Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GhE5V7tAHSd-qg1wkA0MnB6slG4.roa
File:                     GhE5V7tAHSd-qg1wkA0MnB6slG4.roa (raw, json)
Hash identifier:          vcbeGNHRNMx/IlCiJ9BUgd13xksnrEkSH+FkoBA8+gQ=
Subject key identifier:   1A:11:39:57:BB:40:1D:27:7E:AA:0D:70:90:0D:0C:9C:1E:AC:94:6E
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       018A286BFB6C776A505C22B3EE71C791BFD1
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GhE5V7tAHSd-qg1wkA0MnB6slG4.roa
Signing time:             Thu 24 Aug 2023 16:41:19 +0000
ROA not before:           Thu 24 Aug 2023 16:41:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        185.171.202.0/24 maxlen: 24
                          2a10:4646:50::/44 maxlen: 44
                          2a10:4640::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:28:6b:fb:6c:77:6a:50:5c:22:b3:ee:71:c7:91:bf:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Aug 24 16:41:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a113957bb401d277eaa0d70900d0c9c1eac946e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b8:82:12:b6:9c:83:17:b2:93:a0:70:94:10:
                    bf:8e:ba:32:17:16:22:d8:fb:57:40:36:e0:15:b3:
                    d8:dd:d8:e3:97:b6:db:75:d4:15:b5:2a:30:8b:87:
                    7c:b7:70:e1:da:ee:cf:44:c0:b6:f4:cc:25:d3:5f:
                    c4:91:ed:a3:03:91:6e:fe:be:54:f8:6c:4f:5c:22:
                    f7:60:42:84:c3:2a:6e:d0:70:15:f9:14:30:56:21:
                    32:8b:7b:63:74:17:40:51:bb:2a:57:29:22:87:d3:
                    e7:cb:f7:d4:1e:a1:0e:2e:ee:65:9a:f8:f0:15:22:
                    52:9b:a9:76:7a:40:af:2d:d2:09:83:27:df:ed:41:
                    a7:de:7a:4d:0c:43:88:72:99:5e:f4:a6:e1:c5:41:
                    f2:de:77:b7:0f:40:99:11:37:ae:f3:75:03:7f:3c:
                    e7:fa:42:fd:16:a0:02:8b:28:bc:e5:ff:28:35:1e:
                    c7:a3:05:dd:3f:27:96:06:7f:81:e2:8c:e7:d1:77:
                    94:ec:83:1b:b2:cd:a0:56:05:5a:1f:33:8c:58:e8:
                    60:d7:6b:e6:27:3a:e5:2e:d8:c1:b5:e3:c4:7d:99:
                    42:98:16:89:31:28:6f:00:e3:fa:30:57:62:0e:d5:
                    b7:e6:cc:4b:13:32:79:b0:6b:37:58:8d:59:20:01:
                    c0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:11:39:57:BB:40:1D:27:7E:AA:0D:70:90:0D:0C:9C:1E:AC:94:6E
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GhE5V7tAHSd-qg1wkA0MnB6slG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.202.0/24
                IPv6:
                  2a10:4640::/32
                  2a10:4646:50::/44

    Signature Algorithm: sha256WithRSAEncryption
         3b:1d:6b:3d:13:d0:07:7d:9a:aa:c2:cc:c2:fb:44:0e:37:e1:
         c7:d1:69:9e:0e:ea:34:18:f7:3f:b2:64:71:27:97:72:98:b6:
         b5:2f:f4:36:9c:ec:e4:45:19:3a:f7:8b:12:84:6e:1c:16:24:
         37:c5:cf:fa:f1:8f:37:c0:f1:a3:6b:97:ab:e9:3b:64:b1:57:
         1d:d7:1b:dc:b0:9c:a8:78:11:e2:b4:34:12:52:3e:92:b4:e1:
         c8:06:6c:c6:8c:27:d4:a2:e7:11:06:ac:65:cb:bc:31:d6:92:
         e6:f2:04:4b:39:04:bd:ff:ef:87:2c:aa:15:38:8a:24:8c:f7:
         8a:bc:99:29:e5:e3:c8:55:78:dd:86:b4:7f:59:58:27:8d:d2:
         e2:cb:b8:87:c4:1d:e3:b1:4a:3b:dd:50:c8:79:60:0a:a1:af:
         10:e4:fe:cb:74:c3:72:56:37:2e:21:6d:75:8e:93:4b:10:57:
         4b:23:6a:31:d4:f4:1c:9d:5a:e0:56:a8:c0:7e:d7:f1:76:e1:
         da:87:f7:df:5a:04:98:e3:c8:32:ef:27:f2:ac:b4:ac:2a:a9:
         e1:cc:bf:f1:15:6c:dc:59:4d:3f:2c:1d:37:83:06:70:5a:67:
         ee:09:9b:0a:d6:09:3b:de:9f:90:26:f2:0b:fa:e4:e9:f1:07:
         e7:5e:8d:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYooa/tsd2pQXCKz7nHHkb/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwODI0MTY0MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTExMzk1N2JiNDAxZDI3N2VhYTBkNzA5MDBkMGM5YzFlYWM5NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7iCEracgxeyk6BwlBC/jroyFxYi
2PtXQDbgFbPY3djjl7bbddQVtSowi4d8t3Dh2u7PRMC29Mwl01/Eke2jA5Fu/r5U
+GxPXCL3YEKEwypu0HAV+RQwViEyi3tjdBdAUbsqVykih9Pny/fUHqEOLu5lmvjw
FSJSm6l2ekCvLdIJgyff7UGn3npNDEOIcple9KbhxUHy3ne3D0CZETeu83UDfzzn
+kL9FqACiyi85f8oNR7HowXdPyeWBn+B4ozn0XeU7IMbss2gVgVaHzOMWOhg12vm
JzrlLtjBtePEfZlCmBaJMShvAOP6MFdiDtW35sxLEzJ5sGs3WI1ZIAHAlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBoROVe7QB0nfqoNcJANDJwerJRuMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvR2hFNVY3dEFIU2QtcWcxd2tBME1uQjZzbEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAuavKMBYE
AgACMBADBQAqEEZAAwcEKhBGRgBQMA0GCSqGSIb3DQEBCwUAA4IBAQA7HWs9E9AH
fZqqwszC+0QON+HH0WmeDuo0GPc/smRxJ5dymLa1L/Q2nOzkRRk694sShG4cFiQ3
xc/68Y83wPGja5er6TtksVcd1xvcsJyoeBHitDQSUj6StOHIBmzGjCfUoucRBqxl
y7wx1pLm8gRLOQS9/++HLKoVOIokjPeKvJkp5ePIVXjdhrR/WVgnjdLiy7iHxB3j
sUo73VDIeWAKoa8Q5P7LdMNyVjcuIW11jpNLEFdLI2ox1PQcnVrgVqjAftfxduHa
h/ffWgSY48gy7yfyrLSsKqnhzL/xFWzcWU0/LB03gwZwWmfuCZsK1gk73p+QJvIL
+uTp8QfnXo2w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org