Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/GTOyzFcxaG0whvz4k7Mq47tYaVU.roa
File:                     GTOyzFcxaG0whvz4k7Mq47tYaVU.roa (raw, json)
Hash identifier:          ZLMY+xN47SkYmYA+6T04e0RvDFecrmM+7q8aZp37VFA=
Subject key identifier:   19:33:B2:CC:57:31:68:6D:30:86:FC:F8:93:B3:2A:E3:BB:58:69:55
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018CC2DB389272856261D7D0C75F9FB0B697
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/GTOyzFcxaG0whvz4k7Mq47tYaVU.roa
Signing time:             Mon 01 Jan 2024 02:29:55 +0000
ROA not before:           Mon 01 Jan 2024 02:29:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204834
IP address blocks:        188.209.128.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Feb 2024 05:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:38:92:72:85:62:61:d7:d0:c7:5f:9f:b0:b6:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 02:29:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1933b2cc5731686d3086fcf893b32ae3bb586955
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:40:b1:d6:db:aa:1c:7c:81:23:af:60:2a:22:
                    74:0b:fb:4c:8a:d2:c6:f5:dd:10:7f:5e:e0:f4:a3:
                    b0:b6:55:a1:de:e8:d2:ae:5d:87:1d:aa:e3:6b:a6:
                    64:6f:9c:74:54:ae:b7:7a:75:07:30:d2:88:68:61:
                    6f:86:af:b3:c5:00:f6:fb:b9:c7:9d:a6:ef:80:37:
                    91:71:6a:b6:5e:dd:d5:53:a3:37:47:03:0d:48:92:
                    60:f2:69:3b:65:e4:59:fa:b0:66:ed:af:cc:ff:d8:
                    b6:5d:30:b8:6c:77:65:0e:41:73:4d:3a:84:77:a0:
                    bf:b6:be:bb:d8:97:56:82:56:ac:ef:51:3b:98:b4:
                    d6:1f:52:cb:5d:e4:47:7a:bf:37:22:89:69:97:71:
                    38:1c:6c:4a:d1:38:2b:4f:43:eb:bf:a6:bc:9d:cd:
                    44:bd:3f:aa:24:f5:02:91:29:3b:03:0e:c2:b8:2a:
                    7d:dd:b3:0f:6b:07:48:8f:b4:5d:27:37:eb:f3:39:
                    7d:5b:74:54:7d:65:39:99:4e:12:c9:df:84:8a:1c:
                    f0:4a:9e:ce:aa:65:f7:12:96:96:bd:73:c3:01:55:
                    b1:8c:0c:19:e6:0b:66:2d:b7:27:b9:e3:7b:6e:99:
                    b4:a0:a0:c7:b1:2a:39:50:b9:6f:66:65:d3:c5:5a:
                    dc:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:33:B2:CC:57:31:68:6D:30:86:FC:F8:93:B3:2A:E3:BB:58:69:55
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/GTOyzFcxaG0whvz4k7Mq47tYaVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:fd:ba:58:ca:63:d9:d4:ed:76:de:37:55:59:dc:07:f7:60:
         86:a8:f8:13:af:d9:a8:a9:72:56:02:f3:7e:7a:f4:86:8b:0a:
         bf:1c:cc:b0:51:b9:45:90:a2:b1:3a:74:83:f4:d9:4f:a7:39:
         0d:c7:d4:90:03:16:44:3d:16:38:99:78:fa:75:8e:48:9f:6f:
         c7:9d:cf:9c:8d:a8:1f:ba:b1:2b:ea:e6:e7:93:d3:99:b1:1f:
         a6:85:9a:ad:dd:e3:02:87:16:1e:a9:79:16:88:b4:d1:df:ea:
         c3:37:59:44:44:e6:20:2b:13:38:c4:1c:75:11:89:9b:ad:23:
         58:72:34:2f:a9:b1:50:f6:b6:6b:ea:d9:96:24:a5:70:63:23:
         26:e6:a3:e1:1a:75:83:25:e0:84:6a:b6:4e:c7:1c:d0:ca:51:
         eb:3b:a6:2d:84:ba:0f:e8:da:93:a8:4f:15:f2:8f:d8:52:16:
         47:ed:68:b2:ee:5c:d8:7a:e6:9a:80:e7:c2:f9:0d:6b:d5:2f:
         8b:2e:6a:79:16:61:78:86:d3:a2:4e:27:e3:c9:56:d0:3d:a1:
         4f:76:a1:1b:0a:be:ca:6c:50:18:49:f8:17:40:09:a3:1a:b7:
         d1:1c:9a:b7:6c:79:69:9f:62:9e:5e:ac:52:c2:fc:57:d6:bb:
         1b:cc:92:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2ziScoViYdfQx1+fsLaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTMzYjJjYzU3MzE2ODZkMzA4NmZjZjg5M2IzMmFlM2JiNTg2OTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjECx1tuqHHyBI69gKiJ0C/tMitLG
9d0Qf17g9KOwtlWh3ujSrl2HHarja6Zkb5x0VK63enUHMNKIaGFvhq+zxQD2+7nH
nabvgDeRcWq2Xt3VU6M3RwMNSJJg8mk7ZeRZ+rBm7a/M/9i2XTC4bHdlDkFzTTqE
d6C/tr672JdWglas71E7mLTWH1LLXeRHer83Iolpl3E4HGxK0TgrT0Prv6a8nc1E
vT+qJPUCkSk7Aw7CuCp93bMPawdIj7RdJzfr8zl9W3RUfWU5mU4Syd+EihzwSp7O
qmX3EpaWvXPDAVWxjAwZ5gtmLbcnueN7bpm0oKDHsSo5ULlvZmXTxVrcZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkzssxXMWhtMIb8+JOzKuO7WGlVMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvR1RPeXpGY3hhRzB3aHZ6NGs3TXE0N3RZYVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAT/bpYymPZ1O123jdVWdwH92CGqPgTr9moqXJWAvN+
evSGiwq/HMywUblFkKKxOnSD9NlPpzkNx9SQAxZEPRY4mXj6dY5In2/Hnc+cjagf
urEr6ubnk9OZsR+mhZqt3eMChxYeqXkWiLTR3+rDN1lEROYgKxM4xBx1EYmbrSNY
cjQvqbFQ9rZr6tmWJKVwYyMm5qPhGnWDJeCEarZOxxzQylHrO6YthLoP6NqTqE8V
8o/YUhZH7Wiy7lzYeuaagOfC+Q1r1S+LLmp5FmF4htOiTifjyVbQPaFPdqEbCr7K
bFAYSfgXQAmjGrfRHJq3bHlpn2KeXqxSwvxX1rsbzJI0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org