Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/gcPYBmJWUfGC6RiWgUI8osOvUOI.roa
File:                     gcPYBmJWUfGC6RiWgUI8osOvUOI.roa (raw, json)
Hash identifier:          v6XA9i5dw1XfsV2ps1tKqtISIWWudgc7ujGSS/nHuac=
Subject key identifier:   81:C3:D8:06:62:56:51:F1:82:E9:18:96:81:42:3C:A2:C3:AF:50:E2
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       01856D5D1E5C0EEA42569A9481B081931909
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/gcPYBmJWUfGC6RiWgUI8osOvUOI.roa
Signing time:             Sun 01 Jan 2023 12:44:57 +0000
ROA not before:           Sun 01 Jan 2023 12:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59432
IP address blocks:        188.214.234.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 02 Apr 2023 02:47:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:5d:1e:5c:0e:ea:42:56:9a:94:81:b0:81:93:19:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Jan  1 12:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81c3d806625651f182e9189681423ca2c3af50e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:78:91:4c:e3:17:ea:c9:0c:df:60:8d:7c:38:
                    c1:94:80:9f:df:fa:53:5d:41:06:12:3a:a3:55:69:
                    76:b8:c0:c8:8f:2a:fe:e8:86:0b:59:7f:ff:27:05:
                    b9:80:42:1b:37:44:ad:c5:08:d6:24:c9:bb:1d:b4:
                    c4:a1:10:a0:fb:67:0d:d0:bb:a4:53:83:0e:42:06:
                    71:9e:20:0c:4f:bd:11:c5:4c:d2:73:94:0e:f6:06:
                    ad:02:ed:a6:fe:47:d1:c0:da:7a:e9:65:84:8f:1e:
                    4f:e7:1c:21:40:90:7b:97:b2:7b:73:94:e8:18:d9:
                    ec:88:b2:80:66:c5:52:53:1e:63:96:eb:82:59:36:
                    b5:f6:4b:36:c5:96:49:34:c8:59:34:92:95:ef:01:
                    b5:59:81:ee:f4:70:46:11:33:60:1e:db:0c:c8:49:
                    57:c6:46:98:dd:db:30:dd:d3:48:b9:50:ce:d5:59:
                    e4:0d:15:9c:3c:c6:3f:5b:15:a0:cd:58:2f:dd:84:
                    05:ce:1c:34:6e:a6:90:4b:a9:56:85:a6:1f:e5:14:
                    b2:60:fb:4e:3f:5f:64:1f:03:88:ba:98:21:00:ad:
                    a9:63:d4:b5:97:06:99:4c:c4:bc:c3:52:42:d3:d5:
                    d7:61:7b:cf:bd:c5:63:1a:0c:b6:55:91:7e:55:73:
                    93:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:C3:D8:06:62:56:51:F1:82:E9:18:96:81:42:3C:A2:C3:AF:50:E2
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/gcPYBmJWUfGC6RiWgUI8osOvUOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         93:7d:5d:46:c3:e8:e1:67:1a:de:5e:ee:6d:25:35:ce:3a:37:
         28:21:a8:a5:e9:32:7d:d7:76:99:41:88:75:5e:5c:1b:35:9c:
         d8:ac:1f:58:e7:1f:3f:74:bb:69:3f:72:ab:6e:46:14:00:13:
         f7:44:65:b0:87:4e:aa:ee:b1:c4:4f:f3:b0:71:30:da:37:c5:
         3f:20:b7:16:d7:87:56:9f:88:6d:76:d2:29:db:db:42:a7:a1:
         06:c8:79:6d:6d:53:ea:58:e9:5c:9a:98:68:43:51:9c:eb:0e:
         3a:f8:39:33:94:8b:d9:bb:81:0a:c7:27:c5:73:7d:7f:da:75:
         48:f9:96:ad:6b:f2:cf:96:ab:a7:3b:bc:89:a2:5f:1c:a4:36:
         d1:24:bb:ce:b7:52:33:7d:e8:91:3c:08:9c:9d:58:11:10:cb:
         ff:96:b0:b2:b5:86:cb:58:5b:66:93:c6:98:5f:88:c5:1b:44:
         dd:ae:d4:19:a0:9f:a4:1e:d7:2c:68:ee:11:2b:d3:ce:15:6a:
         1c:46:01:09:cf:6a:90:a9:34:4f:9e:33:a9:d4:3b:ca:7a:e2:
         5a:0b:02:c5:dc:ba:10:53:75:23:06:50:e6:00:8f:9e:fe:07:
         07:68:d4:47:8e:00:5d:fb:69:a0:f0:fe:c0:77:b2:6d:ce:d3:
         74:39:08:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXR5cDupCVpqUgbCBkxkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwMTAxMTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMzZDgwNjYyNTY1MWYxODJlOTE4OTY4MTQyM2NhMmMzYWY1MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHiRTOMX6skM32CNfDjBlICf3/pT
XUEGEjqjVWl2uMDIjyr+6IYLWX//JwW5gEIbN0StxQjWJMm7HbTEoRCg+2cN0Luk
U4MOQgZxniAMT70RxUzSc5QO9gatAu2m/kfRwNp66WWEjx5P5xwhQJB7l7J7c5To
GNnsiLKAZsVSUx5jluuCWTa19ks2xZZJNMhZNJKV7wG1WYHu9HBGETNgHtsMyElX
xkaY3dsw3dNIuVDO1VnkDRWcPMY/WxWgzVgv3YQFzhw0bqaQS6lWhaYf5RSyYPtO
P19kHwOIupghAK2pY9S1lwaZTMS8w1JC09XXYXvPvcVjGgy2VZF+VXOT4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHD2AZiVlHxgukYloFCPKLDr1DiMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvZ2NQWUJtSldVZkdDNlJpV2dVSThvc092VU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNbqMA0G
CSqGSIb3DQEBCwUAA4IBAQCTfV1Gw+jhZxreXu5tJTXOOjcoIail6TJ913aZQYh1
XlwbNZzYrB9Y5x8/dLtpP3KrbkYUABP3RGWwh06q7rHET/OwcTDaN8U/ILcW14dW
n4htdtIp29tCp6EGyHltbVPqWOlcmphoQ1Gc6w46+DkzlIvZu4EKxyfFc31/2nVI
+Zata/LPlqunO7yJol8cpDbRJLvOt1IzfeiRPAicnVgREMv/lrCytYbLWFtmk8aY
X4jFG0TdrtQZoJ+kHtcsaO4RK9POFWocRgEJz2qQqTRPnjOp1DvKeuJaCwLF3LoQ
U3UjBlDmAI+e/gcHaNRHjgBd+2mg8P7Ad7JtztN0OQif
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org