Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gkag05dCBXvTYtGKTyMda8TBOtQ.roa
File:                     gkag05dCBXvTYtGKTyMda8TBOtQ.roa (raw, json)
Hash identifier:          boR10It+bfgjGcCLUHXS0WgSEM+Apo8oC8n/4CA7iGc=
Subject key identifier:   82:46:A0:D3:97:42:05:7B:D3:62:D1:8A:4F:23:1D:6B:C4:C1:3A:D4
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C1A3AAAE52E08EA3FD0160CDAE1676419
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gkag05dCBXvTYtGKTyMda8TBOtQ.roa
Signing time:             Wed 29 Nov 2023 08:38:21 +0000
ROA not before:           Wed 29 Nov 2023 08:38:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25369
IP address blocks:        194.31.204.0/24 maxlen: 24
                          45.90.88.0/23 maxlen: 24
                          5.252.132.0/22 maxlen: 24
                          193.58.120.0/24 maxlen: 24
                          45.149.241.0/24 maxlen: 24
                          193.25.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Dec 2023 12:39:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1a:3a:aa:e5:2e:08:ea:3f:d0:16:0c:da:e1:67:64:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Nov 29 08:38:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8246a0d39742057bd362d18a4f231d6bc4c13ad4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:61:62:45:16:45:ac:ed:2b:41:06:2b:3a:4b:
                    13:0d:ee:93:61:79:91:16:bf:29:da:98:8d:5f:45:
                    b5:88:2a:15:72:48:c6:94:68:0d:c7:3c:4d:a4:c1:
                    84:de:bc:93:65:02:20:36:7b:8f:ea:94:03:e2:70:
                    ee:da:5a:f0:d4:90:b3:10:39:dd:e6:f4:c3:20:98:
                    ee:1c:f2:1f:a8:65:7f:99:74:e3:1d:0b:9a:c4:8a:
                    bd:ae:e2:9d:97:d3:a0:55:85:49:c4:9a:39:9f:90:
                    a4:9e:18:cb:5b:fd:90:2d:4a:09:be:ee:2e:0c:f3:
                    bb:b5:34:a4:b5:ea:b2:55:c3:0a:2f:0f:0a:6a:f4:
                    0d:44:1c:a7:94:3b:c3:2e:2a:02:b2:59:fd:a3:c3:
                    93:62:b2:b4:a6:47:7e:3e:e8:ea:3a:12:d7:d0:86:
                    ed:c0:49:8b:c2:53:e0:f9:0b:80:31:43:14:e6:c3:
                    cf:8b:9c:16:f3:0d:ff:a0:62:72:f2:42:10:ef:1c:
                    44:ab:17:23:c2:30:88:22:3d:5d:a4:0d:2c:93:21:
                    b3:db:56:ab:00:3e:cd:cf:90:43:f2:01:2e:10:1a:
                    31:f0:98:51:e8:67:fa:2f:ef:5f:db:9c:55:c6:96:
                    d3:ad:8f:ca:c2:f8:42:65:49:f6:e1:d7:fe:b2:a0:
                    88:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:46:A0:D3:97:42:05:7B:D3:62:D1:8A:4F:23:1D:6B:C4:C1:3A:D4
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gkag05dCBXvTYtGKTyMda8TBOtQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.132.0/22
                  45.90.88.0/23
                  45.149.241.0/24
                  193.25.218.0/24
                  193.58.120.0/24
                  194.31.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:4d:b4:7a:1f:fd:d1:b4:76:af:57:c9:07:d5:ca:6a:b5:67:
         01:77:1e:ea:09:72:9f:74:d7:f3:ff:51:5f:7b:3a:67:a9:88:
         fa:88:86:0a:a7:e5:d4:a0:c0:3e:66:43:60:e8:4b:1c:37:0b:
         17:1e:e2:d6:c8:cc:e4:78:0f:66:63:bc:fc:02:1e:2d:22:44:
         10:78:b0:a5:91:94:0f:0c:a7:31:57:17:88:8b:3a:44:73:24:
         8c:78:f4:3d:e3:69:1f:b6:da:69:8c:90:90:57:c8:81:cf:c4:
         8d:7d:71:06:51:c3:e8:74:aa:23:0a:fc:37:66:a2:3a:ae:35:
         5f:b5:ad:69:f5:8d:6b:a4:fb:2b:f8:d5:71:ef:09:71:74:14:
         46:b3:0e:f9:12:16:f7:a6:b4:8a:a2:5a:aa:22:b1:38:98:07:
         01:23:b0:d5:d7:be:df:e4:aa:3f:f3:77:d1:35:ec:5f:5e:8d:
         58:f0:fc:d3:e2:4c:95:fe:ca:70:90:92:88:3f:36:15:02:60:
         2c:f5:26:19:1a:e4:7b:b9:88:3c:fb:84:46:f2:c0:ab:3c:24:
         de:f1:1e:e2:89:bd:98:c1:97:6c:23:3e:30:59:1b:bb:a9:86:
         ca:57:f0:76:8a:e3:4c:3b:7b:98:30:7d:ba:32:1e:85:92:85:
         44:2f:d4:e4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwaOqrlLgjqP9AWDNrhZ2QZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI5MDgzODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ2YTBkMzk3NDIwNTdiZDM2MmQxOGE0ZjIzMWQ2YmM0YzEzYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GFiRRZFrO0rQQYrOksTDe6TYXmR
Fr8p2piNX0W1iCoVckjGlGgNxzxNpMGE3ryTZQIgNnuP6pQD4nDu2lrw1JCzEDnd
5vTDIJjuHPIfqGV/mXTjHQuaxIq9ruKdl9OgVYVJxJo5n5CknhjLW/2QLUoJvu4u
DPO7tTSkteqyVcMKLw8KavQNRBynlDvDLioCsln9o8OTYrK0pkd+PujqOhLX0Ibt
wEmLwlPg+QuAMUMU5sPPi5wW8w3/oGJy8kIQ7xxEqxcjwjCIIj1dpA0skyGz21ar
AD7Nz5BD8gEuEBox8JhR6Gf6L+9f25xVxpbTrY/KwvhCZUn24df+sqCImwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIJGoNOXQgV702LRik8jHWvEwTrUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ2thZzA1ZENCWHZUWXRHS1R5TWRhOFRCT3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBfyEAwQB
LVpYAwQALZXxAwQAwRnaAwQAwTp4AwQAwh/MMA0GCSqGSIb3DQEBCwUAA4IBAQA7
TbR6H/3RtHavV8kH1cpqtWcBdx7qCXKfdNfz/1FfezpnqYj6iIYKp+XUoMA+ZkNg
6EscNwsXHuLWyMzkeA9mY7z8Ah4tIkQQeLClkZQPDKcxVxeIizpEcySMePQ942kf
ttppjJCQV8iBz8SNfXEGUcPodKojCvw3ZqI6rjVfta1p9Y1rpPsr+NVx7wlxdBRG
sw75Ehb3prSKolqqIrE4mAcBI7DV177f5Ko/83fRNexfXo1Y8PzT4kyV/spwkJKI
PzYVAmAs9SYZGuR7uYg8+4RG8sCrPCTe8R7iib2YwZdsIz4wWRu7qYbKV/B2iuNM
O3uYMH26Mh6FkoVEL9Tk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org