Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GVknCTd2kKuAzfOhu0AgKTO74fc.roa
File:                     GVknCTd2kKuAzfOhu0AgKTO74fc.roa (raw, json)
Hash identifier:          VRlGb3lKc3XdKy+fzwl0WLqCZrrKR0mJRISVJdJ2e90=
Subject key identifier:   19:59:27:09:37:76:90:AB:80:CD:F3:A1:BB:40:20:29:33:BB:E1:F7
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018C1AEB5D2ADCC2BEA66F8290DCC0E8773A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GVknCTd2kKuAzfOhu0AgKTO74fc.roa
Signing time:             Wed 29 Nov 2023 11:51:21 +0000
ROA not before:           Wed 29 Nov 2023 11:51:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62206
IP address blocks:        5.181.87.0/24 maxlen: 24
                          195.211.188.0/22 maxlen: 24
                          195.211.190.0/24 maxlen: 24
                          45.88.138.0/24 maxlen: 24
                          45.88.136.0/24 maxlen: 24
                          185.200.63.0/24 maxlen: 24
                          185.200.62.0/24 maxlen: 24
                          194.242.96.0/22 maxlen: 22
                          194.242.97.0/24 maxlen: 24
                          193.57.43.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24
                          45.132.182.0/23 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          45.94.168.0/22 maxlen: 22
                          45.94.170.0/24 maxlen: 24
                          185.43.248.0/24 maxlen: 24
                          185.43.251.0/24 maxlen: 24
                          185.43.249.0/24 maxlen: 24
                          193.30.243.0/24 maxlen: 24
                          193.30.242.0/24 maxlen: 24
                          77.83.39.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          85.209.120.0/22 maxlen: 24
                          85.209.123.0/24 maxlen: 24
                          85.209.122.0/24 maxlen: 24
                          45.9.29.0/24 maxlen: 24
                          195.177.92.0/24 maxlen: 24
                          195.177.94.0/24 maxlen: 24
                          195.177.93.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          193.30.240.0/24 maxlen: 24
                          2a10:dfc0::/29 maxlen: 29
                          2a07:9200::/29 maxlen: 29
                          2a11:580::/29 maxlen: 29
                          2a0c:a580::/29 maxlen: 29
                          2a01:7120::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 04 Dec 2023 08:18:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1a:eb:5d:2a:dc:c2:be:a6:6f:82:90:dc:c0:e8:77:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Nov 29 11:51:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19592709377690ab80cdf3a1bb40202933bbe1f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:1a:dc:ee:95:59:99:87:91:d8:9a:fb:05:1e:
                    03:eb:dd:bf:ec:e8:29:b3:1a:cf:7b:24:c9:24:42:
                    c2:e4:8f:93:7a:1d:aa:34:79:35:e4:90:53:b9:5a:
                    83:6f:95:ce:5f:85:00:32:76:48:95:76:01:40:b4:
                    99:3f:20:8a:9b:90:0c:03:69:8e:62:1f:59:38:56:
                    43:18:74:6e:4b:f2:c3:e5:0e:2c:0b:c5:af:84:f9:
                    8d:80:e3:0a:06:97:10:00:3a:ea:48:76:d5:cb:f8:
                    aa:ea:19:9b:6f:42:67:9a:55:ec:17:a5:50:8c:75:
                    65:d6:00:30:82:46:e5:d1:45:76:d3:e2:fa:ea:31:
                    f9:00:70:1a:e4:9b:31:25:63:10:63:e4:3f:45:04:
                    b0:5d:f9:d7:9b:51:6a:d9:da:f2:dc:98:ae:35:cb:
                    39:86:29:7d:e7:59:25:0d:c7:8a:4a:32:29:56:d1:
                    fa:00:43:36:fd:51:66:d9:21:9b:78:84:31:08:8d:
                    dc:24:c2:4b:43:b5:79:a5:ce:af:ef:22:09:64:5f:
                    20:df:f6:c4:1e:a6:9f:d6:d7:c7:0a:7b:54:ae:a1:
                    ae:e0:1d:ec:dd:3d:3d:99:f1:27:1a:2f:9d:26:b0:
                    ef:57:87:b4:c4:b1:b3:d8:bd:07:58:3d:11:1e:b6:
                    1f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:59:27:09:37:76:90:AB:80:CD:F3:A1:BB:40:20:29:33:BB:E1:F7
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GVknCTd2kKuAzfOhu0AgKTO74fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.87.0/24
                  45.9.29.0/24
                  45.88.136.0/24
                  45.88.138.0/24
                  45.94.168.0/22
                  45.132.181.0-45.132.183.255
                  45.144.212.0/24
                  77.83.37.0/24
                  77.83.39.0/24
                  85.209.120.0/22
                  185.43.248.0/23
                  185.43.251.0/24
                  185.200.62.0/23
                  193.30.240.0/24
                  193.30.242.0/23
                  193.57.43.0/24
                  194.242.96.0/22
                  195.177.92.0-195.177.94.255
                  195.211.188.0/22
                IPv6:
                  2a01:7120::/32
                  2a07:9200::/29
                  2a0c:a580::/29
                  2a10:dfc0::/29
                  2a11:580::/29

    Signature Algorithm: sha256WithRSAEncryption
         94:f7:9e:fd:77:1d:0d:99:8c:30:98:6b:c7:63:c5:14:b5:f6:
         b9:20:7e:db:99:72:e6:a7:ba:0a:73:1b:27:bf:fe:ee:8c:de:
         41:2d:4f:4a:86:69:6c:8b:57:f0:17:44:fe:0a:53:6e:e7:86:
         54:b1:87:d9:f1:c4:dd:29:65:a5:8e:68:24:7d:f2:57:f7:c0:
         73:55:d8:11:94:0c:64:a4:5c:f3:6e:09:ef:0e:6e:e2:03:3f:
         9a:46:b7:e5:07:71:cc:f0:33:00:75:d6:f6:96:3f:eb:70:2e:
         88:ad:1e:af:20:6a:5a:61:64:c5:8f:00:1e:ff:99:36:00:d7:
         e9:00:89:9a:34:6b:9a:dd:34:ea:9e:1b:8d:70:18:d9:ce:c0:
         c5:36:f9:b6:87:54:6c:8c:a6:4d:e6:26:9f:50:83:0d:67:e7:
         52:a8:f9:d4:4d:02:73:8c:cf:41:3d:52:9f:09:45:d6:9a:f6:
         da:99:48:ad:c7:b1:d9:ac:b3:d1:f1:95:ea:c3:a2:88:f5:ca:
         8e:a0:2c:10:4c:cf:ab:76:f5:6e:a7:97:75:17:15:e6:dc:a4:
         e4:a0:39:e5:9c:fc:78:b8:ec:47:c2:33:16:b0:f0:a9:44:e0:
         95:63:30:f5:8f:3f:13:c8:e5:79:b5:8b:91:13:0c:cf:26:f6:
         14:a7:37:9f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYwa610q3MK+pm+CkNzA6Hc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTI5MTE1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTU5MjcwOTM3NzY5MGFiODBjZGYzYTFiYjQwMjAyOTMzYmJlMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBrc7pVZmYeR2Jr7BR4D692/7Ogp
sxrPeyTJJELC5I+Teh2qNHk15JBTuVqDb5XOX4UAMnZIlXYBQLSZPyCKm5AMA2mO
Yh9ZOFZDGHRuS/LD5Q4sC8WvhPmNgOMKBpcQADrqSHbVy/iq6hmbb0JnmlXsF6VQ
jHVl1gAwgkbl0UV20+L66jH5AHAa5JsxJWMQY+Q/RQSwXfnXm1Fq2dry3JiuNcs5
hil951klDceKSjIpVtH6AEM2/VFm2SGbeIQxCI3cJMJLQ7V5pc6v7yIJZF8g3/bE
Hqaf1tfHCntUrqGu4B3s3T09mfEnGi+dJrDvV4e0xLGz2L0HWD0RHrYfLQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFBlZJwk3dpCrgM3zobtAICkzu+H3MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvR1ZrbkNUZDJrS3VBemZPaHUwQWdLVE83NGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBiQQCAAEwgYIDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2Q1AME
AE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gME
AME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAqAXEgAwUD
KgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOCAQEAlPee
/XcdDZmMMJhrx2PFFLX2uSB+25ly5qe6CnMbJ7/+7ozeQS1PSoZpbItX8BdE/gpT
bueGVLGH2fHE3SllpY5oJH3yV/fAc1XYEZQMZKRc824J7w5u4gM/mka35QdxzPAz
AHXW9pY/63AuiK0eryBqWmFkxY8AHv+ZNgDX6QCJmjRrmt006p4bjXAY2c7AxTb5
todUbIymTeYmn1CDDWfnUqj51E0Cc4zPQT1SnwlF1pr22plIrcex2ayz0fGV6sOi
iPXKjqAsEEzPq3b1bqeXdRcV5tyk5KA55Zz8eLjsR8IzFrDwqUTglWMw9Y8/E8jl
ebWLkRMMzyb2FKc3nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org