Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ganROBAgCdg0Vfi1QmeOgCuJ5Tc.roa
File:                     ganROBAgCdg0Vfi1QmeOgCuJ5Tc.roa (raw, json)
Hash identifier:          98mvxUTUACrhWYg/ePpKXdlBSVKICyI+5WZJqoq9xyk=
Subject key identifier:   81:A9:D1:38:10:20:09:D8:34:55:F8:B5:42:67:8E:80:2B:89:E5:37
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018EF0E4BBDF59C5B5C7EED7F2E17FA26637
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ganROBAgCdg0Vfi1QmeOgCuJ5Tc.roa
Signing time:             Thu 18 Apr 2024 11:08:25 +0000
ROA not before:           Thu 18 Apr 2024 11:08:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206092
IP address blocks:        45.131.194.0/24 maxlen: 24
                          85.8.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Jul 2024 16:23:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f0:e4:bb:df:59:c5:b5:c7:ee:d7:f2:e1:7f:a2:66:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Apr 18 11:08:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=81a9d138102009d83455f8b542678e802b89e537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e2:3d:74:ee:e2:05:d3:88:72:e9:88:0e:b7:
                    c7:e9:16:f0:a3:65:eb:dd:ea:f0:a8:53:c2:84:4c:
                    45:2d:00:28:ca:5a:82:2d:0a:8b:b5:0f:1b:56:c5:
                    6e:17:09:09:d3:f9:4b:20:bb:f5:0c:9d:84:f0:1b:
                    14:ee:9c:2b:c3:10:06:30:7c:ad:a8:7d:69:9b:90:
                    e5:7b:d9:13:23:c8:16:86:ef:67:ce:7a:68:39:80:
                    fd:6c:21:84:52:dc:f0:f4:08:ba:27:fa:25:11:ec:
                    3f:45:6d:07:dc:d7:50:36:31:ec:58:98:4b:20:fa:
                    08:88:b5:17:ae:e0:da:06:c8:c4:0a:dd:f6:d0:ab:
                    39:bf:eb:d1:75:ea:d5:c3:6e:d8:c6:a7:7e:d4:61:
                    f4:fc:3f:9c:a1:73:2c:c0:90:04:51:b4:45:91:1c:
                    cc:60:e2:5e:79:aa:74:cd:fb:b1:92:b1:da:b6:f1:
                    ad:b6:81:6a:e7:11:1d:99:52:b9:6d:e6:11:a6:fa:
                    0f:4e:03:d1:65:9a:7f:5f:67:4e:8f:59:0a:cd:95:
                    cf:f2:a8:29:1c:b4:d5:f9:8e:67:1f:60:57:57:bc:
                    20:82:e3:1f:e0:55:e5:0b:e6:ef:7d:b0:26:98:8c:
                    01:a8:f6:9e:14:90:82:2e:e3:c9:ca:a3:a0:47:d4:
                    8c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A9:D1:38:10:20:09:D8:34:55:F8:B5:42:67:8E:80:2B:89:E5:37
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ganROBAgCdg0Vfi1QmeOgCuJ5Tc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.194.0/24
                  85.8.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:79:66:75:95:3e:70:ee:70:31:49:8c:e8:29:08:86:5e:12:
         1e:ef:cf:f3:02:f9:53:ce:4a:88:43:be:c5:d9:35:7e:43:0a:
         57:a8:73:63:6a:bb:62:02:93:54:a2:5c:30:54:f6:ab:76:3f:
         1f:9e:73:a4:ed:17:af:f7:67:76:7e:31:27:26:3c:75:8e:75:
         e7:9f:9e:18:f5:df:34:3f:63:ff:86:70:cc:b7:0e:49:b2:37:
         1d:0e:16:1c:43:52:c5:31:b8:9d:27:39:ce:a1:82:d0:3c:af:
         3d:fb:06:16:0d:2c:39:11:dc:83:56:e2:d5:ae:01:33:dc:ad:
         33:14:59:51:32:00:10:cf:3a:03:60:0c:d4:15:88:8d:12:6d:
         61:d8:2f:87:f5:6c:c1:47:c9:e1:57:71:0f:ac:03:a3:12:d3:
         6f:88:d2:80:33:70:9a:86:eb:92:ba:60:c7:fd:0b:db:33:a9:
         97:ea:bc:4e:0f:1e:36:dc:94:10:f5:17:64:52:f8:97:a8:96:
         a7:f4:30:29:83:e5:32:16:6e:95:5f:4c:e7:ae:a8:e6:5a:44:
         b9:a5:a9:77:60:90:0b:52:3f:97:dd:b7:ce:bf:1d:44:41:29:
         f8:6a:da:38:1c:80:67:9d:70:a4:8a:9e:64:e8:ee:c3:4e:c0:
         d3:88:9a:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7w5LvfWcW1x+7X8uF/omY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwNDE4MTEwODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE5ZDEzODEwMjAwOWQ4MzQ1NWY4YjU0MjY3OGU4MDJiODllNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeI9dO7iBdOIcumIDrfH6Rbwo2Xr
3erwqFPChExFLQAoylqCLQqLtQ8bVsVuFwkJ0/lLILv1DJ2E8BsU7pwrwxAGMHyt
qH1pm5Dle9kTI8gWhu9nznpoOYD9bCGEUtzw9Ai6J/olEew/RW0H3NdQNjHsWJhL
IPoIiLUXruDaBsjECt320Ks5v+vRderVw27Yxqd+1GH0/D+coXMswJAEUbRFkRzM
YOJeeap0zfuxkrHatvGttoFq5xEdmVK5beYRpvoPTgPRZZp/X2dOj1kKzZXP8qgp
HLTV+Y5nH2BXV7wgguMf4FXlC+bvfbAmmIwBqPaeFJCCLuPJyqOgR9SM7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGp0TgQIAnYNFX4tUJnjoArieU3MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZ2FuUk9CQWdDZGcwVmZpMVFtZU9nQ3VKNVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYPCAwQA
VQiCMA0GCSqGSIb3DQEBCwUAA4IBAQCseWZ1lT5w7nAxSYzoKQiGXhIe78/zAvlT
zkqIQ77F2TV+QwpXqHNjartiApNUolwwVPardj8fnnOk7Rev92d2fjEnJjx1jnXn
n54Y9d80P2P/hnDMtw5JsjcdDhYcQ1LFMbidJznOoYLQPK89+wYWDSw5EdyDVuLV
rgEz3K0zFFlRMgAQzzoDYAzUFYiNEm1h2C+H9WzBR8nhV3EPrAOjEtNviNKAM3Ca
huuSumDH/QvbM6mX6rxODx423JQQ9RdkUviXqJan9DApg+UyFm6VX0znrqjmWkS5
pal3YJALUj+X3bfOvx1EQSn4ato4HIBnnXCkip5k6O7DTsDTiJrf
-----END CERTIFICATE-----
Generated at Thu Jul 25 18:59:58 2024 by rpki-client on console-fra.rpki-client.org