Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gvcZHSC7T8bjdQaLbiwu5q1Ec-A.roa
File:                     gvcZHSC7T8bjdQaLbiwu5q1Ec-A.roa (raw, json)
Hash identifier:          EvBXPx8q2h19hpd/lpjpSAkQDTCOQ6VDZzK7s3wOoaM=
Subject key identifier:   82:F7:19:1D:20:BB:4F:C6:E3:75:06:8B:6E:2C:2E:E6:AD:44:73:E0
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018793D2DAF77E12D402E3A6B48127B52CCC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gvcZHSC7T8bjdQaLbiwu5q1Ec-A.roa
Signing time:             Tue 18 Apr 2023 10:04:41 +0000
ROA not before:           Tue 18 Apr 2023 10:04:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        94.156.11.0/24 maxlen: 24
                          94.156.10.0/24 maxlen: 24
                          45.81.241.0/24 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          94.156.236.0/24 maxlen: 24
                          141.98.1.0/24 maxlen: 24
                          37.221.121.0/24 maxlen: 24
                          37.221.122.0/24 maxlen: 24
                          37.221.123.0/24 maxlen: 24
                          37.221.120.0/24 maxlen: 24
                          193.149.2.0/24 maxlen: 24
                          193.149.3.0/24 maxlen: 24
                          185.221.64.0/24 maxlen: 24
                          45.144.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 05:11:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:93:d2:da:f7:7e:12:d4:02:e3:a6:b4:81:27:b5:2c:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 18 10:04:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82f7191d20bb4fc6e375068b6e2c2ee6ad4473e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:df:52:0d:0d:e7:9f:57:0d:8e:78:3d:44:ba:
                    a6:90:b5:a4:53:8f:ed:05:e9:b5:fc:9f:8f:94:8b:
                    47:ec:88:d5:99:7c:09:89:41:54:fb:e0:d3:a6:64:
                    af:51:41:9f:dc:74:e6:ba:28:9c:5a:75:a7:c3:5d:
                    a6:6a:a1:71:08:a2:86:be:bb:2a:bf:fc:ae:3f:52:
                    90:11:66:64:2e:e5:84:72:c0:e8:1b:a1:3d:dc:0f:
                    ca:b0:29:e4:ce:14:45:13:40:d0:d7:c9:6f:9c:3a:
                    5b:f6:3f:6d:f6:75:b4:61:c0:25:5b:6c:c6:75:fc:
                    b3:76:ab:09:1e:cc:21:62:0f:11:83:29:02:93:73:
                    49:7a:be:12:02:0c:f1:ce:a1:16:25:f1:1f:ae:7b:
                    d5:f2:58:c6:14:b9:5e:a6:17:f0:2b:43:1c:5b:5a:
                    0c:0f:b3:84:eb:4b:2b:9b:3f:a7:10:51:3d:b0:47:
                    10:36:7d:0f:54:77:2e:73:b4:d6:9e:05:f5:1d:58:
                    b7:cc:be:9f:ea:a6:16:1b:46:d4:d3:05:5a:19:ac:
                    da:00:ea:e4:e7:66:77:3e:ef:50:0b:ff:b0:78:c1:
                    2f:4f:a3:3c:a1:68:66:13:db:f4:32:3e:17:21:d7:
                    b0:60:02:83:b9:c1:4a:7a:39:3c:17:98:11:d8:72:
