Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/gjgB-BoM9vwmFN2SGKtjSlvfTlM.roa
File:                     gjgB-BoM9vwmFN2SGKtjSlvfTlM.roa (raw, json)
Hash identifier:          zZMnBy8jtjCwCS2UBFO8UrN0YlZKLOYCcbXnK4CIFX0=
Subject key identifier:   82:38:01:F8:1A:0C:F6:FC:26:14:DD:92:18:AB:63:4A:5B:DF:4E:53
Certificate issuer:       /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial:       018EE0CABD33596C6261B51F4BDF7780D0BB
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/gjgB-BoM9vwmFN2SGKtjSlvfTlM.roa
Signing time:             Mon 15 Apr 2024 08:06:06 +0000
ROA not before:           Mon 15 Apr 2024 08:06:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206576
IP address blocks:        5.181.72.0/22 maxlen: 24
                          45.137.44.0/22 maxlen: 24
                          83.150.252.0/22 maxlen: 24
                          185.90.0.0/22 maxlen: 24
                          185.182.200.0/23 maxlen: 24
                          185.229.4.0/22 maxlen: 24
                          185.246.132.0/22 maxlen: 24
                          185.247.200.0/22 maxlen: 24
                          185.248.252.0/24 maxlen: 24
                          185.248.254.0/24 maxlen: 24
                          2a0a:f480::/29 maxlen: 29
                          2a0d:7680::/29 maxlen: 29
                          2a0d:bf80::/29 maxlen: 29
                          2a0e:a1c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 15 Apr 2024 12:06:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e0:ca:bd:33:59:6c:62:61:b5:1f:4b:df:77:80:d0:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66df7742890173927935206a28efbf48123e787c
        Validity
            Not Before: Apr 15 08:06:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=823801f81a0cf6fc2614dd9218ab634a5bdf4e53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f0:3c:27:93:d6:27:8d:bf:23:80:70:ec:3a:
                    93:03:87:b2:ea:43:66:9e:14:e4:2b:99:59:c6:af:
                    e1:a3:7f:9f:df:22:d1:5c:4b:69:d7:c3:b5:e6:2c:
                    56:7e:58:0e:f0:a8:ea:cb:24:d1:6e:5b:e6:03:b5:
                    8d:b9:88:f2:43:9d:67:8c:d0:47:59:93:f0:49:ad:
                    7b:6d:56:74:ca:3b:3b:18:fa:25:ab:b9:5f:58:de:
                    53:97:37:38:50:15:c3:c7:88:bf:9d:84:42:4c:75:
                    09:d5:d3:0d:14:6a:92:38:b9:d9:d2:ea:10:d3:69:
                    a0:51:1b:b0:79:09:fb:18:90:1e:dd:cd:11:2f:e3:
                    0a:bb:0c:1f:80:db:59:a5:2e:8a:67:9f:37:5c:f7:
                    b0:9d:e1:39:8b:cc:c9:8c:ff:f3:b1:52:e5:ee:d2:
                    ae:90:dc:14:33:49:aa:e9:88:3e:d8:24:08:eb:81:
                    0a:ef:1f:c8:c8:3c:a5:53:e2:ce:5f:3f:a1:69:ce:
                    83:d0:e6:56:11:75:0d:c6:87:60:a9:aa:16:f9:b6:
                    c4:13:54:de:81:6f:12:d7:ac:54:00:01:f3:66:1c:
                    36:d8:99:42:72:10:a3:32:f5:2a:ee:8a:35:3f:11:
                    24:2f:10:93:7d:39:20:0f:62:53:b6:af:61:6d:88:
                    6d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:38:01:F8:1A:0C:F6:FC:26:14:DD:92:18:AB:63:4A:5B:DF:4E:53
