Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/gYBanp_nVyLlUbjNyHCV-yrJC1M.roa
File:                     gYBanp_nVyLlUbjNyHCV-yrJC1M.roa (raw, json)
Hash identifier:          o6ASibIlQ3EgLiohcSfQ1SDvQSRjtLp+OjgH6ebfflo=
Subject key identifier:   81:80:5A:9E:9F:E7:57:22:E5:51:B8:CD:C8:70:95:FB:2A:C9:0B:53
Certificate issuer:       /CN=ca707e086640056bc271d5d2b3e24d01440baa04
Certificate serial:       018F3F190A1FF33897A723FCD601B5C7B287
Authority key identifier: CA:70:7E:08:66:40:05:6B:C2:71:D5:D2:B3:E2:4D:01:44:0B:AA:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ynB-CGZABWvCcdXSs-JNAUQLqgQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/gYBanp_nVyLlUbjNyHCV-yrJC1M.roa
Signing time:             Fri 03 May 2024 15:35:56 +0000
ROA not before:           Fri 03 May 2024 15:35:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215427
IP address blocks:        2a14:41c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 06 Jun 2024 18:23:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3f:19:0a:1f:f3:38:97:a7:23:fc:d6:01:b5:c7:b2:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca707e086640056bc271d5d2b3e24d01440baa04
        Validity
            Not Before: May  3 15:35:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=81805a9e9fe75722e551b8cdc87095fb2ac90b53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:cb:b3:a4:02:b2:2e:11:fa:48:ef:77:0d:b8:
                    9a:58:75:ad:e9:bf:b1:ef:16:49:62:c8:69:ec:c2:
                    8d:07:d7:ff:06:ef:c8:80:ee:77:06:5a:6c:17:56:
                    d9:07:88:75:79:36:99:d2:84:d6:2e:ac:8c:2a:a7:
                    96:0f:cc:b9:da:87:f9:d8:18:83:08:7c:70:b6:f5:
                    de:cb:91:29:55:93:77:c3:30:db:45:90:d7:da:9f:
                    7e:d9:60:a4:11:11:bd:41:d6:d9:31:a4:23:7c:2e:
                    a1:a0:ba:dc:50:2f:47:16:bc:7e:c8:10:f0:0e:62:
                    7d:fe:de:a5:6a:69:9b:65:51:ee:40:81:c4:1a:d7:
                    ca:59:10:f1:51:86:1d:2d:fb:44:29:cb:f6:2e:77:
                    f0:7a:07:80:c8:48:54:40:0a:86:21:08:50:5c:58:
                    74:c8:54:03:95:16:18:3e:6b:29:9b:88:f4:20:8e:
                    29:92:90:3d:03:09:3d:77:ba:70:3a:b6:4a:04:58:
                    c2:d7:bd:a0:2c:92:92:21:9f:7a:3f:a6:de:a4:c4:
                    71:43:a9:da:66:58:a1:5a:7c:81:54:11:ed:21:a4:
                    01:ba:01:66:23:ea:9f:c1:2a:0a:db:b7:62:a9:41:
                    b8:54:d9:5c:29:3f:9d:82:bf:43:db:83:a4:13:ee:
                    2e:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:80:5A:9E:9F:E7:57:22:E5:51:B8:CD:C8:70:95:FB:2A:C9:0B:53
            X509v3 Authority Key Identifier:
                keyid:CA:70:7E:08:66:40:05:6B:C2:71:D5:D2:B3:E2:4D:01:44:0B:AA:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynB-CGZABWvCcdXSs-JNAUQLqgQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/gYBanp_nVyLlUbjNyHCV-yrJC1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/ynB-CGZABWvCcdXSs-JNAUQLqgQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:41c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:98:3f:aa:8c:ed:5c:a7:ed:f0:6b:08:2b:ed:2b:a2:21:99:
         73:68:30:62:6e:7f:d3:89:f7:3b:7a:cd:06:86:4c:36:01:84:
         d8:7f:93:67:b0:73:90:9d:19:81:69:20:77:f6:17:8f:c4:2f:
         26:41:dd:e9:c4:c6:d1:af:dd:4f:db:48:48:ab:13:d5:25:90:
         d3:9c:ed:67:21:4d:90:9f:1b:77:91:5e:79:e2:36:26:c2:0a:
         3b:fe:30:fe:6e:6a:49:0e:5d:75:0f:5b:08:3b:5e:7d:c5:ca:
         10:6f:c7:7c:cd:bc:70:f1:fa:8c:83:cf:92:83:4d:73:42:bf:
         c8:4d:e9:84:09:5c:ca:0f:2e:e2:d5:48:70:64:f5:aa:81:9d:
         0c:c7:cd:3b:bd:99:56:60:2e:5a:e7:93:f6:6d:e4:9b:33:21:
         78:48:78:67:a0:b5:d5:85:77:2e:27:d1:ae:04:ff:ea:f4:68:
         5f:1c:2c:bf:06:a6:65:83:a3:1b:30:26:ae:2e:b7:17:98:59:
         f1:68:0e:78:6b:02:5c:93:19:33:7c:6f:3b:aa:69:75:ee:d9:
         bc:24:65:50:a4:0f:e9:c6:4c:7e:e2:aa:d8:dc:c3:d7:4c:24:
         db:74:27:c4:bf:b3:58:00:23:49:17:f4:01:9d:b7:ab:3a:dc:
         c0:a0:09:b4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8/GQof8ziXpyP81gG1x7KHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzA3ZTA4NjY0MDA1NmJjMjcxZDVkMmIzZTI0ZDAxNDQw
YmFhMDQwHhcNMjQwNTAzMTUzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTgwNWE5ZTlmZTc1NzIyZTU1MWI4Y2RjODcwOTVmYjJhYzkwYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMuzpAKyLhH6SO93DbiaWHWt6b+x
7xZJYshp7MKNB9f/Bu/IgO53BlpsF1bZB4h1eTaZ0oTWLqyMKqeWD8y52of52BiD
CHxwtvXey5EpVZN3wzDbRZDX2p9+2WCkERG9QdbZMaQjfC6hoLrcUC9HFrx+yBDw
DmJ9/t6lammbZVHuQIHEGtfKWRDxUYYdLftEKcv2LnfwegeAyEhUQAqGIQhQXFh0
yFQDlRYYPmspm4j0II4pkpA9Awk9d7pwOrZKBFjC172gLJKSIZ96P6bepMRxQ6na
ZlihWnyBVBHtIaQBugFmI+qfwSoK27diqUG4VNlcKT+dgr9D24OkE+4uqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIGAWp6f51ci5VG4zchwlfsqyQtTMB8GA1UdIwQY
MBaAFMpwfghmQAVrwnHV0rPiTQFEC6oEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5CLUNHWkFCV3ZDY2RYU3MtSk5BVVFMcWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zNzZjY2QtZGVmYS00MDI4LWFmMWMt
Yjk5Y2UzMGQ4MzlmLzEvZ1lCYW5wX25WeUxsVWJqTnlIQ1YteXJKQzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zNzZjY2QtZGVmYS00MDI4LWFmMWMtYjk5Y2UzMGQ4Mzlm
LzEveW5CLUNHWkFCV3ZDY2RYU3MtSk5BVVFMcWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRBwDAN
BgkqhkiG9w0BAQsFAAOCAQEAX5g/qoztXKft8GsIK+0roiGZc2gwYm5/04n3O3rN
BoZMNgGE2H+TZ7BzkJ0ZgWkgd/YXj8QvJkHd6cTG0a/dT9tISKsT1SWQ05ztZyFN
kJ8bd5FeeeI2JsIKO/4w/m5qSQ5ddQ9bCDtefcXKEG/HfM28cPH6jIPPkoNNc0K/
yE3phAlcyg8u4tVIcGT1qoGdDMfNO72ZVmAuWueT9m3kmzMheEh4Z6C11YV3LifR
rgT/6vRoXxwsvwamZYOjGzAmri63F5hZ8WgOeGsCXJMZM3xvO6ppde7ZvCRlUKQP
6cZMfuKq2NzD10wk23QnxL+zWAAjSRf0AZ23qzrcwKAJtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 21:15:25 2024 by rpki-client on console-fra.rpki-client.org