Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/GaTA510AHnzaaLgC-Lya9Y3D9-A.roa
File:                     GaTA510AHnzaaLgC-Lya9Y3D9-A.roa (raw, json)
Hash identifier:          /XQ7+FV2klan8jiBOImyxTt+FzDIIaKaOxelMZejk2w=
Subject key identifier:   19:A4:C0:E7:5D:00:1E:7C:DA:68:B8:02:F8:BC:9A:F5:8D:C3:F7:E0
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246CE132A6E4B707D20C9295A66C312
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/GaTA510AHnzaaLgC-Lya9Y3D9-A.roa
Signing time:             Mon 02 Jan 2023 11:38:40 +0000
ROA not before:           Mon 02 Jan 2023 11:38:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202479
IP address blocks:        193.37.139.0/24 maxlen: 24
                          2a0c:9a40:1023::/48 maxlen: 48
                          2a0c:9a40:1013::/48 maxlen: 48
                          2a0c:9a40:1019::/48 maxlen: 48
                          2a0c:9a40:1014::/48 maxlen: 48
                          2a0c:9a40:1017::/48 maxlen: 48
                          2a0c:9a40:1002::/48 maxlen: 48
                          2a0c:9a40:1012::/48 maxlen: 48
                          2a0c:9a40:101d::/48 maxlen: 48
                          2a0c:9a40:1018::/48 maxlen: 48
                          2a0c:9a40:101b::/48 maxlen: 48
                          2a0c:9a40:1021::/48 maxlen: 48
                          2a0c:9a40:1011::/48 maxlen: 48
                          2a0c:9a40:101c::/48 maxlen: 48
                          2a0c:9a40:100c::/48 maxlen: 48
                          2a0c:9a40:101a::/48 maxlen: 48
                          2a0c:9a40:100a::/48 maxlen: 48
                          2a0c:9a40:1015::/48 maxlen: 48
                          2a0c:9a40:1010::/48 maxlen: 48
                          2a0c:9a40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:ce:13:2a:6e:4b:70:7d:20:c9:29:5a:66:c3:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19a4c0e75d001e7cda68b802f8bc9af58dc3f7e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:24:75:9c:d4:da:59:89:56:72:4b:48:39:a3:
                    c3:11:8b:a6:a1:19:a3:49:ed:a9:52:00:76:4f:5c:
                    78:80:57:52:ca:46:ce:a9:0a:b6:fc:cb:a9:a4:1b:
                    f3:83:ab:96:92:6b:be:4e:3f:5a:01:f6:8e:15:d2:
                    6c:9c:79:10:24:de:7a:c9:f6:35:45:29:ed:ef:0d:
                    51:92:1f:8a:cf:c6:aa:d1:ec:56:70:6b:4f:17:fc:
                    69:3e:17:f2:85:da:c2:19:c5:34:c4:94:a9:6d:18:
                    b7:81:63:89:58:68:b1:f6:a4:ef:95:fe:3a:c5:94:
                    0b:e7:8d:52:45:e5:cb:a5:7d:5f:47:f0:cf:56:45:
                    73:92:25:9c:30:d6:5c:a3:b3:cd:fa:db:10:96:6f:
                    04:39:eb:94:16:66:0a:4d:3f:f2:56:53:21:2d:89:
                    f9:ac:e7:f8:e4:20:f1:b7:be:ba:96:db:d4:c6:99:
                    48:36:bf:0f:03:ab:bf:e2:3d:2a:38:d5:a8:18:41:
                    c6:10:ca:e1:fe:9b:02:f4:2f:07:ba:d1:7d:ae:ce:
                    8e:61:a4:43:c2:e7:c9:3f:1c:ac:46:1c:7f:e6:75:
                    f6:f0:60:95:62:53:52:13:49:51:e4:91:a8:a7:ba:
                    f5:f2:19:e4:0d:e2:dc:be:2a:c8:ff:be:39:16:5e:
