Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RoeGgas9rHJHmQxCAjcvX8MMB1M.roa
File:                     RoeGgas9rHJHmQxCAjcvX8MMB1M.roa (raw, json)
Hash identifier:          120lEChTUTyb6jGCr6klOl1kaKWaaUbpRFoGwqShL/8=
Subject key identifier:   46:87:86:81:AB:3D:AC:72:47:99:0C:42:02:37:2F:5F:C3:0C:07:53
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018B8C37EA378EB82C3685D36AD63AF0E561
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RoeGgas9rHJHmQxCAjcvX8MMB1M.roa
Signing time:             Wed 01 Nov 2023 18:49:16 +0000
ROA not before:           Wed 01 Nov 2023 18:49:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39521
IP address blocks:        85.8.160.0/22 maxlen: 22
                          139.28.240.0/22 maxlen: 22
                          5.133.100.0/22 maxlen: 22
                          31.40.204.0/22 maxlen: 22
                          139.28.48.0/22 maxlen: 22
                          212.107.4.0/22 maxlen: 22
                          83.171.244.0/22 maxlen: 22
                          212.87.196.0/22 maxlen: 22
                          37.221.76.0/22 maxlen: 22
                          92.249.60.0/22 maxlen: 22
                          176.96.128.0/22 maxlen: 22
                          194.93.48.0/22 maxlen: 22
                          194.93.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 19:03:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8c:37:ea:37:8e:b8:2c:36:85:d3:6a:d6:3a:f0:e5:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Nov  1 18:49:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46878681ab3dac7247990c4202372f5fc30c0753
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:07:07:b8:a6:ab:df:10:84:82:39:4d:04:e5:
                    c0:54:b8:4c:b0:66:4e:1b:28:8b:39:11:b5:6f:59:
                    55:98:99:11:2a:d4:f7:20:76:c2:d5:8a:6c:ed:bc:
                    63:7b:e6:6c:21:71:9b:89:60:50:9b:03:83:5a:64:
                    3b:0d:1d:97:6d:e1:a5:5b:2e:01:a7:cf:53:27:b2:
                    86:13:a6:d1:a4:f7:c4:c0:2e:79:66:fe:5d:bd:d3:
                    9c:24:76:0a:42:e9:c2:41:61:ee:7e:45:f5:c6:c7:
                    3c:83:9c:10:4d:ef:d5:90:8a:16:07:d3:7c:7f:82:
                    05:05:53:bf:e1:b2:94:04:fa:a1:78:df:79:2b:90:
                    dc:18:93:3b:b0:cf:23:95:30:8f:76:0a:5a:70:9d:
                    41:87:d4:92:62:b6:7e:ce:5e:a5:c3:e7:30:67:1f:
                    be:dc:b0:2d:2b:a2:8d:c2:db:99:2c:09:d3:fe:c2:
                    a7:95:98:7b:98:e7:66:e3:e7:d1:98:fc:27:25:72:
                    c0:08:ad:9e:70:73:62:26:ac:96:1a:44:db:6d:40:
                    56:85:78:71:11:c0:15:3f:d6:a7:56:8b:7b:10:a8:
                    59:44:f5:c0:35:dd:cc:e3:05:9a:48:96:50:0d:dd:
                    35:f5:df:92:53:27:c1:6c:84:ba:90:42:b2:93:db:
                    b9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:87:86:81:AB:3D:AC:72:47:99:0C:42:02:37:2F:5F:C3:0C:07:53
