Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/GWj4Qi_nUEBlZm43NWNATzN78J4.roa
File:                     GWj4Qi_nUEBlZm43NWNATzN78J4.roa (raw, json)
Hash identifier:          rGlp6K5Nd1Is8Tmk4YJB7tLuVvN+e3BaJSRabQZ6lwU=
Subject key identifier:   19:68:F8:42:2F:E7:50:40:65:66:6E:37:35:63:40:4F:33:7B:F0:9E
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018D84C45CB50AB12B9EEF2202A07DAC12C8
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/GWj4Qi_nUEBlZm43NWNATzN78J4.roa
Signing time:             Wed 07 Feb 2024 18:11:17 +0000
ROA not before:           Wed 07 Feb 2024 18:11:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204957
IP address blocks:        185.202.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:84:c4:5c:b5:0a:b1:2b:9e:ef:22:02:a0:7d:ac:12:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb  7 18:11:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1968f8422fe7504065666e373563404f337bf09e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f3:20:55:6f:bb:1e:54:fc:a7:f3:21:d9:00:
                    5f:cb:5c:93:56:61:fd:3c:db:c0:f8:73:24:da:f3:
                    b8:b6:cb:e0:38:ca:6f:df:89:f8:b9:45:38:e0:c0:
                    ba:d1:49:cd:c8:2a:ba:12:80:9a:1c:dc:32:2b:82:
                    2f:64:0b:55:90:fe:9d:42:04:cd:41:c4:0a:0e:bb:
                    6c:f5:8e:81:c7:3b:4c:60:7b:46:37:cf:a1:9c:73:
                    4f:ff:83:c8:85:a1:6a:ef:4b:7a:44:b6:bb:fa:87:
                    c1:b1:32:9a:5b:88:69:fb:2b:7b:d7:09:95:61:39:
                    a0:38:7e:11:f5:15:90:22:55:97:73:82:7a:6d:f9:
                    bd:9f:03:42:e9:2c:eb:f9:e9:a3:dc:89:ef:a4:e2:
                    ed:4a:91:55:8e:c8:97:78:3b:b8:0c:1e:c5:10:3f:
                    6b:e7:88:8e:4b:40:6d:77:8e:87:0f:60:ae:13:fc:
                    36:56:0a:78:c5:02:ba:77:95:60:97:43:05:16:f1:
                    5f:d2:27:ec:ae:8d:cf:cd:18:26:5d:ca:0c:7f:7f:
                    7d:0e:b2:c0:6d:3f:76:44:48:c9:fd:3d:d4:e5:11:
                    51:6e:6e:47:6d:05:0e:fa:16:b0:3d:8f:63:59:8b:
                    3b:29:dd:cd:68:6c:a7:b9:96:7c:be:34:74:23:59:
                    0c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:68:F8:42:2F:E7:50:40:65:66:6E:37:35:63:40:4F:33:7B:F0:9E
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/GWj4Qi_nUEBlZm43NWNATzN78J4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.202.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:84:32:cd:9f:0e:a3:d7:ee:25:c1:91:72:aa:21:eb:f8:14:
         7f:fa:26:7f:38:70:3e:31:72:bc:ff:99:cb:58:50:e0:2d:8c:
         73:cf:1c:a6:66:0f:d6:65:6a:19:39:fa:48:40:29:e1:16:55:
         a3:59:5a:23:11:a1:20:91:ce:db:31:09:bd:ed:d3:ea:9a:b8:
         59:35:a0:3b:99:92:e5:d0:36:51:2e:8f:5a:94:eb:2a:38:07:
         9c:8c:cf:90:d4:d5:47:b4:05:c8:b6:88:5f:fc:38:6d:22:06:
         2c:c3:6b:ed:80:9b:88:dd:d5:0a:38:ea:63:2d:81:24:fd:83:
         71:16:33:9e:47:a4:17:f7:93:45:ab:66:99:20:2c:e8:f4:e3:
         54:6c:c3:a6:b4:85:dd:f2:a0:a5:3d:0b:76:d7:4a:4f:e9:c7:
         b5:4e:e5:77:4d:eb:54:5f:48:93:e0:81:05:d5:86:27:65:b0:
         9b:15:a4:a5:9c:b5:97:e1:d7:8b:a3:d7:a0:8e:8d:c2:31:92:
         52:1b:72:56:db:48:44:48:b7:03:cd:01:8b:c9:13:a6:78:7d:
         e7:6b:5c:63:d8:7e:ef:81:0f:f2:ac:ed:f5:fd:26:bd:c9:8b:
         fe:af:15:7f:03:df:cc:f2:56:ab:34:43:a4:4c:10:87:ee:9b:
         ea:43:5e:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ExFy1CrErnu8iAqB9rBLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA3MTgxMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTY4Zjg0MjJmZTc1MDQwNjU2NjZlMzczNTYzNDA0ZjMzN2JmMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifMgVW+7HlT8p/Mh2QBfy1yTVmH9
PNvA+HMk2vO4tsvgOMpv34n4uUU44MC60UnNyCq6EoCaHNwyK4IvZAtVkP6dQgTN
QcQKDrts9Y6BxztMYHtGN8+hnHNP/4PIhaFq70t6RLa7+ofBsTKaW4hp+yt71wmV
YTmgOH4R9RWQIlWXc4J6bfm9nwNC6Szr+emj3InvpOLtSpFVjsiXeDu4DB7FED9r
54iOS0Btd46HD2CuE/w2Vgp4xQK6d5Vgl0MFFvFf0ifsro3PzRgmXcoMf399DrLA
bT92REjJ/T3U5RFRbm5HbQUO+hawPY9jWYs7Kd3NaGynuZZ8vjR0I1kMlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlo+EIv51BAZWZuNzVjQE8ze/CeMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvR1dqNFFpX25VRUJsWm00M05XTkFUek43OEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucprMA0G
CSqGSIb3DQEBCwUAA4IBAQBihDLNnw6j1+4lwZFyqiHr+BR/+iZ/OHA+MXK8/5nL
WFDgLYxzzxymZg/WZWoZOfpIQCnhFlWjWVojEaEgkc7bMQm97dPqmrhZNaA7mZLl
0DZRLo9alOsqOAecjM+Q1NVHtAXItohf/DhtIgYsw2vtgJuI3dUKOOpjLYEk/YNx
FjOeR6QX95NFq2aZICzo9ONUbMOmtIXd8qClPQt210pP6ce1TuV3TetUX0iT4IEF
1YYnZbCbFaSlnLWX4deLo9egjo3CMZJSG3JW20hESLcDzQGLyROmeH3na1xj2H7v
gQ/yrO31/Sa9yYv+rxV/A9/M8larNEOkTBCH7pvqQ166
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org