Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/abGZ6Kg4ZWNzYR_gRRkh6EADM6Q.roa
File:                     abGZ6Kg4ZWNzYR_gRRkh6EADM6Q.roa (raw, json)
Hash identifier:          ieOJPTO0g0Blsylht81pEGakv4StzXwgk9rK1h7VQEA=
Subject key identifier:   69:B1:99:E8:A8:38:65:63:73:61:1F:E0:45:19:21:E8:40:03:33:A4
Certificate issuer:       /CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Certificate serial:       01868D9A2655E97EB39BE40E39C5CF0909DE
Authority key identifier: 6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/abGZ6Kg4ZWNzYR_gRRkh6EADM6Q.roa
Signing time:             Sun 26 Feb 2023 12:02:15 +0000
ROA not before:           Sun 26 Feb 2023 12:02:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29488
IP address blocks:        217.74.176.0/20 maxlen: 20
                          2001:1a30::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 28 Feb 2023 16:13:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:8d:9a:26:55:e9:7e:b3:9b:e4:0e:39:c5:cf:09:09:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6faae55613fc89586f7bd6de0edca097b8615a6a
        Validity
            Not Before: Feb 26 12:02:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69b199e8a838656373611fe0451921e8400333a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3a:92:f3:0d:75:ae:58:53:f9:95:35:ba:02:
                    f4:04:0e:ef:df:cd:96:d1:d0:76:a3:4f:6c:0f:56:
                    d4:19:de:e9:b3:ff:1c:40:8a:e6:77:88:66:e6:9e:
                    5b:8b:0d:d5:36:d0:e2:24:bb:52:7a:5e:64:2b:ba:
                    6f:d3:53:d0:a2:d1:d8:6a:d8:0c:03:de:9a:25:f2:
                    7d:5f:8f:45:d9:87:f1:06:5e:74:40:41:bd:75:13:
                    c0:2c:34:16:e9:aa:53:c9:c2:ed:f5:40:d7:d2:47:
                    19:7d:8b:25:8a:f2:1e:f5:34:b1:50:1a:76:10:9b:
                    95:bf:ab:94:4f:ac:1e:4e:a8:3f:f2:8f:89:4a:de:
                    2e:ac:63:26:68:22:b4:20:c2:04:36:1d:f1:38:b8:
                    52:d4:41:55:52:78:4d:7a:a7:fc:08:b3:27:11:bb:
                    90:2e:bc:0c:5b:4a:bd:e5:ec:2e:86:db:d8:7b:ec:
                    99:7a:c4:aa:32:7f:c8:e7:11:77:c4:57:b0:9a:b3:
                    94:cb:33:99:58:86:d5:e6:55:42:96:66:be:e1:60:
                    6b:e0:2f:21:8d:d1:df:a7:6e:4c:b5:55:20:ea:5a:
                    a2:c8:3f:a3:8c:f0:48:f6:6d:49:51:ba:a7:22:e1:
                    ee:0b:4d:e2:b3:b1:54:73:4a:d0:c0:74:a9:ed:9b:
                    9d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:B1:99:E8:A8:38:65:63:73:61:1F:E0:45:19:21:E8:40:03:33:A4
            X509v3 Authority Key Identifier:
                keyid:6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/abGZ6Kg4ZWNzYR_gRRkh6EADM6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.74.176.0/20
                IPv6:
                  2001:1a30::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:90:e7:1b:75:2b:0c:1d:be:a8:d4:08:c5:09:58:64:5c:19:
         01:10:9c:de:1a:fe:0b:e1:19:60:01:b3:91:db:2f:cd:10:90:
         b9:2a:30:da:4a:3a:ff:34:75:68:03:5f:ac:07:9e:18:35:82:
         f3:41:33:3a:7e:8f:02:0c:f9:22:4e:ea:d2:ad:14:0c:c0:9f:
         c0:18:64:fa:eb:25:c9:4b:51:d9:b8:69:0b:19:d1:5b:49:fe:
         88:59:96:a2:9c:81:13:5f:fd:04:78:21:8c:32:1d:cd:b7:f0:
         0d:9e:2d:16:0d:d7:b6:4d:9d:4d:a5:99:98:0c:ba:b1:50:35:
         77:e0:99:df:0a:16:c4:68:66:08:e6:95:3e:53:9d:38:11:57:
         81:1d:dd:8f:ab:58:b7:c4:a1:a1:cd:bc:4b:a9:72:92:22:0f:
         61:f9:d0:12:a5:59:b6:aa:88:a8:0d:1f:85:0b:b0:f0:bc:21:
         f0:96:1d:01:57:91:fa:e7:77:69:74:21:72:0a:37:a7:7b:c3:
         22:4c:20:4b:d2:d6:f5:8f:ce:43:78:8c:ca:88:ad:81:3d:20:
         0c:cc:50:21:64:46:ae:c9:6d:2b:6c:d8:d9:e6:5d:c6:a7:5f:
         ca:8c:7b:0e:51:90:34:5e:9c:cd:a3:93:00:4e:e3:45:9f:b2:
         2b:80:a2:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaNmiZV6X6zm+QOOcXPCQneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYWFlNTU2MTNmYzg5NTg2ZjdiZDZkZTBlZGNhMDk3Yjg2
MTVhNmEwHhcNMjMwMjI2MTIwMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWIxOTllOGE4Mzg2NTYzNzM2MTFmZTA0NTE5MjFlODQwMDMzM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTqS8w11rlhT+ZU1ugL0BA7v382W
0dB2o09sD1bUGd7ps/8cQIrmd4hm5p5biw3VNtDiJLtSel5kK7pv01PQotHYatgM
A96aJfJ9X49F2YfxBl50QEG9dRPALDQW6apTycLt9UDX0kcZfYslivIe9TSxUBp2
EJuVv6uUT6weTqg/8o+JSt4urGMmaCK0IMIENh3xOLhS1EFVUnhNeqf8CLMnEbuQ
LrwMW0q95ewuhtvYe+yZesSqMn/I5xF3xFewmrOUyzOZWIbV5lVClma+4WBr4C8h
jdHfp25MtVUg6lqiyD+jjPBI9m1JUbqnIuHuC03is7FUc0rQwHSp7Zud2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGmxmeioOGVjc2Ef4EUZIehAAzOkMB8GA1UdIwQY
MBaAFG+q5VYT/IlYb3vW3g7coJe4YVpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUt
MWIxMjY0MWY0OTNiLzEvYWJHWjZLZzRaV056WVJfZ1JSa2g2RUFETTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUtMWIxMjY0MWY0OTNi
LzEvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UqwMA0E
AgACMAcDBQAgARowMA0GCSqGSIb3DQEBCwUAA4IBAQCBkOcbdSsMHb6o1AjFCVhk
XBkBEJzeGv4L4RlgAbOR2y/NEJC5KjDaSjr/NHVoA1+sB54YNYLzQTM6fo8CDPki
TurSrRQMwJ/AGGT66yXJS1HZuGkLGdFbSf6IWZainIETX/0EeCGMMh3Nt/ANni0W
Dde2TZ1NpZmYDLqxUDV34JnfChbEaGYI5pU+U504EVeBHd2Pq1i3xKGhzbxLqXKS
Ig9h+dASpVm2qoioDR+FC7DwvCHwlh0BV5H653dpdCFyCjene8MiTCBL0tb1j85D
eIzKiK2BPSAMzFAhZEauyW0rbNjZ5l3Gp1/KjHsOUZA0XpzNo5MATuNFn7IrgKL1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:34 2024 by rpki-client on console-ams.rpki-client.org