Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa
File:                     gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa (raw, json)
Hash identifier:          6KFsPhEfoa212tt7cAY2qx6UgvkaMKBl6wYDy5ALicA=
Subject key identifier:   81:39:D8:A4:59:3A:37:E1:D9:53:69:45:0B:99:ED:68:B8:16:30:01
Certificate issuer:       /CN=229fb0fb3d278e1b280a777de200efbd08baac30
Certificate serial:       01882E8D54AAA5D6015F61D1EB01AFDCB60E
Authority key identifier: 22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa
Signing time:             Thu 18 May 2023 11:09:54 +0000
ROA not before:           Thu 18 May 2023 11:09:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206927
IP address blocks:        185.171.176.0/24 maxlen: 24
                          185.171.178.0/24 maxlen: 24
                          185.171.177.0/24 maxlen: 24
                          2a0a:e100::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 18 May 2023 11:38:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2e:8d:54:aa:a5:d6:01:5f:61:d1:eb:01:af:dc:b6:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229fb0fb3d278e1b280a777de200efbd08baac30
        Validity
            Not Before: May 18 11:09:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8139d8a4593a37e1d95369450b99ed68b8163001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c7:b9:91:4b:6a:22:15:5b:a1:3a:c6:79:93:
                    92:b5:7b:77:f7:46:3e:97:6b:b8:4a:64:67:ff:76:
                    30:7e:be:d7:72:a2:a2:51:79:c4:62:38:02:84:b2:
                    db:e1:84:1a:59:de:93:10:bb:1d:f9:02:47:92:02:
                    cc:42:ce:2f:1c:8b:0e:7a:5c:82:c0:81:58:f4:bc:
                    8c:72:58:f8:cd:17:a5:42:3b:2e:95:39:7b:b8:aa:
                    e3:23:3c:4f:70:76:57:c5:b4:2c:48:8a:5c:0d:bf:
                    50:d7:d7:e8:43:3a:7d:e0:7a:49:0d:e8:66:09:e8:
                    89:33:a1:d5:94:2e:df:88:8a:c4:92:59:16:a8:90:
                    6b:01:72:9b:89:72:db:e0:b8:0e:7c:ee:ba:54:a9:
                    79:0a:ae:a8:95:dc:fb:c2:7f:ee:c1:1d:18:d0:0a:
                    4b:9a:65:82:74:c1:4a:89:e4:cf:94:55:e2:a6:7a:
                    fe:96:32:ee:fc:10:11:60:75:8e:87:43:70:7f:c8:
                    97:38:19:6b:f9:3e:0b:fd:d7:d0:a2:f8:43:69:5b:
                    14:6f:fc:8f:55:47:74:67:35:5c:61:24:a1:c0:59:
                    82:49:97:10:b5:ab:15:55:fc:8e:95:0a:fa:24:1f:
                    51:fa:34:7f:89:3f:ff:5c:a0:1b:ba:dc:8d:f8:e0:
                    27:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:39:D8:A4:59:3A:37:E1:D9:53:69:45:0B:99:ED:68:B8:16:30:01
            X509v3 Authority Key Identifier:
                keyid:22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Ip-w-z0njhsoCnd94gDvvQi6rDA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.176.0-185.171.178.255
                IPv6:
                  2a0a:e100::/29

    Signature Algorithm: sha256WithRSAEncryption
         b2:25:c2:d5:ff:ff:2a:ae:35:1b:bc:bd:54:33:21:ef:99:a3:
         2e:a1:e9:90:8f:5b:d3:c4:4f:30:d3:54:32:3a:02:2a:e6:44:
         ff:28:3c:a6:73:8c:15:55:08:c4:96:f2:a5:67:9c:df:ad:a8:
         a4:f1:43:d7:db:6a:ae:b1:7d:0b:40:bd:d4:f3:ec:82:d4:ba:
         60:ed:c5:9d:17:aa:bf:5d:64:a5:b9:29:1b:35:a5:6e:5e:67:
         f6:e4:d7:07:e5:40:62:e0:d2:ef:19:a9:41:73:5e:54:67:41:
         43:e6:b5:4e:fb:43:49:d2:72:d3:38:5e:3d:bd:31:a9:f0:88:
         45:7d:5b:2f:24:48:d2:ee:5a:e6:8a:2a:ca:dd:a0:06:92:b6:
         e6:65:e9:26:05:b1:38:46:24:73:cb:d6:47:e8:29:4c:72:df:
         f8:2f:8b:d7:d2:7d:56:61:10:01:61:0c:8e:b1:99:1e:20:42:
         8a:d4:8a:ce:61:01:7d:e4:4f:46:51:d9:6d:cd:36:33:da:13:
         34:bc:d1:13:c5:75:60:1d:c2:60:bf:a6:57:0e:db:d2:2a:67:
         eb:aa:6b:b8:04:fb:3e:30:ca:eb:88:3b:8e:f3:db:55:84:76:
         4b:bf:1f:84:6c:3b:58:78:14:f1:3d:9c:bc:8c:b6:c6:54:e6:
         ad:87:af:13
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYgujVSqpdYBX2HR6wGv3LYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWZiMGZiM2QyNzhlMWIyODBhNzc3ZGUyMDBlZmJkMDhi
YWFjMzAwHhcNMjMwNTE4MTEwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM5ZDhhNDU5M2EzN2UxZDk1MzY5NDUwYjk5ZWQ2OGI4MTYzMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMe5kUtqIhVboTrGeZOStXt390Y+
l2u4SmRn/3Ywfr7XcqKiUXnEYjgChLLb4YQaWd6TELsd+QJHkgLMQs4vHIsOelyC
wIFY9LyMclj4zRelQjsulTl7uKrjIzxPcHZXxbQsSIpcDb9Q19foQzp94HpJDehm
CeiJM6HVlC7fiIrEklkWqJBrAXKbiXLb4LgOfO66VKl5Cq6oldz7wn/uwR0Y0ApL
mmWCdMFKieTPlFXipnr+ljLu/BARYHWOh0Nwf8iXOBlr+T4L/dfQovhDaVsUb/yP
VUd0ZzVcYSShwFmCSZcQtasVVfyOlQr6JB9R+jR/iT//XKAbutyN+OAnmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIE52KRZOjfh2VNpRQuZ7Wi4FjABMB8GA1UdIwQY
MBaAFCKfsPs9J44bKAp3feIA770IuqwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTct
N2I5ODY2MzNhYzVlLzEvZ1RuWXBGazZOLUhaVTJsRkM1bnRhTGdXTUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTctN2I5ODY2MzNhYzVl
LzEvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAS5q7AD
BAC5q7IwDQQCAAIwBwMFAyoK4QAwDQYJKoZIhvcNAQELBQADggEBALIlwtX//yqu
NRu8vVQzIe+Zoy6h6ZCPW9PETzDTVDI6AirmRP8oPKZzjBVVCMSW8qVnnN+tqKTx
Q9fbaq6xfQtAvdTz7ILUumDtxZ0Xqr9dZKW5KRs1pW5eZ/bk1wflQGLg0u8ZqUFz
XlRnQUPmtU77Q0nSctM4Xj29ManwiEV9Wy8kSNLuWuaKKsrdoAaStuZl6SYFsThG
JHPL1kfoKUxy3/gvi9fSfVZhEAFhDI6xmR4gQorUis5hAX3kT0ZR2W3NNjPaEzS8
0RPFdWAdwmC/plcO29IqZ+uqa7gE+z4wyuuIO47z21WEdku/H4RsO1h4FPE9nLyM
tsZU5q2HrxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:20 2024 by rpki-client on console-ams.rpki-client.org