Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/guiZ0G6JoIs20171c-HREjyYvlw.roa
File:                     guiZ0G6JoIs20171c-HREjyYvlw.roa (raw, json)
Hash identifier:          h2czcX3OqmNutNUdh8hR5pCxN7L0uFEK4JOA6KbeeYM=
Subject key identifier:   82:E8:99:D0:6E:89:A0:8B:36:D3:5E:F5:73:E1:D1:12:3C:98:BE:5C
Certificate issuer:       /CN=f6aed6d5ce415797c1285f7ef6fd043c6466e7de
Certificate serial:       018572CC94E9895AB7C9A0E163EFC96EE677
Authority key identifier: F6:AE:D6:D5:CE:41:57:97:C1:28:5F:7E:F6:FD:04:3C:64:66:E7:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9q7W1c5BV5fBKF9-9v0EPGRm594.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/guiZ0G6JoIs20171c-HREjyYvlw.roa
Signing time:             Mon 02 Jan 2023 14:04:47 +0000
ROA not before:           Mon 02 Jan 2023 14:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207777
IP address blocks:        195.182.29.0/24 maxlen: 24
                          195.182.27.0/24 maxlen: 24
                          195.182.37.0/24 maxlen: 24
                          195.182.24.0/24 maxlen: 24
                          2a13:7c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:94:e9:89:5a:b7:c9:a0:e1:63:ef:c9:6e:e6:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6aed6d5ce415797c1285f7ef6fd043c6466e7de
        Validity
            Not Before: Jan  2 14:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82e899d06e89a08b36d35ef573e1d1123c98be5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4d:b3:b7:2d:b1:52:37:8d:40:a9:12:93:22:
                    68:65:8a:5f:a9:88:b4:60:15:40:b0:90:60:fe:06:
                    60:eb:ac:3b:fd:73:d9:15:31:24:3c:2b:18:0d:fc:
                    ca:a0:31:4b:f0:5c:8f:9f:d0:4c:7d:41:33:df:6e:
                    e5:6b:ff:e6:c7:ec:b6:4a:54:a7:2d:c3:21:0c:0a:
                    e4:d3:75:85:bb:43:e3:2d:3e:97:df:4d:d4:45:02:
                    cb:18:20:7e:50:97:74:cd:60:27:80:f9:20:89:06:
                    4c:ee:42:1b:7f:8a:d0:b6:b6:e2:09:61:78:75:75:
                    d4:fd:d8:f2:bd:49:15:52:ec:d6:62:44:1c:f1:c1:
                    d8:1f:20:13:f9:da:d7:85:4b:47:7e:45:51:5a:53:
                    4b:a2:b6:21:b6:67:94:b0:23:ff:17:8f:13:bc:3b:
                    62:4f:bf:14:e8:eb:32:f9:7c:59:76:43:0f:7f:f5:
                    1d:e9:7b:c0:53:89:9c:4e:5d:6d:f8:61:c5:11:93:
                    95:06:a8:fd:5a:64:a6:14:96:8d:fc:04:18:bb:76:
                    36:d3:5d:d6:99:7a:0b:43:be:91:12:9f:cd:ba:0f:
                    85:13:1f:8f:a4:11:01:f4:a7:01:55:fb:6b:0b:5e:
                    13:ad:3c:73:17:15:7c:c0:b9:2f:25:a2:28:aa:75:
                    66:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:E8:99:D0:6E:89:A0:8B:36:D3:5E:F5:73:E1:D1:12:3C:98:BE:5C
            X509v3 Authority Key Identifier:
                keyid:F6:AE:D6:D5:CE:41:57:97:C1:28:5F:7E:F6:FD:04:3C:64:66:E7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q7W1c5BV5fBKF9-9v0EPGRm594.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/guiZ0G6JoIs20171c-HREjyYvlw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/9q7W1c5BV5fBKF9-9v0EPGRm594.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.182.24.0/24
