Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gprmWsgro7VuXLY9YQ7JoZaynKs.roa
File:                     gprmWsgro7VuXLY9YQ7JoZaynKs.roa (raw, json)
Hash identifier:          Lk8vLosy5M8SLeHPU20UIdT0y7NUjY0W/Z2xlHGDLL0=
Subject key identifier:   82:9A:E6:5A:C8:2B:A3:B5:6E:5C:B6:3D:61:0E:C9:A1:96:B2:9C:AB
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C53EC2CC7767D664BD2D896B8DE8F64
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gprmWsgro7VuXLY9YQ7JoZaynKs.roa
Signing time:             Sun 01 Jan 2023 07:55:17 +0000
ROA not before:           Sun 01 Jan 2023 07:55:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39602
IP address blocks:        185.236.81.0/24 maxlen: 32
                          147.78.223.0/24 maxlen: 32
                          2a06:82c4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 02:23:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:ec:2c:c7:76:7d:66:4b:d2:d8:96:b8:de:8f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=829ae65ac82ba3b56e5cb63d610ec9a196b29cab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:79:06:b2:06:74:1e:be:99:eb:8d:0b:6c:b8:
                    5d:69:b7:6e:ba:7f:8b:00:ee:9a:70:95:4d:3a:bd:
                    91:5c:99:80:2a:3d:27:bc:2b:ae:5d:a1:95:84:3c:
                    e8:b0:e4:63:67:01:a4:4d:a8:4b:75:21:a4:a1:f5:
                    ee:2f:38:b8:32:13:4d:72:e3:d2:d7:7b:47:0c:b9:
                    0a:a7:b5:68:99:2c:66:9f:69:09:a2:d7:56:12:ca:
                    d5:1c:03:de:01:2d:7a:cf:06:87:a9:13:74:97:88:
                    f5:ef:cd:0d:f4:3a:31:1e:75:17:79:d0:02:b2:81:
                    38:ad:ab:81:0b:3d:4b:92:71:62:0d:01:c0:c3:2e:
                    00:f7:04:fb:d6:49:a6:fd:ff:11:4b:ec:b0:3a:cc:
                    61:18:07:bc:7e:b3:55:04:99:cb:cd:35:0c:7d:ca:
                    bd:37:e9:f4:89:66:89:37:3e:fe:f3:f8:68:5a:d1:
                    5a:c0:47:25:1f:cc:58:e2:64:86:e2:f4:a3:45:59:
                    de:1a:cb:d4:f7:bb:f2:45:3f:3f:c1:38:c6:9a:31:
                    ee:9d:02:af:91:05:40:e1:01:6e:f1:47:ba:35:ae:
                    c1:2a:20:35:c5:95:bc:37:b1:ac:33:ec:08:71:14:
                    42:ad:24:27:63:ed:c5:31:ef:d1:c2:e6:74:4c:2f:
                    62:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:9A:E6:5A:C8:2B:A3:B5:6E:5C:B6:3D:61:0E:C9:A1:96:B2:9C:AB
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gprmWsgro7VuXLY9YQ7JoZaynKs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.223.0/24
                  185.236.81.0/24
                IPv6:
                  2a06:82c4::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:a3:59:90:7a:3a:a6:10:e6:02:f3:f4:be:80:5d:80:9d:66:
         23:a3:b3:7a:1e:95:cb:e2:4c:33:7d:d2:5c:1c:b5:65:75:92:
         b5:80:d7:21:7a:27:24:2b:d4:20:8a:d7:dc:49:ef:32:6b:59:
         ab:e1:e5:7c:1c:f3:05:89:31:c8:5c:73:93:dd:ff:63:f0:a9:
         5c:91:92:24:93:bf:88:32:aa:b0:11:59:2a:62:72:8f:0f:38:
         32:0b:29:41:e6:55:9f:b2:70:dd:d6:7b:18:1a:68:5e:dd:0e:
         6d:a1:ae:03:46:ad:65:f2:e2:fd:cf:1f:59:5e:1f:80:1f:a1:
         5c:a9:41:39:ae:dc:ce:a3:f4:af:ce:5a:34:7e:90:7c:84:a6:
         67:85:35:ec:59:32:5a:9c:fe:ce:b0:29:e4:53:57:99:07:0e:
         da:a4:d9:03:02:84:b6:85:1a:42:9c:4e:7b:b9:e4:11:25:ca:
         b0:ee:a4:79:17:67:cf:10:82:9f:0b:25:f9:a5:0d:1f:07:88:
         0d:a9:96:b1:50:6d:0e:d1:2b:53:6b:fb:0c:38:a7:f4:98:74:
         0a:a4:7b:46:f1:b0:a5:0e:7d:de:5f:ca:10:27:06:31:a1:ff:
         7a:e4:3c:a7:42:06:23:fa:13:f6:94:50:1a:ec:f0:b6:e7:2e:
         02:1b:13:c3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsU+wsx3Z9ZkvS2Ja43o9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjlhZTY1YWM4MmJhM2I1NmU1Y2I2M2Q2MTBlYzlhMTk2YjI5Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3kGsgZ0Hr6Z640LbLhdabduun+L
AO6acJVNOr2RXJmAKj0nvCuuXaGVhDzosORjZwGkTahLdSGkofXuLzi4MhNNcuPS
13tHDLkKp7VomSxmn2kJotdWEsrVHAPeAS16zwaHqRN0l4j1780N9DoxHnUXedAC
soE4rauBCz1LknFiDQHAwy4A9wT71kmm/f8RS+ywOsxhGAe8frNVBJnLzTUMfcq9
N+n0iWaJNz7+8/hoWtFawEclH8xY4mSG4vSjRVneGsvU97vyRT8/wTjGmjHunQKv
kQVA4QFu8Ue6Na7BKiA1xZW8N7GsM+wIcRRCrSQnY+3FMe/RwuZ0TC9i6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIKa5lrIK6O1bly2PWEOyaGWspyrMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZ3BybVdzZ3JvN1Z1WExZOVlRN0pvWmF5bktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAk07fAwQA
uexRMA8EAgACMAkDBwAqBoLEAAAwDQYJKoZIhvcNAQELBQADggEBAI+jWZB6OqYQ
5gLz9L6AXYCdZiOjs3oelcviTDN90lwctWV1krWA1yF6JyQr1CCK19xJ7zJrWavh
5Xwc8wWJMchcc5Pd/2PwqVyRkiSTv4gyqrARWSpico8PODILKUHmVZ+ycN3Wexga
aF7dDm2hrgNGrWXy4v3PH1leH4AfoVypQTmu3M6j9K/OWjR+kHyEpmeFNexZMlqc
/s6wKeRTV5kHDtqk2QMChLaFGkKcTnu55BElyrDupHkXZ88Qgp8LJfmlDR8HiA2p
lrFQbQ7RK1Nr+ww4p/SYdAqke0bxsKUOfd5fyhAnBjGh/3rkPKdCBiP6E/aUUBrs
8LbnLgIbE8M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org