Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GktxoohhJQpvrQVw_lA6p6r_8GI.roa
File:                     GktxoohhJQpvrQVw_lA6p6r_8GI.roa (raw, json)
Hash identifier:          CzqdXbVyIAHI0tx6BfgN/+mfrhchnpufBU5B2yLde14=
Subject key identifier:   1A:4B:71:A2:88:61:25:0A:6F:AD:05:70:FE:50:3A:A7:AA:FF:F0:62
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018D12BBF3F5AD6477C70E221569116F7475
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GktxoohhJQpvrQVw_lA6p6r_8GI.roa
Signing time:             Tue 16 Jan 2024 14:45:24 +0000
ROA not before:           Tue 16 Jan 2024 14:45:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203511
IP address blocks:        45.88.138.0/24 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          45.151.2.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          194.15.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 21:34:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:12:bb:f3:f5:ad:64:77:c7:0e:22:15:69:11:6f:74:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 16 14:45:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1a4b71a28861250a6fad0570fe503aa7aafff062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:29:f3:e1:4c:e2:fd:65:bb:da:71:b0:37:0a:
                    7d:0c:38:e5:bd:7d:dc:f5:f8:48:02:85:d0:ac:d1:
                    df:5b:44:aa:8c:d6:17:1c:dc:a3:55:c0:95:6a:4a:
                    3f:fc:78:2e:6d:b3:9d:a6:10:1f:4e:f9:b4:8b:0b:
                    27:ae:27:4a:61:c6:4b:40:98:0f:2c:67:4b:65:ba:
                    83:a8:86:31:f6:80:68:5a:10:f5:e4:9e:95:fd:4f:
                    40:f3:2a:e0:88:4e:63:0d:86:e3:90:2c:5e:94:05:
                    55:da:57:d5:4f:aa:de:20:5c:5e:50:aa:8e:3d:81:
                    78:72:fb:09:90:0e:a4:28:8a:70:0f:0f:f4:df:15:
                    be:18:ae:23:cb:04:81:e2:5e:7e:46:f9:ac:9d:d5:
                    85:a7:79:cd:24:35:22:5f:13:8e:98:88:5a:be:5b:
                    4f:fe:5f:8d:3b:09:fa:cd:30:44:0e:7f:ff:c1:83:
                    61:52:5b:e3:9d:66:3e:0b:a3:53:59:78:b7:e8:02:
                    4b:51:03:fa:be:5e:00:70:ba:ae:0f:bf:c6:5d:2e:
                    e7:a7:02:91:66:2c:aa:76:a7:3a:c9:f6:3e:e7:bc:
                    5b:e5:85:e1:fa:a0:5a:04:c7:a1:50:eb:a7:ce:42:
                    5a:01:94:c2:09:1f:86:13:7f:5a:a7:30:b0:2d:f6:
                    77:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:4B:71:A2:88:61:25:0A:6F:AD:05:70:FE:50:3A:A7:AA:FF:F0:62
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GktxoohhJQpvrQVw_lA6p6r_8GI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.138.0/24
                  45.94.171.0/24
                  45.151.2.0/24
                  77.83.37.0/24
                  194.15.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:d9:8d:76:87:ea:ea:93:70:13:71:44:9b:80:bf:29:ff:99:
         5f:da:93:0d:65:c7:98:62:1f:e6:63:b3:82:c9:fb:34:31:6d:
         b6:0b:3a:4c:84:c6:a1:d1:df:f5:1a:4c:4a:f2:5b:12:a7:21:
         db:8f:c2:db:5e:24:b1:9c:2c:23:31:93:25:5b:00:da:da:f8:
         07:c6:f9:a8:d1:03:7d:65:f3:93:e2:64:8e:c3:52:b9:31:00:
         0d:36:6e:ea:16:9e:65:98:5a:03:41:88:cb:7f:00:85:6b:0c:
         5c:9e:a5:f0:03:32:fd:e1:77:a9:b0:8e:ce:82:f7:02:e0:6c:
         b6:b0:80:de:84:0a:10:06:73:06:09:f9:8c:91:5e:4b:65:f5:
         20:32:67:c0:30:94:e3:c5:90:11:3e:a2:27:fb:56:1d:d6:dd:
         05:d8:e7:91:4c:b4:ba:1e:93:17:b9:6c:5c:4c:4f:76:bc:c6:
         66:22:01:13:30:f7:7e:5b:c1:67:65:5b:6f:15:7c:03:81:69:
         a1:16:07:bd:17:31:89:8c:75:2a:82:d5:6d:31:d5:11:ab:9a:
         a9:65:59:87:fc:48:a7:c3:99:5d:41:96:36:87:a0:61:d5:25:
         f3:ef:f3:cf:f9:8c:eb:e6:d5:d7:a4:77:c8:56:61:ef:3c:7f:
         be:2b:70:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0Su/P1rWR3xw4iFWkRb3R1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTE2MTQ0NTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTRiNzFhMjg4NjEyNTBhNmZhZDA1NzBmZTUwM2FhN2FhZmZmMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAginz4Uzi/WW72nGwNwp9DDjlvX3c
9fhIAoXQrNHfW0SqjNYXHNyjVcCVako//HgubbOdphAfTvm0iwsnridKYcZLQJgP
LGdLZbqDqIYx9oBoWhD15J6V/U9A8yrgiE5jDYbjkCxelAVV2lfVT6reIFxeUKqO
PYF4cvsJkA6kKIpwDw/03xW+GK4jywSB4l5+RvmsndWFp3nNJDUiXxOOmIhavltP
/l+NOwn6zTBEDn//wYNhUlvjnWY+C6NTWXi36AJLUQP6vl4AcLquD7/GXS7npwKR
Ziyqdqc6yfY+57xb5YXh+qBaBMehUOunzkJaAZTCCR+GE39apzCwLfZ3hwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBpLcaKIYSUKb60FcP5QOqeq//BiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvR2t0eG9vaGhKUXB2clFWd19sQTZwNnJfOEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALViKAwQA
LV6rAwQALZcCAwQATVMlAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBJ2Y12h+rq
k3ATcUSbgL8p/5lf2pMNZceYYh/mY7OCyfs0MW22CzpMhMah0d/1GkxK8lsSpyHb
j8LbXiSxnCwjMZMlWwDa2vgHxvmo0QN9ZfOT4mSOw1K5MQANNm7qFp5lmFoDQYjL
fwCFawxcnqXwAzL94XepsI7OgvcC4Gy2sIDehAoQBnMGCfmMkV5LZfUgMmfAMJTj
xZARPqIn+1Yd1t0F2OeRTLS6HpMXuWxcTE92vMZmIgETMPd+W8FnZVtvFXwDgWmh
Fge9FzGJjHUqgtVtMdURq5qpZVmH/Einw5ldQZY2h6Bh1SXz7/PP+Yzr5tXXpHfI
VmHvPH++K3A8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org