Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/GST9wznLQ6SaWjnz4ftBLTmY8X8.roa
File:                     GST9wznLQ6SaWjnz4ftBLTmY8X8.roa (raw, json)
Hash identifier:          xmJlCO3PMNXS4v3+GH8lm1tpOE94y/5pXgz2KASX+Lg=
Subject key identifier:   19:24:FD:C3:39:CB:43:A4:9A:5A:39:F3:E1:FB:41:2D:39:98:F1:7F
Certificate issuer:       /CN=5a1a31909780e81734af6607272d18525db7657d
Certificate serial:       018571276238535F3EBC17F9CB547B05F030
Authority key identifier: 5A:1A:31:90:97:80:E8:17:34:AF:66:07:27:2D:18:52:5D:B7:65:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/GST9wznLQ6SaWjnz4ftBLTmY8X8.roa
Signing time:             Mon 02 Jan 2023 06:24:44 +0000
ROA not before:           Mon 02 Jan 2023 06:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39730
IP address blocks:        185.195.132.0/22 maxlen: 22
                          178.250.176.0/21 maxlen: 21
                          2a0a:23c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:62:38:53:5f:3e:bc:17:f9:cb:54:7b:05:f0:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a1a31909780e81734af6607272d18525db7657d
        Validity
            Not Before: Jan  2 06:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1924fdc339cb43a49a5a39f3e1fb412d3998f17f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:18:37:4f:78:79:dc:67:64:de:07:6c:fc:e3:
                    f5:aa:4f:06:f3:10:66:ba:74:38:5d:09:8f:bb:ac:
                    6f:d9:05:6a:90:69:a6:9b:98:14:24:b8:40:8e:c9:
                    bd:0f:98:1f:e2:6e:63:60:bb:37:47:da:bb:c8:be:
                    ab:06:d9:f4:2b:b4:ce:58:67:84:56:03:0a:7a:21:
                    32:23:b2:54:c2:f1:06:c7:73:2d:04:57:0a:7c:1d:
                    f1:2d:d9:b3:98:d4:00:fc:67:8b:24:53:1f:7a:fc:
                    27:e1:36:ed:d1:a0:2c:9a:c4:c0:45:d8:90:0c:cc:
                    c3:cd:6f:97:8e:5b:0c:0f:d9:f1:18:18:5d:60:5f:
                    d3:0a:45:78:d0:02:be:e2:e0:38:b3:f5:21:2a:81:
                    59:9f:ee:01:7e:58:a7:51:60:3b:f6:15:fb:e1:52:
                    56:02:51:7b:8d:3f:69:50:3c:63:89:0c:80:f2:50:
                    a1:4c:0d:cf:93:19:f8:01:94:ec:bf:0b:87:14:c2:
                    77:28:dc:4e:64:ed:74:79:77:90:9c:29:37:aa:76:
                    16:a3:48:e7:fd:9e:ae:4a:b4:b4:17:10:ca:b4:41:
                    b1:24:5c:fe:01:fd:6f:98:b3:69:6b:74:5c:d2:fa:
                    53:d1:57:53:95:32:70:d7:52:95:a0:55:7f:c3:37:
                    57:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:24:FD:C3:39:CB:43:A4:9A:5A:39:F3:E1:FB:41:2D:39:98:F1:7F
            X509v3 Authority Key Identifier:
                keyid:5A:1A:31:90:97:80:E8:17:34:AF:66:07:27:2D:18:52:5D:B7:65:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/GST9wznLQ6SaWjnz4ftBLTmY8X8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.250.176.0/21