                  195.182.27.0/24
                  195.182.29.0/24
                  195.182.37.0/24
                IPv6:
                  2a13:7c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         16:9c:8f:b8:08:e1:ba:2e:ee:8e:bd:a4:da:65:bc:cc:ec:c4:
         bf:57:cf:3f:09:9e:ac:73:f7:f1:51:1d:0f:5a:83:b1:45:7d:
         97:23:b9:4c:d5:9f:87:4d:be:ee:c5:c8:af:59:ad:58:69:29:
         fa:b4:69:5c:91:93:92:b7:ac:22:46:3b:62:d5:ca:35:0c:f5:
         67:f4:14:6e:f1:97:cf:f7:bd:5b:4c:1c:3e:6c:c3:c5:a6:cc:
         94:bc:cb:45:7b:92:98:61:af:25:33:7a:6b:94:32:0b:fc:4f:
         0b:db:ec:04:0d:85:fd:dd:fb:73:28:8a:d7:2c:2e:04:a0:5d:
         0c:66:4c:88:8c:1e:7d:5a:95:93:95:6b:1c:37:12:b1:e1:e1:
         cd:94:55:c6:7a:53:da:e8:9b:a3:28:61:f9:39:8b:68:41:c2:
         5c:89:82:38:2a:72:82:0e:80:90:7b:fe:af:b7:18:d7:ab:67:
         8d:08:16:36:66:6c:ad:2b:54:3f:a2:ef:ef:65:ce:5b:36:b0:
         05:c1:25:ec:ec:14:d8:b1:37:35:c9:f5:7c:f9:77:aa:ea:ea:
         e1:e7:64:22:3a:69:a8:35:e4:42:eb:17:6c:6d:5b:64:7e:5f:
         f8:8d:b2:51:53:c2:73:d1:c7:3e:f5:82:5c:84:9e:1e:b7:cd:
         53:08:b4:f3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyzJTpiVq3yaDhY+/JbuZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWVkNmQ1Y2U0MTU3OTdjMTI4NWY3ZWY2ZmQwNDNjNjQ2
NmU3ZGUwHhcNMjMwMTAyMTQwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmU4OTlkMDZlODlhMDhiMzZkMzVlZjU3M2UxZDExMjNjOThiZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr02zty2xUjeNQKkSkyJoZYpfqYi0
YBVAsJBg/gZg66w7/XPZFTEkPCsYDfzKoDFL8FyPn9BMfUEz327la//mx+y2SlSn
LcMhDArk03WFu0PjLT6X303URQLLGCB+UJd0zWAngPkgiQZM7kIbf4rQtrbiCWF4
dXXU/djyvUkVUuzWYkQc8cHYHyAT+drXhUtHfkVRWlNLorYhtmeUsCP/F48TvDti
T78U6Osy+XxZdkMPf/Ud6XvAU4mcTl1t+GHFEZOVBqj9WmSmFJaN/AQYu3Y2013W
mXoLQ76REp/Nug+FEx+PpBEB9KcBVftrC14TrTxzFxV8wLkvJaIoqnVmnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFILomdBuiaCLNtNe9XPh0RI8mL5cMB8GA1UdIwQY
MBaAFPau1tXOQVeXwShffvb9BDxkZufeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE3VzFjNUJWNWZCS0Y5LTl2MEVQR1JtNTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83ZmE5ZWQtYjA4Ny00MGNkLWEwMTYt
ZDk1N2I4YzU0Yzk0LzEvZ3VpWjBHNkpvSXMyMDE3MWMtSFJFanlZdmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83ZmE5ZWQtYjA4Ny00MGNkLWEwMTYtZDk1N2I4YzU0Yzk0
LzEvOXE3VzFjNUJWNWZCS0Y5LTl2MEVQR1JtNTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAw7YYAwQA
w7YbAwQAw7YdAwQAw7YlMA0EAgACMAcDBQMqEwfAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWnI+4COG6Lu6OvaTaZbzM7MS/V88/CZ6sc/fxUR0PWoOxRX2XI7lM1Z+HTb7u
xcivWa1YaSn6tGlckZOSt6wiRjti1co1DPVn9BRu8ZfP971bTBw+bMPFpsyUvMtF
e5KYYa8lM3prlDIL/E8L2+wEDYX93ftzKIrXLC4EoF0MZkyIjB59WpWTlWscNxKx
4eHNlFXGelPa6JujKGH5OYtoQcJciYI4KnKCDoCQe/6vtxjXq2eNCBY2ZmytK1Q/
ou/vZc5bNrAFwSXs7BTYsTc1yfV8+Xeq6urh52QiOmmoNeRC6xdsbVtkfl/4jbJR
U8Jz0cc+9YJchJ4et81TCLTz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:46 2024 by rpki-client on console-fra.rpki-client.org