Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/gHFvEESZ_KblgjYpDMllV5EyEnQ.roa
File:                     gHFvEESZ_KblgjYpDMllV5EyEnQ.roa (raw, json)
Hash identifier:          vX4SsvUATQerwbe/9uA/hipTDlqKAjHKpDMO2ML3ueU=
Subject key identifier:   80:71:6F:10:44:99:FC:A6:E5:82:36:29:0C:C9:65:57:91:32:12:74
Certificate issuer:       /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial:       01879F2301EDCB4ECCD851127C7F99A706B4
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/gHFvEESZ_KblgjYpDMllV5EyEnQ.roa
Signing time:             Thu 20 Apr 2023 14:48:04 +0000
ROA not before:           Thu 20 Apr 2023 14:48:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16276
IP address blocks:        199.83.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 09:36:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9f:23:01:ed:cb:4e:cc:d8:51:12:7c:7f:99:a7:06:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
        Validity
            Not Before: Apr 20 14:48:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80716f104499fca6e58236290cc9655791321274
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cf:31:e1:0b:5e:b7:22:30:62:ef:f9:cf:45:
                    e2:3a:03:cf:69:74:6b:93:67:e2:00:33:f9:5d:f2:
                    da:c4:bb:fc:e2:ed:9e:d2:99:5e:de:b8:be:db:7e:
                    3e:05:bd:86:33:97:54:99:4c:14:1a:36:91:e7:e7:
                    ab:64:44:0a:5b:b0:cd:12:9b:73:b7:2b:e2:38:be:
                    2c:d7:6d:49:89:01:4f:e5:5d:15:9b:06:f5:cf:7d:
                    6c:89:6c:8c:db:cf:2c:b6:86:72:ef:0d:e9:70:37:
                    65:3c:d6:82:81:30:95:d1:ff:3c:bc:6c:12:73:bc:
                    e1:b5:ae:7e:78:22:44:53:47:12:d1:92:96:12:ba:
                    f1:b6:f4:de:a7:29:cc:a5:3b:c4:8d:22:0f:fd:76:
                    84:1e:d6:46:63:45:bc:36:a2:4e:fe:d3:15:d6:eb:
                    af:4c:70:fb:17:5f:50:87:c9:10:fb:d7:e2:14:63:
                    5d:72:5c:1b:b6:8d:75:e1:89:5f:53:76:82:62:12:
                    42:9c:ba:7c:80:bf:8c:5c:fa:b3:d3:d2:20:3a:34:
                    70:ff:93:22:93:bb:55:d5:8a:3e:f3:c7:9e:4c:b6:
                    1f:74:db:af:d4:c5:de:a6:32:45:b8:84:5d:63:ce:
                    55:d6:e1:be:3f:9c:4e:a0:a1:22:46:ca:a1:03:f2:
                    05:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:71:6F:10:44:99:FC:A6:E5:82:36:29:0C:C9:65:57:91:32:12:74
            X509v3 Authority Key Identifier:
                keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/gHFvEESZ_KblgjYpDMllV5EyEnQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.83.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:a4:9f:e0:e6:3a:bb:90:1c:63:89:80:2c:83:e8:4f:9f:da:
         e1:6c:10:c4:4d:ef:98:f9:20:a8:e8:79:23:a7:a0:9d:af:24:
         9a:3a:76:01:e4:82:21:12:e2:8a:46:33:13:b9:26:7d:2e:54:
         fb:ec:fc:93:a1:15:87:54:ae:4c:a0:67:21:cb:f2:b9:36:63:
         09:97:45:09:bf:36:b6:8f:b8:1d:c8:f0:14:8d:ad:1d:4a:ff:
         f0:18:11:19:8d:35:c5:73:67:91:82:54:d8:b9:83:80:ee:f9:
         aa:9a:d1:ee:8b:16:ec:05:a0:44:32:16:54:1d:d2:05:a8:a2:
         9d:ea:ed:70:c0:ef:ac:ac:93:be:9b:84:b6:44:f3:8a:a5:36:
         8a:84:ef:07:19:6e:ec:80:08:01:80:75:16:92:32:6c:be:e4:
         54:81:dc:be:32:26:3f:76:8a:70:01:dd:97:10:10:c2:a0:1b:
         dd:3f:d5:1f:95:69:37:8e:88:b3:ee:0c:c4:39:b1:44:b7:ca:
         b6:70:dc:3f:5d:a1:c5:be:b8:e0:29:b6:71:58:d3:0a:e9:c1:
         2f:d1:bd:5e:73:d0:95:fe:ee:14:33:2f:db:e4:be:7c:f0:d9:
         26:d3:5a:cc:25:fd:47:6e:0d:ef:85:bd:b0:b0:45:e7:d1:77:
         1e:bc:97:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYefIwHty07M2FESfH+Zpwa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjMwNDIwMTQ0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDcxNmYxMDQ0OTlmY2E2ZTU4MjM2MjkwY2M5NjU1NzkxMzIxMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM8x4QtetyIwYu/5z0XiOgPPaXRr
k2fiADP5XfLaxLv84u2e0ple3ri+234+Bb2GM5dUmUwUGjaR5+erZEQKW7DNEptz
tyviOL4s121JiQFP5V0Vmwb1z31siWyM288stoZy7w3pcDdlPNaCgTCV0f88vGwS
c7zhta5+eCJEU0cS0ZKWErrxtvTepynMpTvEjSIP/XaEHtZGY0W8NqJO/tMV1uuv
THD7F19Qh8kQ+9fiFGNdclwbto114YlfU3aCYhJCnLp8gL+MXPqz09IgOjRw/5Mi
k7tV1Yo+88eeTLYfdNuv1MXepjJFuIRdY85V1uG+P5xOoKEiRsqhA/IFiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBxbxBEmfym5YI2KQzJZVeRMhJ0MB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvZ0hGdkVFU1pfS2JsZ2pZcERNbGxWNUV5RW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx1NnMA0G
CSqGSIb3DQEBCwUAA4IBAQBapJ/g5jq7kBxjiYAsg+hPn9rhbBDETe+Y+SCo6Hkj
p6CdrySaOnYB5IIhEuKKRjMTuSZ9LlT77PyToRWHVK5MoGchy/K5NmMJl0UJvza2
j7gdyPAUja0dSv/wGBEZjTXFc2eRglTYuYOA7vmqmtHuixbsBaBEMhZUHdIFqKKd
6u1wwO+srJO+m4S2RPOKpTaKhO8HGW7sgAgBgHUWkjJsvuRUgdy+MiY/dopwAd2X
EBDCoBvdP9UflWk3joiz7gzEObFEt8q2cNw/XaHFvrjgKbZxWNMK6cEv0b1ec9CV
/u4UMy/b5L588Nkm01rMJf1Hbg3vhb2wsEXn0XcevJdQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:12 2024 by rpki-client on console-fra.rpki-client.org