Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/gIigWJVwSmzfu3aOCtw5EJWf12w.roa
File:                     gIigWJVwSmzfu3aOCtw5EJWf12w.roa (raw, json)
Hash identifier:          nBZn00yBik2o69qjdnzopua2lsHVf7buP0A0CxW13P0=
Subject key identifier:   80:88:A0:58:95:70:4A:6C:DF:BB:76:8E:0A:DC:39:10:95:9F:D7:6C
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0188AF2C7EC608612D363F1A3DEB364723D3
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/gIigWJVwSmzfu3aOCtw5EJWf12w.roa
Signing time:             Mon 12 Jun 2023 10:35:08 +0000
ROA not before:           Mon 12 Jun 2023 10:35:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.43.45.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          188.215.73.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 13 Jun 2023 19:34:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:af:2c:7e:c6:08:61:2d:36:3f:1a:3d:eb:36:47:23:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jun 12 10:35:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8088a05895704a6cdfbb768e0adc3910959fd76c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b8:60:67:5b:5d:f3:e2:59:f3:c3:8c:56:cf:
                    d5:05:32:dc:40:f9:90:d6:32:b0:81:9d:d7:a4:83:
                    07:86:a3:e7:a7:49:b0:60:ff:22:ce:be:25:f4:1e:
                    ed:2f:13:21:42:48:0b:28:4a:51:5b:c9:0e:4e:5b:
                    5e:4a:01:5f:75:0f:ee:de:87:2d:03:01:0e:e7:65:
                    05:1c:1d:71:c4:14:5c:45:0d:bc:64:1f:fd:99:2d:
                    00:44:e3:3d:58:10:4d:b8:f5:18:53:fb:60:99:c1:
                    2c:9d:1b:e0:80:eb:bd:66:23:3d:1f:6d:7b:13:2f:
                    d9:08:77:33:08:81:46:62:25:64:0c:19:ea:78:14:
                    20:46:4d:26:7c:ce:63:3a:fd:1b:88:ad:01:5b:03:
                    a2:d4:c4:74:91:ed:ab:58:f4:e1:11:9c:d4:1c:d4:
                    dc:70:5d:b6:b1:78:44:72:e3:60:7b:0b:2f:39:14:
                    3a:b1:0d:09:85:12:48:22:39:7a:b4:d6:d1:61:10:
                    70:cf:e9:88:33:a8:3e:f4:f1:c7:22:b1:95:08:fd:
                    35:9f:01:6b:d1:d7:7e:63:9a:8b:b1:55:ce:2a:47:
                    72:7a:0d:ec:8b:62:e0:79:0e:5e:eb:14:23:e4:92:
                    c5:88:4e:d9:80:12:7a:e3:3d:91:4d:70:d3:65:c9:
                    72:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:88:A0:58:95:70:4A:6C:DF:BB:76:8E:0A:DC:39:10:95:9F:D7:6C
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/gIigWJVwSmzfu3aOCtw5EJWf12w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/24
                  89.43.42.0/24
                  89.43.44.0-89.43.46.255
                  89.43.73.0/24
                  93.113.158.0/24
                  93.114.55.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:ab:34:33:aa:8a:f7:e5:70:c7:c2:48:db:f8:3e:81:0b:3a:
         e9:37:64:48:5f:75:c7:fb:33:d0:33:cf:e4:ef:dc:50:e6:3e:
         81:5b:b5:32:6e:2e:18:97:2c:64:76:9f:1d:6f:f9:61:ed:a8:
         6c:0f:1e:43:77:e0:e6:52:40:85:e0:b0:16:51:6b:42:93:43:
         0a:f9:fa:b9:fb:bb:c9:bf:ae:1f:98:96:4c:15:f7:1a:85:f1:
         1e:1a:f8:a3:d6:45:0f:8b:b1:1f:e0:3e:46:13:57:16:a3:63:
         ec:b5:38:f0:80:92:bc:74:a2:ff:8f:9d:4b:de:ae:87:a4:8f:
         cc:3e:c6:2d:cd:0c:e0:b7:a1:33:b7:5d:f1:7b:94:92:16:08:
         b4:52:47:b3:c9:0e:cb:a7:89:dd:d3:8a:28:08:71:fa:ce:48:
         40:53:ff:3c:b9:ab:a8:13:7f:6e:47:e6:24:9c:f8:4e:fb:ec:
         b5:1d:a7:6d:82:a6:0b:d8:f6:3c:92:5e:95:59:48:e5:ac:e0:
         35:25:35:95:34:c7:3a:ea:fd:5d:6c:4d:82:e6:5f:c8:d6:0d:
         98:d7:56:bd:9a:02:c3:06:3a:57:9a:36:6b:9c:e5:c9:26:79:
         33:dd:79:9e:23:ee:16:c1:42:a8:9d:61:9a:1f:9c:ef:b0:a0:
         f0:b2:03:e0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYivLH7GCGEtNj8aPes2RyPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNjEyMTAzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg4YTA1ODk1NzA0YTZjZGZiYjc2OGUwYWRjMzkxMDk1OWZkNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLhgZ1td8+JZ88OMVs/VBTLcQPmQ
1jKwgZ3XpIMHhqPnp0mwYP8izr4l9B7tLxMhQkgLKEpRW8kOTlteSgFfdQ/u3oct
AwEO52UFHB1xxBRcRQ28ZB/9mS0AROM9WBBNuPUYU/tgmcEsnRvggOu9ZiM9H217
Ey/ZCHczCIFGYiVkDBnqeBQgRk0mfM5jOv0biK0BWwOi1MR0ke2rWPThEZzUHNTc
cF22sXhEcuNgewsvORQ6sQ0JhRJIIjl6tNbRYRBwz+mIM6g+9PHHIrGVCP01nwFr
0dd+Y5qLsVXOKkdyeg3si2LgeQ5e6xQj5JLFiE7ZgBJ64z2RTXDTZclyJwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFICIoFiVcEps37t2jgrcORCVn9dsMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvZ0lpZ1dKVndTbXpmdTNhT0N0dzVFSldmMTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB0BAIAATBuAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQAWSsoAwQAWSsq
MAwDBAJZKywDBABZKy4DBABZK0kDBABdcZ4DBABdcjcDBABdcrsDBAC81RIDBAG8
10gDBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAoas0
M6qK9+Vwx8JI2/g+gQs66TdkSF91x/sz0DPP5O/cUOY+gVu1Mm4uGJcsZHafHW/5
Ye2obA8eQ3fg5lJAheCwFlFrQpNDCvn6ufu7yb+uH5iWTBX3GoXxHhr4o9ZFD4ux
H+A+RhNXFqNj7LU48ICSvHSi/4+dS96uh6SPzD7GLc0M4LehM7dd8XuUkhYItFJH
s8kOy6eJ3dOKKAhx+s5IQFP/PLmrqBN/bkfmJJz4TvvstR2nbYKmC9j2PJJelVlI
5azgNSU1lTTHOur9XWxNguZfyNYNmNdWvZoCwwY6V5o2a5zlySZ5M915niPuFsFC
qJ1hmh+c77Cg8LID4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org