Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/G_3GX_dHUKPxhSweJHnLbHGl-Mw.roa
File:                     G_3GX_dHUKPxhSweJHnLbHGl-Mw.roa (raw, json)
Hash identifier:          mxkTPLbjy6YLfl++UVUG3vxoBmRDKTvRM3fn5p+GtKA=
Subject key identifier:   1B:FD:C6:5F:F7:47:50:A3:F1:85:2C:1E:24:79:CB:6C:71:A5:F8:CC
Certificate issuer:       /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial:       0187B8334690268217E4DBC73FA0499B9A43
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/G_3GX_dHUKPxhSweJHnLbHGl-Mw.roa
Signing time:             Tue 25 Apr 2023 11:36:20 +0000
ROA not before:           Tue 25 Apr 2023 11:36:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.167.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 May 2023 13:47:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b8:33:46:90:26:82:17:e4:db:c7:3f:a0:49:9b:9a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
        Validity
            Not Before: Apr 25 11:36:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1bfdc65ff74750a3f1852c1e2479cb6c71a5f8cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d7:62:14:22:fe:a0:c6:de:c8:cc:e6:c3:91:
                    c2:d1:c1:e9:7b:a6:fc:69:8b:07:79:88:af:f0:46:
                    d5:4e:47:98:0e:ef:6c:a7:c3:45:86:a7:11:d2:a8:
                    51:be:60:c5:81:84:38:93:ad:92:42:cd:a6:f1:b6:
                    ae:8b:7e:a6:60:9a:46:40:02:aa:34:34:5b:0e:0c:
                    a5:f6:49:b5:91:6c:cc:87:0a:fc:66:df:4c:9b:ce:
                    e6:f4:95:9c:8b:75:09:1c:28:65:f8:39:0d:4f:6d:
                    cd:ba:09:dc:40:7b:84:66:8f:7a:5c:41:24:d6:7b:
                    f4:8a:f8:5f:55:be:e1:46:c1:fd:52:cb:46:f1:7b:
                    db:64:4a:8a:32:c1:47:13:b0:c0:f9:70:c8:1c:49:
                    13:fe:c7:41:3d:8a:d8:83:35:c3:56:77:0a:28:db:
                    73:a2:9d:bd:1b:7f:37:21:42:4c:e8:b9:8e:b7:3b:
                    9c:53:37:7e:2c:a7:14:9e:36:24:ea:c4:d9:0f:46:
                    5d:e2:b3:05:6c:89:8a:8b:d8:7f:9e:1d:a8:87:a1:
                    14:30:14:9e:cb:02:c6:fe:9d:f5:36:11:56:66:dd:
                    7b:f1:48:16:db:11:0c:98:a6:07:0d:df:60:cf:8a:
                    83:48:4f:f5:ff:51:87:70:d7:9a:1e:5e:08:ab:c8:
                    4e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:FD:C6:5F:F7:47:50:A3:F1:85:2C:1E:24:79:CB:6C:71:A5:F8:CC
            X509v3 Authority Key Identifier:
                keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/G_3GX_dHUKPxhSweJHnLbHGl-Mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:4b:68:37:5b:44:6b:26:51:bb:1b:95:f6:7f:bd:04:94:26:
         10:df:19:d0:d1:59:c9:e9:a0:f5:a1:7e:0e:1c:34:9b:d8:51:
         66:b7:7c:b7:8f:2a:59:93:ed:30:00:ec:1f:f7:87:35:24:cf:
         26:6d:fd:23:0f:32:b9:dd:48:0a:32:24:26:c9:42:8d:61:3d:
         2a:37:6e:ae:09:36:8e:f8:c6:a6:e6:f6:b5:fe:82:6a:5a:d0:
         aa:df:9a:b4:bd:06:fe:5b:8c:75:75:7c:71:bb:1b:f2:48:1d:
         f2:2b:b8:55:ed:44:7f:53:5d:bd:05:00:23:b6:cb:7b:7e:78:
         05:e2:68:e8:b7:50:63:e3:f4:fc:0c:97:30:38:b6:23:40:5d:
         70:70:50:f7:87:87:b9:e1:0b:c1:f2:34:75:b6:73:9f:46:ab:
         89:b4:b1:b5:0a:f0:ec:2c:d3:4b:78:38:22:f3:f2:08:c4:01:
         95:5f:92:26:99:8e:1e:18:2e:4e:e7:27:c8:4c:b0:5c:71:5e:
         7d:3b:f3:43:fa:e2:50:88:3b:01:59:f0:cc:ca:aa:76:c9:86:
         ad:4b:b1:69:06:03:a4:85:ab:75:8b:cc:0e:b1:f0:32:77:8f:
         ae:ca:9c:f2:36:a3:b2:04:a4:7a:ed:6b:f1:bc:08:91:14:6e:
         1f:ab:d7:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe4M0aQJoIX5NvHP6BJm5pDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGIxNTE5MzgxNmZkMTVkY2ZkMDQ3ZGI0ZWVjYTY3Mjkx
MmJiNjAwHhcNMjMwNDI1MTEzNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmZkYzY1ZmY3NDc1MGEzZjE4NTJjMWUyNDc5Y2I2YzcxYTVmOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNdiFCL+oMbeyMzmw5HC0cHpe6b8
aYsHeYiv8EbVTkeYDu9sp8NFhqcR0qhRvmDFgYQ4k62SQs2m8baui36mYJpGQAKq
NDRbDgyl9km1kWzMhwr8Zt9Mm87m9JWci3UJHChl+DkNT23NugncQHuEZo96XEEk
1nv0ivhfVb7hRsH9UstG8XvbZEqKMsFHE7DA+XDIHEkT/sdBPYrYgzXDVncKKNtz
op29G383IUJM6LmOtzucUzd+LKcUnjYk6sTZD0Zd4rMFbImKi9h/nh2oh6EUMBSe
ywLG/p31NhFWZt178UgW2xEMmKYHDd9gz4qDSE/1/1GHcNeaHl4Iq8hOWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBv9xl/3R1Cj8YUsHiR5y2xxpfjMMB8GA1UdIwQY
MBaAFG8LFRk4Fv0V3P0EfbTuymcpErtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYt
OWNmODQzZjA1NjcwLzEvR18zR1hfZEhVS1B4aFN3ZUpIbkxiSEdsLU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYtOWNmODQzZjA1Njcw
LzEvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuafoMA0G
CSqGSIb3DQEBCwUAA4IBAQBtS2g3W0RrJlG7G5X2f70ElCYQ3xnQ0VnJ6aD1oX4O
HDSb2FFmt3y3jypZk+0wAOwf94c1JM8mbf0jDzK53UgKMiQmyUKNYT0qN26uCTaO
+Mam5va1/oJqWtCq35q0vQb+W4x1dXxxuxvySB3yK7hV7UR/U129BQAjtst7fngF
4mjot1Bj4/T8DJcwOLYjQF1wcFD3h4e54QvB8jR1tnOfRquJtLG1CvDsLNNLeDgi
8/IIxAGVX5ImmY4eGC5O5yfITLBccV59O/ND+uJQiDsBWfDMyqp2yYatS7FpBgOk
hat1i8wOsfAyd4+uypzyNqOyBKR67WvxvAiRFG4fq9fK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:30 2024 by rpki-client on console-fra.rpki-client.org