                  185.195.132.0/22
                IPv6:
                  2a0a:23c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         8c:9d:39:a7:55:9c:43:d7:01:04:6f:12:ed:b5:5e:cb:b2:ce:
         49:b0:6d:30:5b:03:3e:b5:75:4f:74:99:9d:40:ac:b6:e3:c7:
         a0:ed:5e:c9:5c:e7:a4:fc:f2:a1:4f:9f:6f:64:7a:80:85:28:
         cb:9e:e0:0b:55:53:3c:e4:35:72:d6:6a:a8:a0:64:34:7d:9e:
         f2:3e:15:e3:d2:06:61:0f:75:79:1c:73:4f:05:b0:00:96:50:
         ae:80:ee:e8:fa:dd:c7:23:af:63:10:6d:28:88:65:22:0f:7f:
         4e:37:72:14:61:f2:28:4d:7d:fe:d2:ef:30:02:78:c2:84:95:
         77:e2:ee:da:85:a4:a0:82:58:09:9b:ed:26:7b:af:9a:68:0e:
         21:02:01:40:9c:63:52:d0:94:03:ad:84:6e:26:28:1b:1c:4b:
         e0:f4:fb:55:e7:7b:38:3b:3e:66:2f:4f:25:c6:e7:5b:5b:e3:
         b5:d3:47:a6:b0:32:da:ea:35:c6:af:bf:72:51:f4:bc:51:6c:
         1b:e1:07:0b:1a:3b:a6:2a:29:56:40:ed:d9:ff:6f:ea:e6:5a:
         c6:c6:ac:4a:ac:f1:53:04:db:c3:d7:e5:4e:dd:78:f6:98:f3:
         be:1a:4e:3b:af:28:fe:28:35:cc:53:9d:07:9a:9f:52:f2:f2:
         15:3f:b9:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxJ2I4U18+vBf5y1R7BfAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMWEzMTkwOTc4MGU4MTczNGFmNjYwNzI3MmQxODUyNWRi
NzY1N2QwHhcNMjMwMTAyMDYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTI0ZmRjMzM5Y2I0M2E0OWE1YTM5ZjNlMWZiNDEyZDM5OThmMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRg3T3h53Gdk3gds/OP1qk8G8xBm
unQ4XQmPu6xv2QVqkGmmm5gUJLhAjsm9D5gf4m5jYLs3R9q7yL6rBtn0K7TOWGeE
VgMKeiEyI7JUwvEGx3MtBFcKfB3xLdmzmNQA/GeLJFMfevwn4Tbt0aAsmsTARdiQ
DMzDzW+XjlsMD9nxGBhdYF/TCkV40AK+4uA4s/UhKoFZn+4BflinUWA79hX74VJW
AlF7jT9pUDxjiQyA8lChTA3Pkxn4AZTsvwuHFMJ3KNxOZO10eXeQnCk3qnYWo0jn
/Z6uSrS0FxDKtEGxJFz+Af1vmLNpa3Rc0vpT0VdTlTJw11KVoFV/wzdXzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBkk/cM5y0Okmlo58+H7QS05mPF/MB8GA1UdIwQY
MBaAFFoaMZCXgOgXNK9mByctGFJdt2V9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hveGtKZUE2QmMwcjJZSEp5MFlVbDIzWlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMTAwNTctOTliYi00NGY5LTk3NzQt
Mjc1MmIzNzU5MDY2LzEvR1NUOXd6bkxRNlNhV2puejRmdEJMVG1ZOFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMTAwNTctOTliYi00NGY5LTk3NzQtMjc1MmIzNzU5MDY2
LzEvV2hveGtKZUE2QmMwcjJZSEp5MFlVbDIzWlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvqwAwQC
ucOEMA0EAgACMAcDBQMqCiPAMA0GCSqGSIb3DQEBCwUAA4IBAQCMnTmnVZxD1wEE
bxLttV7Lss5JsG0wWwM+tXVPdJmdQKy248eg7V7JXOek/PKhT59vZHqAhSjLnuAL
VVM85DVy1mqooGQ0fZ7yPhXj0gZhD3V5HHNPBbAAllCugO7o+t3HI69jEG0oiGUi
D39ON3IUYfIoTX3+0u8wAnjChJV34u7ahaSgglgJm+0me6+aaA4hAgFAnGNS0JQD
rYRuJigbHEvg9PtV53s4Oz5mL08lxudbW+O100emsDLa6jXGr79yUfS8UWwb4QcL
GjumKilWQO3Z/2/q5lrGxqxKrPFTBNvD1+VO3Xj2mPO+Gk47ryj+KDXMU50Hmp9S
8vIVP7m0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org