            X509v3 Authority Key Identifier:
                keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/gjgB-BoM9vwmFN2SGKtjSlvfTlM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.72.0/22
                  45.137.44.0/22
                  83.150.252.0/22
                  185.90.0.0/22
                  185.182.200.0/23
                  185.229.4.0/22
                  185.246.132.0/22
                  185.247.200.0/22
                  185.248.252.0/24
                  185.248.254.0/24
                IPv6:
                  2a0a:f480::/29
                  2a0d:7680::/29
                  2a0d:bf80::/29
                  2a0e:a1c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         59:e3:81:53:2c:2d:81:b4:54:39:2f:99:24:5c:52:f3:10:ec:
         0a:a5:03:19:cf:76:d8:8e:b5:7c:7c:8c:b2:ce:97:5e:d7:41:
         65:e0:2c:fe:ec:a0:af:08:2b:4f:5c:ed:86:da:c4:c9:48:f7:
         1f:0e:06:ad:e5:14:d3:26:d4:81:09:51:96:48:ca:24:3b:5f:
         f3:fd:aa:1a:f1:6f:da:bc:31:a0:b9:47:f1:f4:29:01:e4:95:
         6a:40:be:27:34:78:07:7b:b0:6e:4c:2a:d0:3a:d1:9a:29:5d:
         44:a0:ac:17:25:10:3e:1d:c8:fb:1c:c1:5c:ed:e5:47:bb:b2:
         d7:3b:fd:19:de:22:a7:0a:ad:4e:8b:96:79:10:6e:65:70:af:
         dd:98:38:f8:41:db:75:08:43:5c:ef:54:25:eb:55:a9:96:67:
         90:d3:a2:22:7b:7a:e0:13:35:20:b5:f3:98:77:10:55:f5:94:
         2e:f0:7d:03:cc:68:27:74:6e:32:d7:ae:58:0f:76:5f:19:5e:
         db:34:eb:c0:02:14:1c:76:b4:03:25:c5:25:79:91:a5:f8:e6:
         56:8e:ec:59:5b:59:ca:87:5b:81:6c:7d:05:60:29:49:bc:d3:
         9d:93:91:cb:f7:a8:d9:0d:a3:9c:ab:c3:d8:49:97:14:13:9b:
         6e:f7:57:27
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY7gyr0zWWxiYbUfS993gNC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDE1MDgwNjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM4MDFmODFhMGNmNmZjMjYxNGRkOTIxOGFiNjM0YTViZGY0ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvA8J5PWJ42/I4Bw7DqTA4ey6kNm
nhTkK5lZxq/ho3+f3yLRXEtp18O15ixWflgO8KjqyyTRblvmA7WNuYjyQ51njNBH
WZPwSa17bVZ0yjs7GPolq7lfWN5Tlzc4UBXDx4i/nYRCTHUJ1dMNFGqSOLnZ0uoQ
02mgURuweQn7GJAe3c0RL+MKuwwfgNtZpS6KZ583XPewneE5i8zJjP/zsVLl7tKu
kNwUM0mq6Yg+2CQI64EK7x/IyDylU+LOXz+hac6D0OZWEXUNxodgqaoW+bbEE1Te
gW8S16xUAAHzZhw22JlCchCjMvUq7oo1PxEkLxCTfTkgD2JTtq9hbYhtvwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFII4AfgaDPb8JhTdkhirY0pb305TMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvZ2pnQi1Cb005dndtRk4yU0dLdGpTbHZmVGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQCBbVIAwQC
LYksAwQCU5b8AwQCuVoAAwQBubbIAwQCueUEAwQCufaEAwQCuffIAwQAufj8AwQA
ufj+MCIEAgACMBwDBQMqCvSAAwUDKg12gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3
DQEBCwUAA4IBAQBZ44FTLC2BtFQ5L5kkXFLzEOwKpQMZz3bYjrV8fIyyzpde10Fl
4Cz+7KCvCCtPXO2G2sTJSPcfDgat5RTTJtSBCVGWSMokO1/z/aoa8W/avDGguUfx
9CkB5JVqQL4nNHgHe7BuTCrQOtGaKV1EoKwXJRA+Hcj7HMFc7eVHu7LXO/0Z3iKn
Cq1Oi5Z5EG5lcK/dmDj4Qdt1CENc71Ql61WplmeQ06Iie3rgEzUgtfOYdxBV9ZQu
8H0DzGgndG4y165YD3ZfGV7bNOvAAhQcdrQDJcUleZGl+OZWjuxZW1nKh1uBbH0F
YClJvNOdk5HL96jZDaOcq8PYSZcUE5tu91cn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:14 2024 by rpki-client on console-fra.rpki-client.org