                    77:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F7:19:1D:20:BB:4F:C6:E3:75:06:8B:6E:2C:2E:E6:AD:44:73:E0
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gvcZHSC7T8bjdQaLbiwu5q1Ec-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22
                  45.81.241.0/24
                  45.144.153.0/24
                  94.156.10.0/23
                  94.156.236.0/24
                  94.156.239.0/24
                  141.98.1.0/24
                  185.221.64.0/24
                  193.149.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:c5:c0:d2:9f:26:e9:64:f3:bf:9f:28:9d:d2:42:f7:9c:16:
         5c:ab:63:0f:17:c0:d5:02:41:0d:14:f0:a2:d1:04:28:95:27:
         77:ab:3c:7b:ce:f6:1f:1b:75:cd:89:d4:06:67:b2:18:f9:58:
         4c:fb:9e:f0:1e:fc:16:99:9d:e3:17:de:a5:4e:1e:2e:09:f5:
         d6:f5:65:b9:b1:cd:12:e4:59:01:4d:f2:3f:d3:30:9d:4c:cf:
         55:74:51:dd:e8:74:be:ff:a5:d3:a7:8e:c4:91:6e:23:21:b7:
         c0:3a:1b:fe:18:7e:f2:b7:8b:f9:d2:09:5f:64:3d:26:81:cd:
         d8:9c:c6:5d:aa:70:be:8d:b8:fd:dd:bb:7a:cf:04:fa:da:1f:
         1f:ff:e9:b4:9c:0c:ce:12:69:c9:2d:94:6b:80:9b:e3:db:b4:
         ae:11:6c:7c:52:20:15:77:cd:6a:f3:da:8f:29:59:88:ed:eb:
         50:e3:1f:3a:d7:1b:da:98:3e:1d:0f:2c:7d:1f:e8:34:42:82:
         28:54:05:4d:60:70:98:43:3c:c1:c9:28:95:a3:20:f8:60:be:
         42:c6:83:68:75:2b:42:c7:2d:b3:93:46:4e:56:bb:b9:5a:10:
         20:cf:cd:2b:f4:fa:9c:fd:b6:22:fd:f5:b5:20:5c:61:2d:ef:
         9b:d9:1b:dc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYeT0tr3fhLUAuOmtIEntSzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE4MTAwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmY3MTkxZDIwYmI0ZmM2ZTM3NTA2OGI2ZTJjMmVlNmFkNDQ3M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk99SDQ3nn1cNjng9RLqmkLWkU4/t
Bem1/J+PlItH7IjVmXwJiUFU++DTpmSvUUGf3HTmuiicWnWnw12maqFxCKKGvrsq
v/yuP1KQEWZkLuWEcsDoG6E93A/KsCnkzhRFE0DQ18lvnDpb9j9t9nW0YcAlW2zG
dfyzdqsJHswhYg8RgykCk3NJer4SAgzxzqEWJfEfrnvV8ljGFLlephfwK0McW1oM
D7OE60srmz+nEFE9sEcQNn0PVHcuc7TWngX1HVi3zL6f6qYWG0bU0wVaGazaAOrk
52Z3Pu9QC/+weMEvT6M8oWhmE9v0Mj4XIdewYAKDucFKejk8F5gR2HJ3VwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIL3GR0gu0/G43UGi24sLuatRHPgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ3ZjWkhTQzdUOGJqZFFhTGJpd3U1cTFFYy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCJd14AwQA
LVHxAwQALZCZAwQBXpwKAwQAXpzsAwQAXpzvAwQAjWIBAwQAud1AAwQBwZUCMA0G
CSqGSIb3DQEBCwUAA4IBAQAexcDSnybpZPO/nyid0kL3nBZcq2MPF8DVAkENFPCi
0QQolSd3qzx7zvYfG3XNidQGZ7IY+VhM+57wHvwWmZ3jF96lTh4uCfXW9WW5sc0S
5FkBTfI/0zCdTM9VdFHd6HS+/6XTp47EkW4jIbfAOhv+GH7yt4v50glfZD0mgc3Y
nMZdqnC+jbj93bt6zwT62h8f/+m0nAzOEmnJLZRrgJvj27SuEWx8UiAVd81q89qP
KVmI7etQ4x861xvamD4dDyx9H+g0QoIoVAVNYHCYQzzBySiVoyD4YL5CxoNodStC
xy2zk0ZOVru5WhAgz80r9Pqc/bYi/fW1IFxhLe+b2Rvc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org