Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/g_cbGPH5yAcUWHioVXzqHmSw54Q.roa
File:                     g_cbGPH5yAcUWHioVXzqHmSw54Q.roa (raw, json)
Hash identifier:          ogJY9Dzgy753njppO6eh0QXsvtMxiD5dB3M9D3MhSPM=
Subject key identifier:   83:F7:1B:18:F1:F9:C8:07:14:58:78:A8:55:7C:EA:1E:64:B0:E7:84
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       0189AEE0FCFF06453F71A34FCE0D91811D3A
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/g_cbGPH5yAcUWHioVXzqHmSw54Q.roa
Signing time:             Tue 01 Aug 2023 02:15:27 +0000
ROA not before:           Tue 01 Aug 2023 02:15:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     23674
IP address blocks:        185.2.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ae:e0:fc:ff:06:45:3f:71:a3:4f:ce:0d:91:81:1d:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Aug  1 02:15:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83f71b18f1f9c807145878a8557cea1e64b0e784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:86:e5:da:12:a5:f7:64:d6:c0:07:f6:a7:d9:
                    68:59:d3:81:99:f1:d8:f6:b9:89:70:52:d3:62:0e:
                    34:50:8d:1b:42:9d:c8:2a:e5:1d:3c:91:3e:99:43:
                    41:47:24:af:64:5b:37:d5:92:e5:41:85:1d:cc:71:
                    7e:d4:90:37:87:23:dd:13:0c:f6:a7:27:63:cf:a6:
                    aa:53:ac:ac:3a:cc:a9:13:d5:59:fd:87:d9:52:62:
                    4a:b6:17:e1:9f:68:2b:08:3c:2d:f4:19:3e:b8:8a:
                    4d:44:d7:08:d6:3d:d5:41:21:22:60:71:82:aa:64:
                    cc:99:32:88:ec:df:c7:bc:2e:d1:ad:d0:ea:be:b8:
                    d6:27:35:84:9e:2f:b4:65:4e:ae:fb:11:c8:d1:52:
                    e7:34:c7:4d:42:58:da:fa:1f:f4:f6:aa:c0:65:d3:
                    d0:b7:c6:f4:6e:5c:20:95:1e:e5:3f:83:1f:ca:03:
                    00:41:34:0e:b5:fb:21:52:70:d5:6c:32:25:11:59:
                    e6:7a:41:d5:bd:ff:31:5a:15:ee:48:ec:85:82:b2:
                    a3:b5:28:ac:2a:73:ab:df:67:3d:76:e5:51:15:bc:
                    18:26:ad:d7:28:d0:6c:8e:cd:0f:87:85:c6:75:f7:
                    1b:ca:d2:4a:18:1c:8d:e0:9d:7d:38:1a:4b:85:d6:
                    a2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F7:1B:18:F1:F9:C8:07:14:58:78:A8:55:7C:EA:1E:64:B0:E7:84
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/g_cbGPH5yAcUWHioVXzqHmSw54Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.2.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:fa:22:73:d4:a4:e7:27:86:c9:6d:36:19:0c:96:77:77:2e:
         3a:8b:3e:f9:46:7f:6a:c6:9f:08:88:02:6c:31:6a:dc:b1:ad:
         4a:ac:c6:28:88:1a:fa:48:99:0a:68:b5:3d:ec:8b:c3:89:7c:
         a1:8d:6f:cd:f0:1f:f3:21:9e:ce:de:74:24:a2:97:fc:f3:5f:
         d2:a0:72:a9:53:94:9c:d5:bf:d5:53:99:1a:01:8f:7d:1a:07:
         8c:b1:7b:17:88:72:4a:24:04:7b:b0:60:6c:2d:99:8f:e7:2e:
         23:5f:37:70:c0:9c:d7:1e:bc:7c:1f:46:06:b2:b1:67:7c:38:
         a4:34:88:d9:4d:dd:10:58:5e:e1:b7:33:45:1a:00:18:6f:24:
         89:a7:92:69:ba:31:ac:08:db:2a:da:31:a6:54:33:0d:55:8d:
         87:86:7d:b2:fd:f3:47:8a:61:e6:0d:1f:71:f1:f0:6c:fb:47:
         b1:fe:c4:10:03:12:2c:d6:80:f1:c0:53:8a:ce:2c:24:9a:66:
         cc:31:91:d5:fa:d4:25:1f:68:21:bb:3b:0c:bf:39:df:c8:f6:
         8a:9f:2c:14:8d:83:5b:6d:7d:99:61:e0:2e:05:f1:6d:0d:a4:
         32:4c:3f:3b:cf:c2:ac:d2:58:5e:17:f6:fa:7d:67:e3:d2:bc:
         03:10:5f:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmu4Pz/BkU/caNPzg2RgR06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjMwODAxMDIxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y3MWIxOGYxZjljODA3MTQ1ODc4YTg1NTdjZWExZTY0YjBlNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoobl2hKl92TWwAf2p9loWdOBmfHY
9rmJcFLTYg40UI0bQp3IKuUdPJE+mUNBRySvZFs31ZLlQYUdzHF+1JA3hyPdEwz2
pydjz6aqU6ysOsypE9VZ/YfZUmJKthfhn2grCDwt9Bk+uIpNRNcI1j3VQSEiYHGC
qmTMmTKI7N/HvC7RrdDqvrjWJzWEni+0ZU6u+xHI0VLnNMdNQlja+h/09qrAZdPQ
t8b0blwglR7lP4MfygMAQTQOtfshUnDVbDIlEVnmekHVvf8xWhXuSOyFgrKjtSis
KnOr32c9duVRFbwYJq3XKNBsjs0Ph4XGdfcbytJKGByN4J19OBpLhdaiGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIP3Gxjx+cgHFFh4qFV86h5ksOeEMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvZ19jYkdQSDV5QWNVV0hpb1ZYenFIbVN3NTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQIwMA0G
CSqGSIb3DQEBCwUAA4IBAQAf+iJz1KTnJ4bJbTYZDJZ3dy46iz75Rn9qxp8IiAJs
MWrcsa1KrMYoiBr6SJkKaLU97IvDiXyhjW/N8B/zIZ7O3nQkopf881/SoHKpU5Sc
1b/VU5kaAY99GgeMsXsXiHJKJAR7sGBsLZmP5y4jXzdwwJzXHrx8H0YGsrFnfDik
NIjZTd0QWF7htzNFGgAYbySJp5JpujGsCNsq2jGmVDMNVY2Hhn2y/fNHimHmDR9x
8fBs+0ex/sQQAxIs1oDxwFOKziwkmmbMMZHV+tQlH2ghuzsMvznfyPaKnywUjYNb
bX2ZYeAuBfFtDaQyTD87z8Ks0lheF/b6fWfj0rwDEF8c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:13 2024 by rpki-client on console-ams.rpki-client.org