                    79:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A4:C0:E7:5D:00:1E:7C:DA:68:B8:02:F8:BC:9A:F5:8D:C3:F7:E0
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/GaTA510AHnzaaLgC-Lya9Y3D9-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.139.0/24
                IPv6:
                  2a0c:9a40::/48
                  2a0c:9a40:1002::/48
                  2a0c:9a40:100a::/48
                  2a0c:9a40:100c::/48
                  2a0c:9a40:1010::-2a0c:9a40:1015:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:1017::-2a0c:9a40:101d:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:1021::/48
                  2a0c:9a40:1023::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:2f:90:82:98:85:5c:f9:b2:8e:3e:c5:95:ac:25:6d:1e:23:
         6c:08:95:cb:21:97:f5:29:fd:e9:75:c0:40:90:ad:83:23:e6:
         9e:f2:1d:70:9c:fd:eb:99:23:ed:98:53:9a:f6:a5:92:b1:1d:
         c5:30:e4:43:73:8d:68:a5:dc:e2:35:7e:a8:44:13:cc:d0:df:
         a9:76:b9:6c:1d:56:73:d8:20:d0:ba:b5:36:c3:03:25:2d:91:
         ee:11:f6:25:65:a7:60:e7:31:b6:8a:47:d7:45:19:d4:cd:00:
         48:ec:dc:af:02:be:f4:0e:d5:4b:cc:e7:c4:ba:a0:e0:bc:ef:
         9e:a1:2a:82:f2:71:b5:fc:fa:0f:57:8b:1d:b1:31:35:28:97:
         8e:d8:58:4d:ee:cf:b1:81:40:47:a4:1a:67:ad:28:f7:eb:02:
         f2:4b:54:6f:2e:8b:21:68:46:db:c5:e3:b0:d0:db:f0:38:7c:
         74:d1:aa:99:3f:30:d4:54:7d:a7:63:db:df:47:e6:9a:5f:9b:
         a1:61:8c:91:a3:58:2c:75:8f:de:7c:19:89:aa:4d:2b:2c:fc:
         e5:03:68:6a:73:47:43:5b:2b:04:45:63:7b:da:8e:7a:17:40:
         7d:38:7c:98:55:99:d9:7d:c4:bd:86:e5:74:3f:4c:4f:84:19:
         bb:34:23:9c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYVyRs4TKm5LcH0gySlaZsMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE0YzBlNzVkMDAxZTdjZGE2OGI4MDJmOGJjOWFmNThkYzNmN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiR1nNTaWYlWcktIOaPDEYumoRmj
Se2pUgB2T1x4gFdSykbOqQq2/MuppBvzg6uWkmu+Tj9aAfaOFdJsnHkQJN56yfY1
RSnt7w1Rkh+Kz8aq0exWcGtPF/xpPhfyhdrCGcU0xJSpbRi3gWOJWGix9qTvlf46
xZQL541SReXLpX1fR/DPVkVzkiWcMNZco7PN+tsQlm8EOeuUFmYKTT/yVlMhLYn5
rOf45CDxt766ltvUxplINr8PA6u/4j0qONWoGEHGEMrh/psC9C8HutF9rs6OYaRD
wufJPxysRhx/5nX28GCVYlNSE0lR5JGop7r18hnkDeLcvirI/745Fl55rwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFBmkwOddAB582mi4Avi8mvWNw/fgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvR2FUQTUxMEFIbnphYUxnQy1MeWE5WTNEOS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwDAQCAAEwBgMEAMElizBk
BAIAAjBeAwcAKgyaQAAAAwcAKgyaQBACAwcAKgyaQBAKAwcAKgyaQBAMMBIDBwQq
DJpAEBADBwEqDJpAEBQwEgMHACoMmkAQFwMHASoMmkAQHAMHACoMmkAQIQMHACoM
mkAQIzANBgkqhkiG9w0BAQsFAAOCAQEAQi+QgpiFXPmyjj7FlawlbR4jbAiVyyGX
9Sn96XXAQJCtgyPmnvIdcJz965kj7ZhTmvalkrEdxTDkQ3ONaKXc4jV+qEQTzNDf
qXa5bB1Wc9gg0Lq1NsMDJS2R7hH2JWWnYOcxtopH10UZ1M0ASOzcrwK+9A7VS8zn
xLqg4LzvnqEqgvJxtfz6D1eLHbExNSiXjthYTe7PsYFAR6QaZ60o9+sC8ktUby6L
IWhG28XjsNDb8Dh8dNGqmT8w1FR9p2Pb30fmml+boWGMkaNYLHWP3nwZiapNKyz8
5QNoanNHQ1srBEVje9qOehdAfTh8mFWZ2X3EvYbldD9MT4QZuzQjnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:49 2024 by rpki-client on console-fra.rpki-client.org