Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/GIJ2cox1HEuCBNI0EpC1W0Lds5w.roa
File:                     GIJ2cox1HEuCBNI0EpC1W0Lds5w.roa (raw, json)
Hash identifier:          aUgXc6k+MQSuHnUzX06sFegBC/+bU6zNOouGo38US0M=
Subject key identifier:   18:82:76:72:8C:75:1C:4B:82:04:D2:34:12:90:B5:5B:42:DD:B3:9C
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       018571B9ED6F8AF581EF5930D443FA7F0845
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/GIJ2cox1HEuCBNI0EpC1W0Lds5w.roa
Signing time:             Mon 02 Jan 2023 09:04:48 +0000
ROA not before:           Mon 02 Jan 2023 09:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31549
IP address blocks:        2.188.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Apr 2023 17:45:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b9:ed:6f:8a:f5:81:ef:59:30:d4:43:fa:7f:08:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  2 09:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=188276728c751c4b8204d2341290b55b42ddb39c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:47:3c:a2:8a:d7:f7:f3:be:1f:40:63:ce:7e:
                    99:97:51:9f:f1:ff:90:5a:48:79:fc:c7:51:55:1a:
                    f1:c8:73:b9:c6:be:6d:0e:31:c5:17:53:cb:b6:c2:
                    a6:55:f2:48:ae:1d:22:a6:ed:78:dd:eb:cf:8a:12:
                    75:22:24:d3:bd:20:d9:e5:ce:7e:2d:95:11:c1:f1:
                    72:ee:50:3a:78:77:21:83:c6:b8:68:75:62:26:9a:
                    c9:b3:85:60:47:34:8c:4f:8a:85:31:89:86:c3:ca:
                    e4:b1:fb:77:9f:32:a1:77:68:06:57:22:f9:a5:18:
                    f5:cf:67:61:08:02:49:85:a2:fc:49:58:17:e3:b8:
                    02:02:e3:df:c0:62:1e:99:d2:ef:e9:bf:54:45:8b:
                    4e:5f:33:a1:e1:55:05:22:1e:96:6b:3b:14:63:7d:
                    c1:84:fb:e6:f1:91:85:44:dc:3a:d6:1d:05:2f:99:
                    1c:6b:98:c4:9c:f8:54:80:71:40:89:ef:f2:80:1b:
                    b1:25:59:72:5e:37:ae:d1:32:65:4c:eb:9d:c6:cd:
                    08:6b:58:21:60:19:ee:a3:a6:d2:a0:75:c1:2f:d2:
                    67:8f:2c:a2:14:17:ea:fb:30:14:16:15:e0:4d:97:
                    49:ff:48:40:fb:f5:ff:b2:ed:10:d1:7d:f6:ae:94:
                    cc:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:82:76:72:8C:75:1C:4B:82:04:D2:34:12:90:B5:5B:42:DD:B3:9C
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/GIJ2cox1HEuCBNI0EpC1W0Lds5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.188.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:87:52:b3:54:62:de:f8:04:d8:dd:f2:81:81:88:13:9e:c7:
         f5:bf:67:17:0b:ce:36:40:26:9e:22:54:f8:67:9d:21:34:cc:
         bc:84:20:c1:58:b8:63:e8:ee:35:04:1a:07:64:ee:be:9c:0e:
         55:f5:29:c5:be:ef:2c:62:83:1f:4c:8f:78:a6:23:00:8e:ee:
         97:75:d4:25:0b:60:dd:fe:ad:19:6e:da:4d:92:01:98:be:9f:
         fa:18:49:00:48:fa:5c:76:ca:60:38:56:65:02:ff:09:3d:57:
         68:b8:1a:be:1b:69:46:2e:2d:d2:1f:3a:0d:56:7a:6f:1a:3d:
         96:05:65:89:4c:bb:a6:b4:9e:43:a7:de:ab:7a:b9:8a:25:c3:
         ea:8c:cb:4a:31:38:78:6e:95:ce:dc:06:86:fd:e0:80:bc:cd:
         82:e8:eb:3b:b3:a3:34:76:11:c6:25:24:9c:aa:c6:1a:1d:6c:
         fb:90:39:bc:a0:99:0d:6b:eb:65:64:ef:c6:c7:61:33:fc:17:
         0a:17:6b:ea:42:da:07:95:c8:c6:80:62:05:9a:8e:d7:70:e1:
         ca:c2:7a:11:aa:4b:58:17:1d:77:ff:3e:3b:90:f2:d5:6a:ff:
         fb:6d:1f:2f:41:6d:ba:08:1d:dc:6a:ed:4a:fb:86:79:48:a8:
         fd:1a:14:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxue1vivWB71kw1EP6fwhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODgyNzY3MjhjNzUxYzRiODIwNGQyMzQxMjkwYjU1YjQyZGRiMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkc8oorX9/O+H0Bjzn6Zl1Gf8f+Q
Wkh5/MdRVRrxyHO5xr5tDjHFF1PLtsKmVfJIrh0ipu143evPihJ1IiTTvSDZ5c5+
LZURwfFy7lA6eHchg8a4aHViJprJs4VgRzSMT4qFMYmGw8rksft3nzKhd2gGVyL5
pRj1z2dhCAJJhaL8SVgX47gCAuPfwGIemdLv6b9URYtOXzOh4VUFIh6WazsUY33B
hPvm8ZGFRNw61h0FL5kca5jEnPhUgHFAie/ygBuxJVlyXjeu0TJlTOudxs0Ia1gh
YBnuo6bSoHXBL9JnjyyiFBfq+zAUFhXgTZdJ/0hA+/X/su0Q0X32rpTMZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiCdnKMdRxLggTSNBKQtVtC3bOcMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvR0lKMmNveDFIRXVDQk5JMEVwQzFXMExkczV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAArwLMA0G
CSqGSIb3DQEBCwUAA4IBAQCrh1KzVGLe+ATY3fKBgYgTnsf1v2cXC842QCaeIlT4
Z50hNMy8hCDBWLhj6O41BBoHZO6+nA5V9SnFvu8sYoMfTI94piMAju6XddQlC2Dd
/q0ZbtpNkgGYvp/6GEkASPpcdspgOFZlAv8JPVdouBq+G2lGLi3SHzoNVnpvGj2W
BWWJTLumtJ5Dp96rermKJcPqjMtKMTh4bpXO3AaG/eCAvM2C6Os7s6M0dhHGJSSc
qsYaHWz7kDm8oJkNa+tlZO/Gx2Ez/BcKF2vqQtoHlcjGgGIFmo7XcOHKwnoRqktY
Fx13/z47kPLVav/7bR8vQW26CB3cau1K+4Z5SKj9GhQo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org