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RoeGgas9rHJHmQxCAjcvX8MMB1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.100.0/22
                  31.40.204.0/22
                  37.221.76.0/22
                  83.171.244.0/22
                  85.8.160.0/22
                  92.249.60.0/22
                  139.28.48.0/22
                  139.28.240.0/22
                  176.96.128.0/22
                  194.93.48.0/22
                  194.93.60.0/22
                  212.87.196.0/22
                  212.107.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:96:ef:76:a0:b6:90:34:a9:91:3b:36:88:35:e8:45:9c:d8:
         fb:52:8a:63:c4:18:61:94:d1:a8:28:76:cc:5a:85:55:89:8d:
         b9:43:ac:b5:83:e9:fb:fe:2c:53:b4:27:ed:7b:92:9b:b0:c0:
         86:5f:85:2e:fa:4b:fe:17:f3:a6:6b:6a:9f:97:52:51:d3:da:
         c0:83:d1:67:ef:ca:ac:8b:f4:b4:aa:18:51:6b:32:d6:44:eb:
         e6:33:07:14:cc:ee:cb:f2:31:ae:29:11:89:5f:19:6f:0f:c6:
         77:45:86:44:af:78:d3:11:af:08:d8:de:ff:cd:fd:5c:1a:ec:
         3b:05:43:5d:2d:5b:4f:f4:1d:b0:7e:dd:26:1c:e9:60:2e:d5:
         02:f6:69:eb:db:5a:0c:64:ac:46:9f:a4:74:99:e7:8b:8e:a7:
         76:d0:dc:50:06:f0:37:9e:bd:73:30:8a:60:ee:dc:00:34:dd:
         b1:9b:0a:90:16:fe:d3:eb:b1:2e:de:3c:d0:48:00:9f:8f:3e:
         76:c9:95:03:62:89:46:b0:c0:27:7b:3f:a9:b2:87:d0:8f:f7:
         e9:14:91:ce:91:78:96:80:c8:55:a6:03:57:ef:8d:6d:16:1e:
         5c:6b:97:06:87:d6:b6:44:21:88:66:45:81:02:fc:db:8c:7c:
         0e:70:96:bd
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYuMN+o3jrgsNoXTatY68OVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMTAxMTg0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg3ODY4MWFiM2RhYzcyNDc5OTBjNDIwMjM3MmY1ZmMzMGMwNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAcHuKar3xCEgjlNBOXAVLhMsGZO
GyiLORG1b1lVmJkRKtT3IHbC1Yps7bxje+ZsIXGbiWBQmwODWmQ7DR2XbeGlWy4B
p89TJ7KGE6bRpPfEwC55Zv5dvdOcJHYKQunCQWHufkX1xsc8g5wQTe/VkIoWB9N8
f4IFBVO/4bKUBPqheN95K5DcGJM7sM8jlTCPdgpacJ1Bh9SSYrZ+zl6lw+cwZx++
3LAtK6KNwtuZLAnT/sKnlZh7mOdm4+fRmPwnJXLACK2ecHNiJqyWGkTbbUBWhXhx
EcAVP9anVot7EKhZRPXANd3M4wWaSJZQDd019d+SUyfBbIS6kEKyk9u5BQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEaHhoGrPaxyR5kMQgI3L1/DDAdTMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUm9lR2dhczlySEpIbVF4Q0FqY3ZYOE1NQjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBYVkAwQC
HyjMAwQCJd1MAwQCU6v0AwQCVQigAwQCXPk8AwQCixwwAwQCixzwAwQCsGCAAwQC
wl0wAwQCwl08AwQC1FfEAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQBClu92oLaQ
NKmROzaINehFnNj7UopjxBhhlNGoKHbMWoVViY25Q6y1g+n7/ixTtCfte5KbsMCG
X4Uu+kv+F/Oma2qfl1JR09rAg9Fn78qsi/S0qhhRazLWROvmMwcUzO7L8jGuKRGJ
XxlvD8Z3RYZEr3jTEa8I2N7/zf1cGuw7BUNdLVtP9B2wft0mHOlgLtUC9mnr21oM
ZKxGn6R0meeLjqd20NxQBvA3nr1zMIpg7twANN2xmwqQFv7T67Eu3jzQSACfjz52
yZUDYolGsMAnez+psofQj/fpFJHOkXiWgMhVpgNX741tFh5ca5cGh9a2RCGIZkWB
AvzbjHwOcJa9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org