Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa
File:                     GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa (raw, json)
Hash identifier:          /heeITvMMLixov9UBcFghfsnXAfPa45GZkQX1hHNq7M=
Subject key identifier:   19:A1:19:D3:B6:56:A4:B3:84:8A:47:3B:43:E4:C8:6C:61:CE:3C:55
Certificate issuer:       /CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Certificate serial:       0186A1C07387A3B0E39D97B48B793723D4F4
Authority key identifier: 8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa
Signing time:             Thu 02 Mar 2023 09:56:29 +0000
ROA not before:           Thu 02 Mar 2023 09:56:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203924
IP address blocks:        185.113.144.0/22 maxlen: 22
                          185.146.36.0/22 maxlen: 22
                          185.216.120.0/22 maxlen: 22
                          85.117.252.0/23 maxlen: 23
                          85.117.252.0/22 maxlen: 22
                          85.117.254.0/23 maxlen: 23
                          193.105.0.0/24 maxlen: 24
                          2a06:6a40::/29 maxlen: 29
                          2a0b:b640::/29 maxlen: 29
                          2a07:4d00::/30 maxlen: 30
                          2a07:4d00::/29 maxlen: 29
                          2a07:4d04::/30 maxlen: 30

Validation:               Failed, certificate revoked on Sat 01 Apr 2023 04:12:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a1:c0:73:87:a3:b0:e3:9d:97:b4:8b:79:37:23:d4:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
        Validity
            Not Before: Mar  2 09:56:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19a119d3b656a4b3848a473b43e4c86c61ce3c55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b1:3c:f0:50:9c:dd:c5:c2:2f:a1:f7:91:dc:
                    44:a8:96:ba:d0:3e:26:ce:27:55:25:ce:5f:0a:a2:
                    e1:17:6a:7a:76:47:d5:6a:d2:e9:c8:20:9b:e8:b7:
                    b7:7a:68:21:0e:62:17:9f:41:16:7b:dc:61:62:ac:
                    e3:81:40:dd:f0:d7:6d:bf:c2:65:c9:f2:6a:82:53:
                    3d:27:b6:5b:cf:28:27:ec:10:ad:7b:76:bc:81:23:
                    3c:55:f8:41:d9:54:5c:19:eb:3b:df:1e:c3:cc:25:
                    5d:8f:48:ca:a9:f8:d9:a1:9a:ea:b8:4b:d1:4d:80:
                    1f:ce:ae:96:53:65:a9:30:45:07:4b:1a:4f:83:e8:
                    c6:49:0a:c1:f1:dd:ad:fc:29:f3:54:f1:02:ae:b4:
                    8e:97:f0:99:b1:48:0e:4f:cb:4e:ec:f8:a3:c8:58:
                    77:b8:0b:bb:da:25:7e:0b:88:39:c8:91:75:d8:b2:
                    88:f7:04:43:fe:53:24:f4:a2:6a:37:ad:54:d8:6f:
                    20:8f:c9:2c:c8:9e:1e:9f:a1:ad:02:dc:4f:e8:25:
                    78:c8:1b:b5:d1:50:7b:cd:45:84:00:e0:b9:63:91:
                    56:b5:40:d0:d3:70:09:d4:a2:9a:53:fc:a9:3a:5c:
                    d6:a6:d0:2d:1a:96:85:86:22:53:7a:99:09:60:fd:
                    6c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A1:19:D3:B6:56:A4:B3:84:8A:47:3B:43:E4:C8:6C:61:CE:3C:55
            X509v3 Authority Key Identifier:
