Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/goIfki_aq9mu2k_sdHR0NaY-GMg.roa
File:                     goIfki_aq9mu2k_sdHR0NaY-GMg.roa (raw, json)
Hash identifier:          47EY6AcR0FROPwmiUXDafvi5dd+vbMbA2JWTx8Pshhg=
Subject key identifier:   82:82:1F:92:2F:DA:AB:D9:AE:DA:4F:EC:74:74:74:35:A6:3E:18:C8
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0185708CD305B4AFE1CFC42FD21BBEFB5D66
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/goIfki_aq9mu2k_sdHR0NaY-GMg.roa
Signing time:             Mon 02 Jan 2023 03:35:55 +0000
ROA not before:           Mon 02 Jan 2023 03:35:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     11325
IP address blocks:        2.57.248.0/22 maxlen: 22
                          45.80.96.0/22 maxlen: 22
                          45.85.128.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:d3:05:b4:af:e1:cf:c4:2f:d2:1b:be:fb:5d:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jan  2 03:35:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82821f922fdaabd9aeda4fec74747435a63e18c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2f:7f:d0:57:06:45:8f:20:b8:13:c3:6b:ec:
                    7a:38:2f:6e:4f:b9:90:f7:18:fc:04:c1:03:81:b4:
                    e1:23:d2:4b:46:0d:11:2a:99:f4:7c:d0:b2:74:5d:
                    51:f4:df:28:51:ad:7b:86:2a:6e:63:dd:56:ab:54:
                    42:cc:d9:62:52:8b:46:82:76:63:11:4d:e3:ac:f7:
                    bf:81:20:9c:20:93:a7:5f:44:d5:6f:eb:78:95:c8:
                    98:85:27:42:f3:19:dc:3a:8a:cc:4b:1b:40:49:30:
                    64:90:6e:e4:88:c4:85:8e:c3:a3:7c:a9:47:64:71:
                    ed:31:da:98:eb:df:f1:97:03:45:e0:bf:a8:d0:40:
                    c3:44:16:3d:b0:30:ee:41:52:83:47:fc:b0:d9:6b:
                    f6:80:f2:76:a3:8b:35:02:6f:72:09:ea:67:a0:b2:
                    1f:eb:42:4c:e4:e7:fe:fb:51:5c:da:8c:30:ea:31:
                    cb:1e:06:3d:26:d5:4c:b0:59:b7:58:14:bd:6f:d1:
                    dd:8a:9d:05:83:8b:a4:f3:e3:61:ab:3b:c5:0f:ba:
                    05:33:d8:fe:ed:93:5f:c3:cb:d9:87:e9:a5:e7:a0:
                    da:f0:ea:d2:02:16:5c:f6:a3:2b:1d:de:e8:7b:de:
                    72:75:aa:0b:fe:05:d2:04:97:20:dd:0e:9a:27:a3:
                    04:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:82:1F:92:2F:DA:AB:D9:AE:DA:4F:EC:74:74:74:35:A6:3E:18:C8
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/goIfki_aq9mu2k_sdHR0NaY-GMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.248.0/22
                  45.80.96.0/22
                  45.85.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:cb:fc:5c:0f:d1:b8:4f:fe:9a:1e:9e:58:6e:45:af:d3:c5:
         52:f3:77:7e:84:d7:9f:94:fb:15:1f:ac:9a:5c:60:1d:6c:e5:
         8f:16:65:42:bb:3c:99:0c:0c:3a:81:6c:26:32:80:c1:b4:b6:
         ce:d6:aa:57:d0:7f:d1:4b:61:74:59:9f:db:5f:1d:ac:4e:96:
         d0:80:ac:e4:44:c7:f9:9b:ed:44:86:27:41:d2:bc:0f:10:d3:
         89:50:a4:ee:e0:86:36:aa:0f:b9:74:7e:70:16:0f:09:a7:d0:
         3a:ac:89:90:21:83:8a:0a:f4:6f:42:c0:df:ed:7b:95:54:5f:
         3b:11:58:aa:82:b0:e9:52:47:2e:8a:68:cb:dc:19:97:61:f1:
         f7:49:b8:9b:44:aa:42:fd:a1:93:71:58:3a:95:e6:38:5d:15:
         76:41:11:98:81:22:81:22:e9:64:08:01:a4:6c:ae:99:2a:d5:
         07:ee:92:34:bd:fe:a2:08:1e:0e:1d:d4:21:b5:b9:c2:58:08:
         fd:7d:78:19:b8:0b:a6:3b:8c:39:fe:bc:61:d6:ad:68:80:25:
         1c:09:dc:44:38:7f:2c:39:ec:ce:55:6d:87:34:19:10:d7:78:
         cd:2f:2d:eb:04:f4:06:b0:8e:96:95:92:2c:ce:4d:58:36:7d:
         4c:03:e0:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwjNMFtK/hz8Qv0hu++11mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMTAyMDMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjgyMWY5MjJmZGFhYmQ5YWVkYTRmZWM3NDc0NzQzNWE2M2UxOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S9/0FcGRY8guBPDa+x6OC9uT7mQ
9xj8BMEDgbThI9JLRg0RKpn0fNCydF1R9N8oUa17hipuY91Wq1RCzNliUotGgnZj
EU3jrPe/gSCcIJOnX0TVb+t4lciYhSdC8xncOorMSxtASTBkkG7kiMSFjsOjfKlH
ZHHtMdqY69/xlwNF4L+o0EDDRBY9sDDuQVKDR/yw2Wv2gPJ2o4s1Am9yCepnoLIf
60JM5Of++1Fc2oww6jHLHgY9JtVMsFm3WBS9b9Hdip0Fg4uk8+NhqzvFD7oFM9j+
7ZNfw8vZh+ml56Da8OrSAhZc9qMrHd7oe95ydaoL/gXSBJcg3Q6aJ6MEpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIKCH5Iv2qvZrtpP7HR0dDWmPhjIMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvZ29JZmtpX2FxOW11Mmtfc2RIUjBOYVktR01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjn4AwQC
LVBgAwQBLVWAMA0GCSqGSIb3DQEBCwUAA4IBAQAzy/xcD9G4T/6aHp5YbkWv08VS
83d+hNeflPsVH6yaXGAdbOWPFmVCuzyZDAw6gWwmMoDBtLbO1qpX0H/RS2F0WZ/b
Xx2sTpbQgKzkRMf5m+1EhidB0rwPENOJUKTu4IY2qg+5dH5wFg8Jp9A6rImQIYOK
CvRvQsDf7XuVVF87EViqgrDpUkcuimjL3BmXYfH3SbibRKpC/aGTcVg6leY4XRV2
QRGYgSKBIulkCAGkbK6ZKtUH7pI0vf6iCB4OHdQhtbnCWAj9fXgZuAumO4w5/rxh
1q1ogCUcCdxEOH8sOezOVW2HNBkQ13jNLy3rBPQGsI6WlZIszk1YNn1MA+D8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org