Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/x010gGraBobPdnOWw2_9rNQ8aVE.roa
File:                     x010gGraBobPdnOWw2_9rNQ8aVE.roa (raw, json)
Hash identifier:          gn6EA/YlSOrGFEQPb+WciZNFTAmBdGeltws5nG0g8g4=
Subject key identifier:   C7:4D:74:80:6A:DA:06:86:CF:76:73:96:C3:6F:FD:AC:D4:3C:69:51
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       0189D0C32BE4035275808CD965C6BF8CD44B
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/x010gGraBobPdnOWw2_9rNQ8aVE.roa
Signing time:             Mon 07 Aug 2023 16:09:58 +0000
ROA not before:           Mon 07 Aug 2023 16:09:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.214.232.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 28 Aug 2023 23:44:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d0:c3:2b:e4:03:52:75:80:8c:d9:65:c6:bf:8c:d4:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Aug  7 16:09:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c74d74806ada0686cf767396c36ffdacd43c6951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:c4:ce:e0:a2:a4:b1:b7:21:db:3d:39:80:f3:
                    46:5d:31:cc:ac:b0:e2:32:81:ab:74:d2:22:7e:ad:
                    5a:fe:a1:68:c0:ff:95:58:cb:e2:2f:cd:d8:d5:5b:
                    77:40:f5:a4:bd:24:52:a1:d4:88:e8:93:18:ef:81:
                    78:13:3f:de:b7:e3:6d:eb:f7:0e:09:b0:59:f8:f2:
                    4f:7e:ec:e8:bb:a4:63:45:96:b6:7f:09:f5:b4:ee:
                    23:d4:08:e2:53:3a:8c:41:72:c6:aa:2b:7e:1d:5c:
                    18:64:ff:0e:f3:09:67:6f:f6:bf:91:ad:2a:53:90:
                    d7:99:0b:5e:67:12:4e:d8:76:54:30:9d:99:ae:15:
                    0b:80:40:6a:f0:93:f8:12:d2:af:11:fe:ff:7f:66:
                    1f:d9:22:64:ec:4c:18:cf:de:3d:ca:cc:2d:35:b9:
                    6e:2c:7c:e3:d1:b9:d4:4c:a7:25:69:3a:ff:bd:58:
                    74:79:fd:97:c3:13:8c:3d:ff:ee:33:5d:f3:47:19:
                    b0:53:d2:d4:c9:7e:60:9a:8e:a5:21:4e:7d:2f:a6:
                    f9:53:32:0c:0c:45:9e:28:66:3a:21:d4:69:86:4d:
                    9d:00:c2:62:54:ed:c7:cb:a2:67:81:a7:da:45:c0:
                    35:68:ec:7c:2d:d1:bd:e6:84:0d:54:cf:28:ef:76:
                    28:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:4D:74:80:6A:DA:06:86:CF:76:73:96:C3:6F:FD:AC:D4:3C:69:51
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/x010gGraBobPdnOWw2_9rNQ8aVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:fb:0b:f4:ab:71:26:a7:09:f0:07:08:18:5a:80:86:cd:9d:
         53:b6:38:36:25:0e:83:12:03:79:c9:01:ce:08:21:95:9f:79:
         b3:c8:d8:da:21:bf:be:21:a1:5e:f0:91:47:8f:8c:34:25:58:
         b3:58:25:74:86:f2:a7:e4:e8:cf:fc:1c:cc:f7:dd:cf:d2:d2:
         82:02:b9:5e:68:c0:c6:57:6a:25:94:15:ed:cc:6b:10:a3:04:
         1b:57:c9:ce:bc:f9:23:71:73:67:c8:2b:98:40:14:14:be:9c:
         78:af:1b:35:72:c3:45:a6:19:3d:be:41:d5:1c:d1:c5:1c:99:
         7a:99:a1:b5:e3:a9:10:97:da:7d:91:5b:b0:2b:d7:e1:a1:9b:
         f3:55:da:18:e3:98:96:27:de:26:96:18:a7:85:90:89:e8:b2:
         4c:ea:53:72:b6:58:9b:cf:57:4d:80:60:16:0e:49:5a:71:eb:
         b3:30:03:03:8f:b1:77:de:ff:df:33:55:25:6c:6b:e5:68:c3:
         51:31:2e:11:98:52:76:8d:13:20:94:79:83:64:2c:bb:b6:b5:
         55:b8:83:90:91:26:ff:b3:1c:d9:9c:c7:fa:a3:b8:37:77:44:
         6a:aa:5b:54:56:e3:b1:3f:d0:a2:61:ef:4a:f3:e3:20:9a:d0:
         da:9f:dd:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnQwyvkA1J1gIzZZca/jNRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwODA3MTYwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzRkNzQ4MDZhZGEwNjg2Y2Y3NjczOTZjMzZmZmRhY2Q0M2M2OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMTO4KKksbch2z05gPNGXTHMrLDi
MoGrdNIifq1a/qFowP+VWMviL83Y1Vt3QPWkvSRSodSI6JMY74F4Ez/et+Nt6/cO
CbBZ+PJPfuzou6RjRZa2fwn1tO4j1AjiUzqMQXLGqit+HVwYZP8O8wlnb/a/ka0q
U5DXmQteZxJO2HZUMJ2ZrhULgEBq8JP4EtKvEf7/f2Yf2SJk7EwYz949yswtNblu
LHzj0bnUTKclaTr/vVh0ef2XwxOMPf/uM13zRxmwU9LUyX5gmo6lIU59L6b5UzIM
DEWeKGY6IdRphk2dAMJiVO3Hy6JngafaRcA1aOx8LdG95oQNVM8o73YoZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdNdIBq2gaGz3ZzlsNv/azUPGlRMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEveDAxMGdHcmFCb2JQZG5PV3cyXzlyTlE4YVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNboMA0G
CSqGSIb3DQEBCwUAA4IBAQCN+wv0q3EmpwnwBwgYWoCGzZ1Ttjg2JQ6DEgN5yQHO
CCGVn3mzyNjaIb++IaFe8JFHj4w0JVizWCV0hvKn5OjP/BzM993P0tKCArleaMDG
V2ollBXtzGsQowQbV8nOvPkjcXNnyCuYQBQUvpx4rxs1csNFphk9vkHVHNHFHJl6
maG146kQl9p9kVuwK9fhoZvzVdoY45iWJ94mlhinhZCJ6LJM6lNytlibz1dNgGAW
DklaceuzMAMDj7F33v/fM1UlbGvlaMNRMS4RmFJ2jRMglHmDZCy7trVVuIOQkSb/
sxzZnMf6o7g3d0RqqltUVuOxP9CiYe9K8+MgmtDan91b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org