                keyid:8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/j5D2t16RPyeC7VSetyFyxZzEevE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.117.252.0/22
                  185.113.144.0/22
                  185.146.36.0/22
                  185.216.120.0/22
                  193.105.0.0/24
                IPv6:
                  2a06:6a40::/29
                  2a07:4d00::/29
                  2a0b:b640::/29

    Signature Algorithm: sha256WithRSAEncryption
         06:5c:7e:6f:fa:37:5f:da:07:d7:3b:ef:80:7f:27:2e:1c:45:
         1e:13:84:36:17:01:eb:20:70:4c:44:d2:75:31:b2:51:a1:d7:
         64:78:b4:9d:66:b4:bf:4f:81:07:17:b0:68:3a:9f:83:40:da:
         43:4c:70:55:5f:9c:b5:cf:f0:fb:45:58:61:2c:b8:bb:57:b1:
         9e:2b:66:ad:c6:be:fe:cc:2e:6c:e9:71:9b:1f:5e:2d:b3:1b:
         e7:98:d9:cc:6f:60:0b:ad:6f:b1:27:e6:c6:4b:f9:b3:1a:26:
         81:e8:8e:b3:05:e3:e8:da:03:fa:34:4a:93:ad:21:bc:b9:d6:
         bc:e4:0f:e1:87:44:a9:3f:e5:75:e2:5b:33:1e:10:03:ac:4a:
         9c:2c:91:94:2e:ec:85:6d:19:26:f4:85:b8:d5:09:ca:20:fa:
         60:b0:c9:54:0d:13:d6:9b:c0:01:be:21:9f:84:27:5e:22:5f:
         04:13:ac:69:7b:5b:e9:3b:c5:e3:b0:dd:9b:0e:69:ee:36:e2:
         b2:99:47:66:ad:59:8c:6e:34:59:a9:7a:a3:43:58:ea:e8:d2:
         e0:80:f8:29:49:ce:6f:15:bd:62:61:10:c2:63:6b:99:96:de:
         bd:26:0d:c6:20:09:6a:c9:f2:b6:ab:ce:88:2c:c4:d8:df:1f:
         db:08:ce:c6
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYahwHOHo7DjnZe0i3k3I9T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOTBmNmI3NWU5MTNmMjc4MmVkNTQ5ZWI3MjE3MmM1OWNj
NDdhZjEwHhcNMjMwMzAyMDk1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWExMTlkM2I2NTZhNGIzODQ4YTQ3M2I0M2U0Yzg2YzYxY2UzYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorE88FCc3cXCL6H3kdxEqJa60D4m
zidVJc5fCqLhF2p6dkfVatLpyCCb6Le3emghDmIXn0EWe9xhYqzjgUDd8Ndtv8Jl
yfJqglM9J7Zbzygn7BCte3a8gSM8VfhB2VRcGes73x7DzCVdj0jKqfjZoZrquEvR
TYAfzq6WU2WpMEUHSxpPg+jGSQrB8d2t/CnzVPECrrSOl/CZsUgOT8tO7PijyFh3
uAu72iV+C4g5yJF12LKI9wRD/lMk9KJqN61U2G8gj8ksyJ4en6GtAtxP6CV4yBu1
0VB7zUWEAOC5Y5FWtUDQ03AJ1KKaU/ypOlzWptAtGpaFhiJTepkJYP1s5wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBmhGdO2VqSzhIpHO0PkyGxhzjxVMB8GA1UdIwQY
MBaAFI+Q9rdekT8ngu1UnrchcsWcxHrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQt
YzFkMGFjYjc4MTlhLzEvR2FFWjA3WldwTE9FaWtjN1EtVEliR0hPUEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQtYzFkMGFjYjc4MTlh
LzEvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCVXX8AwQC
uXGQAwQCuZIkAwQCudh4AwQAwWkAMBsEAgACMBUDBQMqBmpAAwUDKgdNAAMFAyoL
tkAwDQYJKoZIhvcNAQELBQADggEBAAZcfm/6N1/aB9c774B/Jy4cRR4ThDYXAesg
cExE0nUxslGh12R4tJ1mtL9PgQcXsGg6n4NA2kNMcFVfnLXP8PtFWGEsuLtXsZ4r
Zq3Gvv7MLmzpcZsfXi2zG+eY2cxvYAutb7En5sZL+bMaJoHojrMF4+jaA/o0SpOt
Iby51rzkD+GHRKk/5XXiWzMeEAOsSpwskZQu7IVtGSb0hbjVCcog+mCwyVQNE9ab
wAG+IZ+EJ14iXwQTrGl7W+k7xeOw3ZsOae424rKZR2atWYxuNFmpeqNDWOro0uCA
+ClJzm8VvWJhEMJja5mW3r0mDcYgCWrJ8rarzogsxNjfH9sIzsY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:45 2024 by rpki-client on console-fra.rpki-client.org