Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GEKKExUFFUzd-wmBX2_Xsm-uoZ8.roa
File:                     GEKKExUFFUzd-wmBX2_Xsm-uoZ8.roa (raw, json)
Hash identifier:          lfKqrORpovHtlBB/oRHwIyifNHTr8najr2/El0wqI8E=
Subject key identifier:   18:42:8A:13:15:05:15:4C:DD:FB:09:81:5F:6F:D7:B2:6F:AE:A1:9F
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       018DA7C4934E6EB5BFB79C11C7B1EBACADD8
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GEKKExUFFUzd-wmBX2_Xsm-uoZ8.roa
Signing time:             Wed 14 Feb 2024 13:18:14 +0000
ROA not before:           Wed 14 Feb 2024 13:18:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212815
IP address blocks:        91.209.71.0/24 maxlen: 24
                          185.171.202.0/24 maxlen: 24
                          2a10:4640::/32 maxlen: 32
                          2a10:4646:50::/44 maxlen: 44

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 21:07:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a7:c4:93:4e:6e:b5:bf:b7:9c:11:c7:b1:eb:ac:ad:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Feb 14 13:18:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=18428a131505154cddfb09815f6fd7b26faea19f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d8:b6:39:30:eb:eb:a6:79:30:a0:c1:5e:d0:
                    ec:0f:98:66:66:bd:93:92:b3:0a:70:82:2b:38:6e:
                    9b:17:10:82:43:6a:5a:46:11:10:a5:2d:ef:8e:73:
                    93:b8:85:a6:d0:8e:96:d1:50:d7:56:32:ea:b4:d5:
                    65:65:b5:d3:6a:5b:5e:47:df:5c:06:d5:c1:e5:d8:
                    43:4a:54:b6:3d:37:c5:62:86:d4:c7:f9:56:a3:0a:
                    a9:02:f7:25:a8:c6:e3:13:b1:7f:d9:b2:69:6b:05:
                    38:4f:fb:16:f9:b3:05:c6:75:64:36:bf:31:53:40:
                    9e:31:f0:62:91:b2:5a:c1:45:22:ff:c2:d4:af:24:
                    20:65:18:d3:be:bf:fa:64:7e:f3:76:fe:ff:23:00:
                    4a:52:ff:95:2a:65:70:b5:20:5a:06:2b:0e:44:00:
                    46:45:cb:c5:79:0c:0f:15:13:08:92:53:25:0c:b2:
                    01:03:3f:8e:b6:1b:86:2e:3d:05:1f:75:68:45:fa:
                    c8:2b:c4:c1:90:d2:b5:c1:72:49:2d:38:6b:96:6f:
                    12:0f:76:3c:32:44:f6:74:02:6c:ad:4e:56:cf:9c:
                    82:f3:e1:31:99:fd:c3:5a:0a:7d:b3:10:d7:03:44:
                    65:fd:9d:be:08:80:d4:48:20:5b:b2:a9:bc:78:a9:
                    28:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:42:8A:13:15:05:15:4C:DD:FB:09:81:5F:6F:D7:B2:6F:AE:A1:9F
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GEKKExUFFUzd-wmBX2_Xsm-uoZ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.71.0/24
                  185.171.202.0/24
                IPv6:
                  2a10:4640::/32
                  2a10:4646:50::/44

    Signature Algorithm: sha256WithRSAEncryption
         d5:8f:93:a4:37:80:60:06:88:1a:2e:49:ce:e7:1f:0a:fb:c0:
         e0:58:6f:af:fb:17:5f:0f:58:d3:27:13:55:bb:c8:fd:49:96:
         35:b6:cb:c0:e0:a7:ef:f7:a5:96:24:dc:6e:88:ba:5d:4b:d5:
         ee:5d:39:49:5b:32:65:0c:06:8a:16:2d:78:1e:f2:05:89:f3:
         b3:b4:fa:9e:ad:9d:6e:63:ec:e9:05:45:64:04:5b:2a:ff:50:
         91:f2:f6:c1:a7:3a:d7:34:da:34:bc:d5:a1:d6:0d:c0:3f:a1:
         b5:fa:bb:9f:d1:e2:be:86:31:96:08:9d:65:cf:08:78:69:ca:
         e7:36:17:c5:27:3e:f2:11:0c:74:b3:15:f1:61:f7:c2:71:cf:
         8a:a9:0d:aa:89:81:65:8a:71:a1:60:dd:df:f7:80:99:04:4f:
         76:89:1b:ef:db:2a:b6:43:5f:fb:d5:ed:12:b9:d5:46:92:a1:
         28:98:5e:01:06:e0:0e:c4:85:06:f2:7b:51:a8:f9:ca:51:c2:
         0d:c4:89:08:94:d3:c9:3e:49:43:b6:9a:e1:1e:8a:bd:24:cc:
         f9:05:0d:01:1c:a9:16:2f:3a:72:f5:fc:fb:62:57:8d:e0:9a:
         4c:78:df:74:2a:53:30:d1:c6:a7:da:7c:19:25:5b:f9:09:e8:
         5b:2c:89:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2nxJNObrW/t5wRx7HrrK3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjQwMjE0MTMxODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQyOGExMzE1MDUxNTRjZGRmYjA5ODE1ZjZmZDdiMjZmYWVhMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNi2OTDr66Z5MKDBXtDsD5hmZr2T
krMKcIIrOG6bFxCCQ2paRhEQpS3vjnOTuIWm0I6W0VDXVjLqtNVlZbXTalteR99c
BtXB5dhDSlS2PTfFYobUx/lWowqpAvclqMbjE7F/2bJpawU4T/sW+bMFxnVkNr8x
U0CeMfBikbJawUUi/8LUryQgZRjTvr/6ZH7zdv7/IwBKUv+VKmVwtSBaBisORABG
RcvFeQwPFRMIklMlDLIBAz+OthuGLj0FH3VoRfrIK8TBkNK1wXJJLThrlm8SD3Y8
MkT2dAJsrU5Wz5yC8+Exmf3DWgp9sxDXA0Rl/Z2+CIDUSCBbsqm8eKkooQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBhCihMVBRVM3fsJgV9v17JvrqGfMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvR0VLS0V4VUZGVXpkLXdtQlgyX1hzbS11b1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW9FHAwQA
uavKMBYEAgACMBADBQAqEEZAAwcEKhBGRgBQMA0GCSqGSIb3DQEBCwUAA4IBAQDV
j5OkN4BgBogaLknO5x8K+8DgWG+v+xdfD1jTJxNVu8j9SZY1tsvA4Kfv96WWJNxu
iLpdS9XuXTlJWzJlDAaKFi14HvIFifOztPqerZ1uY+zpBUVkBFsq/1CR8vbBpzrX
NNo0vNWh1g3AP6G1+ruf0eK+hjGWCJ1lzwh4acrnNhfFJz7yEQx0sxXxYffCcc+K
qQ2qiYFlinGhYN3f94CZBE92iRvv2yq2Q1/71e0SudVGkqEomF4BBuAOxIUG8ntR
qPnKUcINxIkIlNPJPklDtprhHoq9JMz5BQ0BHKkWLzpy9fz7YleN4JpMeN90KlMw
0can2nwZJVv5CehbLIk9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org