Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/gGuuDD39xKfEbh0cIkE7UzLeflo.roa
File:                     gGuuDD39xKfEbh0cIkE7UzLeflo.roa (raw, json)
Hash identifier:          6nDdlOU7e5IXywbqJ3rjeJsMqPtSdeCcnsm9EBrBQA0=
Subject key identifier:   80:6B:AE:0C:3D:FD:C4:A7:C4:6E:1D:1C:22:41:3B:53:32:DE:7E:5A
Certificate issuer:       /CN=6c12ab7063c85dfe22fa7a99d9c6fce5e6161031
Certificate serial:       01857255BF44B3581281C84BC251315FFB4C
Authority key identifier: 6C:12:AB:70:63:C8:5D:FE:22:FA:7A:99:D9:C6:FC:E5:E6:16:10:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bBKrcGPIXf4i-nqZ2cb85eYWEDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/gGuuDD39xKfEbh0cIkE7UzLeflo.roa
Signing time:             Mon 02 Jan 2023 11:55:00 +0000
ROA not before:           Mon 02 Jan 2023 11:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48522
IP address blocks:        217.150.190.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:55:bf:44:b3:58:12:81:c8:4b:c2:51:31:5f:fb:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c12ab7063c85dfe22fa7a99d9c6fce5e6161031
        Validity
            Not Before: Jan  2 11:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=806bae0c3dfdc4a7c46e1d1c22413b5332de7e5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:9b:97:43:4e:e1:0c:84:14:16:c7:3e:32:e9:
                    c6:4a:fe:f1:21:20:85:11:5a:95:4a:13:b3:60:6c:
                    03:b9:c0:b1:73:b0:8d:3a:c3:6c:bf:ed:7a:fe:74:
                    57:57:40:a4:d0:84:42:9d:68:ec:b6:81:fd:f5:a2:
                    bf:66:7e:79:4e:33:ae:78:ed:2a:87:c4:45:94:8f:
                    5d:90:ea:bd:94:e1:30:8f:49:16:e1:82:40:55:c4:
                    45:4d:42:72:48:a6:18:d7:7b:4c:e6:2f:c0:7e:cc:
                    1f:83:07:c8:c6:69:59:3c:c6:e4:ac:a9:47:29:b5:
                    b2:10:f1:74:8e:85:23:c5:a4:c3:a6:67:b6:e6:17:
                    ad:2a:fb:d1:b3:9d:36:5b:d0:8b:69:10:a5:04:ee:
                    99:ce:1a:3f:2c:bd:fc:5f:17:b6:4a:92:c3:70:20:
                    7d:9c:d9:09:53:d5:68:d7:ac:d1:89:72:33:b3:40:
                    61:8c:8d:55:d9:1a:70:bd:78:f9:41:3e:11:a5:07:
                    8c:d5:cd:98:b3:41:92:e2:4a:44:e0:6d:4f:c5:97:
                    c2:a4:e6:b4:b4:9f:d5:fc:70:14:13:a9:d6:3a:e2:
                    9f:e0:48:bc:48:f6:8d:c9:f7:b9:f1:b6:46:e3:10:
                    47:f9:dc:bf:9d:98:0a:57:a8:36:2f:30:2b:aa:ce:
                    ab:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:6B:AE:0C:3D:FD:C4:A7:C4:6E:1D:1C:22:41:3B:53:32:DE:7E:5A
            X509v3 Authority Key Identifier:
                keyid:6C:12:AB:70:63:C8:5D:FE:22:FA:7A:99:D9:C6:FC:E5:E6:16:10:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBKrcGPIXf4i-nqZ2cb85eYWEDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/gGuuDD39xKfEbh0cIkE7UzLeflo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/bBKrcGPIXf4i-nqZ2cb85eYWEDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.150.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:ea:f1:5b:b3:f4:62:55:0e:17:be:e7:0f:bb:b3:de:04:f3:
         ca:87:87:54:dd:f9:53:c6:6a:f4:38:c6:a1:6f:52:0e:08:c6:
         dc:5f:6f:17:1a:42:7d:b2:e2:e3:10:19:46:bd:d0:23:df:e1:
         a5:68:a4:31:17:cf:25:63:28:5b:5c:43:15:74:fa:83:64:82:
         9b:89:0e:79:3a:d1:5c:be:38:d5:b4:7a:93:67:4d:b4:c2:3b:
         56:78:07:ce:6a:c2:47:aa:c7:a5:7d:09:5e:15:eb:67:e2:e5:
         3c:9a:aa:b4:7f:5d:3f:d0:0c:13:65:3c:b7:fd:5d:02:79:da:
         e1:2d:2e:d8:cd:61:42:fa:2c:7a:54:dc:03:c7:24:6c:e1:4b:
         9e:30:10:aa:a8:12:5b:86:a5:e0:1a:d5:63:8a:e2:7a:be:5c:
         30:cb:8a:64:3b:78:34:95:d5:eb:db:e9:14:74:50:f8:4c:8e:
         b3:ca:8d:5c:cb:ed:04:50:93:3c:31:12:43:0c:0d:55:4b:b0:
         e5:17:db:c8:dd:37:20:5a:da:92:73:c2:ae:a6:f2:f5:e0:30:
         ec:c7:33:88:4b:44:3d:77:9d:a9:fc:e8:cf:34:c1:de:88:9c:
         28:fa:a5:b9:70:b2:9e:27:b1:9a:70:2e:2f:be:d9:f8:f2:81:
         93:e9:e5:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVb9Es1gSgchLwlExX/tMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMTJhYjcwNjNjODVkZmUyMmZhN2E5OWQ5YzZmY2U1ZTYx
NjEwMzEwHhcNMjMwMTAyMTE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDZiYWUwYzNkZmRjNGE3YzQ2ZTFkMWMyMjQxM2I1MzMyZGU3ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZuXQ07hDIQUFsc+MunGSv7xISCF
EVqVShOzYGwDucCxc7CNOsNsv+16/nRXV0Ck0IRCnWjstoH99aK/Zn55TjOueO0q
h8RFlI9dkOq9lOEwj0kW4YJAVcRFTUJySKYY13tM5i/AfswfgwfIxmlZPMbkrKlH
KbWyEPF0joUjxaTDpme25hetKvvRs502W9CLaRClBO6Zzho/LL38Xxe2SpLDcCB9
nNkJU9Vo16zRiXIzs0BhjI1V2RpwvXj5QT4RpQeM1c2Ys0GS4kpE4G1PxZfCpOa0
tJ/V/HAUE6nWOuKf4Ei8SPaNyfe58bZG4xBH+dy/nZgKV6g2LzArqs6rwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBrrgw9/cSnxG4dHCJBO1My3n5aMB8GA1UdIwQY
MBaAFGwSq3BjyF3+Ivp6mdnG/OXmFhAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJLcmNHUElYZjRpLW5xWjJjYjg1ZVlXRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xMmU2NzktODU2Yy00OGVhLWEwNjIt
OTU5ZWJiOTA1YjNhLzEvZ0d1dUREMzl4S2ZFYmgwY0lrRTdVekxlZmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xMmU2NzktODU2Yy00OGVhLWEwNjItOTU5ZWJiOTA1YjNh
LzEvYkJLcmNHUElYZjRpLW5xWjJjYjg1ZVlXRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2Za+MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ6vFbs/RiVQ4XvucPu7PeBPPKh4dU3flTxmr0OMah
b1IOCMbcX28XGkJ9suLjEBlGvdAj3+GlaKQxF88lYyhbXEMVdPqDZIKbiQ55OtFc
vjjVtHqTZ020wjtWeAfOasJHqselfQleFetn4uU8mqq0f10/0AwTZTy3/V0Cedrh
LS7YzWFC+ix6VNwDxyRs4UueMBCqqBJbhqXgGtVjiuJ6vlwwy4pkO3g0ldXr2+kU
dFD4TI6zyo1cy+0EUJM8MRJDDA1VS7DlF9vI3TcgWtqSc8KupvL14DDsxzOIS0Q9
d52p/OjPNMHeiJwo+qW5cLKeJ7GacC4vvtn48oGT6eVV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:20 2024 by rpki-client on console-ams.rpki-client.org