Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/GCMY4YvNRV-1g62UinW-xxSd9c0.roa
File:                     GCMY4YvNRV-1g62UinW-xxSd9c0.roa (raw, json)
Hash identifier:          kgPwBv2FVRHdF7CqN4Fi1JQg6GgozLbHf3cI8at5aZY=
Subject key identifier:   18:23:18:E1:8B:CD:45:5F:B5:83:AD:94:8A:75:BE:C7:14:9D:F5:CD
Certificate issuer:       /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial:       018DC20BFC09A09F8A3C786F0AA5406554D6
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/GCMY4YvNRV-1g62UinW-xxSd9c0.roa
Signing time:             Mon 19 Feb 2024 15:46:21 +0000
ROA not before:           Mon 19 Feb 2024 15:46:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29180
IP address blocks:        82.132.128.0/22 maxlen: 24
                          82.132.132.0/22 maxlen: 24
                          82.132.136.0/23 maxlen: 24
                          82.132.140.0/23 maxlen: 24
                          82.132.142.0/23 maxlen: 24
                          82.132.144.0/21 maxlen: 24
                          82.132.152.0/21 maxlen: 24
                          82.132.178.0/23 maxlen: 24
                          185.238.16.0/23 maxlen: 24
                          185.238.18.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Feb 2024 11:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c2:0b:fc:09:a0:9f:8a:3c:78:6f:0a:a5:40:65:54:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
        Validity
            Not Before: Feb 19 15:46:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=182318e18bcd455fb583ad948a75bec7149df5cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:82:71:ae:9e:ad:fd:13:d2:80:e1:f0:10:d5:
                    4c:c9:f5:8b:65:4d:e8:88:28:f5:e5:68:e0:48:8e:
                    e9:ac:4f:dc:98:58:3c:5e:39:8a:05:bf:bd:15:08:
                    6c:ff:0e:e5:dd:94:4f:02:b8:42:31:14:de:52:d0:
                    83:e8:c6:ee:20:84:51:aa:5b:d2:4d:b4:70:5c:cc:
                    4b:ca:22:ca:61:45:28:b7:e2:a0:b7:d6:ea:0d:6d:
                    1f:57:92:cb:6b:e7:85:d2:f2:96:19:36:76:eb:0c:
                    9b:4d:92:90:53:53:7d:b4:9d:9f:8d:2d:d5:a8:d6:
                    10:da:92:d0:d0:9d:c0:19:b5:63:37:c3:a9:ab:45:
                    d0:e9:2c:bd:aa:aa:01:d7:f1:f1:56:7f:a4:38:24:
                    0f:b0:9d:24:b2:31:da:ef:92:c8:db:bc:9f:35:47:
                    b3:43:d1:1f:9e:26:01:46:66:dd:42:02:0b:6a:25:
                    bc:be:0c:64:93:1f:e8:5a:84:3a:cc:4e:42:20:ae:
                    ba:d4:16:18:7d:3c:a0:a9:05:e2:81:ac:d8:86:ee:
                    c9:6d:4c:aa:9b:ad:2c:c8:b6:40:f0:c9:15:50:3a:
                    c9:8d:eb:eb:aa:73:95:dc:bc:df:88:5b:16:f8:d8:
                    4a:1d:4f:d6:57:10:5f:f3:fc:13:58:92:29:8a:8c:
                    d4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:23:18:E1:8B:CD:45:5F:B5:83:AD:94:8A:75:BE:C7:14:9D:F5:CD
            X509v3 Authority Key Identifier:
                keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/GCMY4YvNRV-1g62UinW-xxSd9c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.132.128.0-82.132.137.255
                  82.132.140.0-82.132.159.255
                  82.132.178.0/23
                  185.238.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:7f:ea:63:8a:8b:ea:7c:8d:36:b0:ee:e6:b3:e0:93:2e:89:
         8a:46:09:36:3c:76:59:c3:d1:0a:a2:f5:c6:c1:fd:09:ef:2b:
         d1:4f:95:f1:c9:dd:d4:4d:3f:5a:18:3c:7f:d6:a5:df:4d:a6:
         50:ba:d2:70:09:45:b0:e4:34:59:03:a5:a8:50:98:d2:72:84:
         b2:c6:fe:8e:46:7a:26:aa:5f:38:f7:a2:cf:d3:01:c7:3d:2e:
         d6:05:07:5d:7d:bd:5c:ec:ba:48:85:be:f4:7b:0f:36:12:e1:
         b7:36:4a:91:32:01:92:36:12:f8:d6:27:6a:78:af:53:d9:d8:
         15:fb:1f:cd:38:ba:1c:d3:c9:76:60:c0:9b:e7:93:19:1a:ad:
         c9:c0:e1:55:cb:31:33:e0:fa:36:be:f1:da:38:af:08:a3:f4:
         2a:de:14:7d:49:b4:32:cc:d7:6c:17:c2:f8:43:46:35:6f:64:
         2e:15:00:f5:d9:12:b6:36:48:2c:ee:98:5b:1a:7b:72:a7:ad:
         2a:0d:63:5f:bf:b7:18:3f:2b:58:ff:30:52:df:ef:cf:4a:93:
         6a:c1:bf:e5:6c:28:f9:f1:77:f7:d5:3a:6e:10:1a:66:e3:98:
         6a:2c:e5:50:02:25:6f:34:76:4b:08:6a:45:e4:48:0e:cf:be:
         19:97:c0:a0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY3CC/wJoJ+KPHhvCqVAZVTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjQwMjE5MTU0NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODIzMThlMThiY2Q0NTVmYjU4M2FkOTQ4YTc1YmVjNzE0OWRmNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4Jxrp6t/RPSgOHwENVMyfWLZU3o
iCj15WjgSI7prE/cmFg8XjmKBb+9FQhs/w7l3ZRPArhCMRTeUtCD6MbuIIRRqlvS
TbRwXMxLyiLKYUUot+Kgt9bqDW0fV5LLa+eF0vKWGTZ26wybTZKQU1N9tJ2fjS3V
qNYQ2pLQ0J3AGbVjN8Opq0XQ6Sy9qqoB1/HxVn+kOCQPsJ0ksjHa75LI27yfNUez
Q9EfniYBRmbdQgILaiW8vgxkkx/oWoQ6zE5CIK661BYYfTygqQXigazYhu7JbUyq
m60syLZA8MkVUDrJjevrqnOV3LzfiFsW+NhKHU/WVxBf8/wTWJIpiozUIQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBgjGOGLzUVftYOtlIp1vscUnfXNMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvR0NNWTRZdk5SVi0xZzYyVWluVy14eFNkOWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAdShIAD
BAFShIgwDAMEAlKEjAMEBVKEgAMEAVKEsgMEArnuEDANBgkqhkiG9w0BAQsFAAOC
AQEAjn/qY4qL6nyNNrDu5rPgky6JikYJNjx2WcPRCqL1xsH9Ce8r0U+V8cnd1E0/
Whg8f9al302mULrScAlFsOQ0WQOlqFCY0nKEssb+jkZ6JqpfOPeiz9MBxz0u1gUH
XX29XOy6SIW+9HsPNhLhtzZKkTIBkjYS+NYnanivU9nYFfsfzTi6HNPJdmDAm+eT
GRqtycDhVcsxM+D6Nr7x2jivCKP0Kt4UfUm0MszXbBfC+ENGNW9kLhUA9dkStjZI
LO6YWxp7cqetKg1jX7+3GD8rWP8wUt/vz0qTasG/5Wwo+fF399U6bhAaZuOYaizl
UAIlbzR2SwhqReRIDs++GZfAoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org