45:41:8d:68:
         fe:d0:3f:34:e7:61:f7:e5:72:04:a4:06:d9:94:5a:22:6d:09:
         76:1d:70:52:e3:4b:7f:5f:27:8e:cb:0d:69:f4:f2:97:f0:8a:
         55:dc:bf:88:c6:ef:1e:dd:e3:5e:63:54:7a:38:b0:64:3d:9a:
         74:b2:a4:06:aa:40:ef:95:aa:c0:55:44:47:c2:b1:45:70:f1:
         49:7d:8f:3a:84:ef:fa:89:d7:b3:35:72:dd:05:76:b9:5e:f4:
         36:1a:8f:92:97:15:fc:50:88:5f:d0:2b:39:da:63:8b:81:53:
         e9:5c:9d:2b:b7:c0:80:89:4a:0e:5d:d1:c1:74:0c:16:f8:c2:
         b1:f9:a0:5e:d3:32:40:1d:9c:87:f9:d6:3d:c7:1d:ba:4c:62:
         ea:84:86:ef:b8:2a:79:76:4e:b7:1f:d8:82:dd:c2:47:e3:3d:
         ec:5c:e9:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1QUXXn5aIEn3yODSeuxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTkwZjZlZmQ3OWVhNzMzM2Y5YmNjZDg1YTA0MzUyZDkx
NWIyMzkwHhcNMjMwMTAyMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzZkZDEzY2IwYTc2YjZkN2I5ZWU2YjU1OTYwMWYyY2QzMTY0ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieF0RN3SP1V89yReCiFgbQpnJLsU
JVzxSgR8ZYRkp1smwbxQP2yXviZV1eOh+7MBWMbRRT2qGafWQmzdOfSDTMopJNMJ
8YPCD8iu3PZh6MhZTfhQunDk3Ebruo8IM6Q1lYnDh3L+WF+BrPV2xb7ueF/U/NH+
KVKvwoG8Ux4EES8atdHc9mHsDgnBKcPJ9Zp76lI+UB7tVqXJ5YTnZMI4JTAbs2f1
XtKHcfUjgSXJ0s1vfnP5GlLjKMwhO3mPyPeEFC63TFdTYMVL7dGq9taOO/Z8DwiI
XiXSHzY6du0QnDoKwEBBDM/UMag5Mww8SAlxFJS7svn4ek0ytdVce4cLpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKxt0Tywp2tte57mtVlgHyzTFk1EMB8GA1UdIwQY
MBaAFKMZD279eepzM/m8zYWgQ1LZFbI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUt
NWY0Yjg3YWRhNGI1LzEvckczUlBMQ25hMjE3bnVhMVdXQWZMTk1XVFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUtNWY0Yjg3YWRhNGI1
LzEvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAualzMA0E
AgACMAcDBQAqAYeHMA0GCSqGSIb3DQEBCwUAA4IBAQBkBNJBPEtEHUVatITG69Vh
kHkUp8h4oXw8h0dIZOQqB0yWb0N/pz0xsn++7JgR/cUImhi87re7U0CdWY3HraN2
RQQM0UH225hSJ0NzPh2v4NBjNC1D90VBjWj+0D8052H35XIEpAbZlFoibQl2HXBS
40t/XyeOyw1p9PKX8IpV3L+Ixu8e3eNeY1R6OLBkPZp0sqQGqkDvlarAVURHwrFF
cPFJfY86hO/6idezNXLdBXa5XvQ2Go+SlxX8UIhf0Cs52mOLgVPpXJ0rt8CAiUoO
XdHBdAwW+MKx+aBe0zJAHZyH+dY9xx26TGLqhIbvuCp5dk63H9iC3cJH4z3sXOl9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org