Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/gwipT2VXO1YZo8OqwGX9EuQL2Cs.roa
File:                     gwipT2VXO1YZo8OqwGX9EuQL2Cs.roa (raw, json)
Hash identifier:          9WSSRS4UaSSR/Ry0sY0n4lbvvFYOCQn7Am8AQShppPg=
Subject key identifier:   83:08:A9:4F:65:57:3B:56:19:A3:C3:AA:C0:65:FD:12:E4:0B:D8:2B
Certificate issuer:       /CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Certificate serial:       018BD2632E7EA9344E7102498C47CBDA8C14
Authority key identifier: D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/gwipT2VXO1YZo8OqwGX9EuQL2Cs.roa
Signing time:             Wed 15 Nov 2023 09:49:57 +0000
ROA not before:           Wed 15 Nov 2023 09:49:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16589
IP address blocks:        81.31.128.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Dec 2023 16:06:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d2:63:2e:7e:a9:34:4e:71:02:49:8c:47:cb:da:8c:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
        Validity
            Not Before: Nov 15 09:49:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8308a94f65573b5619a3c3aac065fd12e40bd82b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:56:77:34:df:cd:ae:32:91:02:7b:b8:6d:03:
                    7b:ab:c5:17:c1:ce:79:a8:9e:10:a1:07:85:3d:d1:
                    2d:eb:87:00:5f:91:78:79:78:55:c4:28:39:7c:8e:
                    df:d4:30:07:21:81:a4:3c:21:fa:cf:75:f5:77:45:
                    d4:2a:c8:0c:d3:db:12:e1:dc:ed:f7:66:ab:6a:5a:
                    5d:73:ed:a9:59:b7:d8:99:13:48:8e:36:df:e6:38:
                    ba:0a:6a:3d:0d:d1:9a:d2:a6:46:ee:99:b6:bf:d6:
                    f7:8a:8e:6c:f7:2e:48:fa:a3:1c:97:17:d8:c5:1f:
                    8e:7f:cc:b2:5d:b0:a8:b3:f9:e1:0c:a6:56:fd:3f:
                    10:89:03:9f:61:35:e9:81:05:45:1d:2c:75:70:59:
                    e5:ee:9d:4c:8f:c0:92:be:c7:2e:58:4b:f1:f7:f5:
                    76:80:bb:5e:a7:97:c2:0a:dc:bb:16:ed:37:04:07:
                    ac:3b:9a:3a:84:b8:56:0e:b5:aa:67:e7:39:25:25:
                    b6:59:22:48:d4:e2:52:ff:8b:14:1b:98:35:ee:c2:
                    d2:f0:8d:58:82:5d:4b:f4:5f:1d:18:d8:9e:fa:b0:
                    5b:1c:82:46:5b:93:13:d8:2f:cb:85:1d:87:72:0d:
                    d8:cf:15:a1:3d:97:df:2a:44:b8:8d:10:d5:a4:2a:
                    b2:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:08:A9:4F:65:57:3B:56:19:A3:C3:AA:C0:65:FD:12:E4:0B:D8:2B
            X509v3 Authority Key Identifier:
                keyid:D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/gwipT2VXO1YZo8OqwGX9EuQL2Cs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         80:f3:a4:39:2b:f7:58:41:cc:e0:86:d2:78:c5:b2:1c:4d:88:
         3b:13:c2:08:f3:d0:3a:db:48:95:17:b3:a7:55:25:ca:0d:f7:
         e8:f5:b1:6a:fc:19:70:67:c2:46:94:fb:cc:e1:12:08:35:99:
         b5:b3:95:d0:c7:d8:d4:91:43:32:fe:d8:e4:18:7c:f9:49:b5:
         d7:9b:19:a7:c7:08:4c:d7:9d:23:92:cf:89:86:20:4c:14:50:
         ce:b9:ff:b7:ac:ba:46:59:4e:19:9f:19:bc:92:91:0c:46:40:
         2b:c3:ea:64:3e:37:e7:6f:02:ca:80:6b:88:81:da:4d:63:d0:
         db:06:41:c1:d7:1f:ba:52:88:d1:aa:77:60:b7:a5:eb:48:e2:
         31:09:45:7f:19:dd:97:26:d0:23:3f:04:d3:86:28:b1:2b:59:
         e6:0e:9a:8a:49:ef:4c:a2:ec:0b:97:d7:a6:10:bb:40:b3:16:
         36:64:a4:26:33:66:2c:25:d6:98:a8:47:78:ff:d4:d8:53:17:
         53:ed:16:e2:a0:0c:de:e7:74:be:9a:9e:4d:f1:9c:81:85:45:
         33:5b:60:7d:8a:11:8e:8d:ad:c7:a6:52:20:93:81:cc:f1:ba:
         43:e6:a1:e8:94:cd:b5:7b:93:97:4d:aa:47:99:09:ce:bb:d5:
         6c:2c:01:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvSYy5+qTROcQJJjEfL2owUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjNhNWJlNWUyMWNhNDYwNzMyYWU0OGYzODVhM2VhMTUw
YTJiZTEwHhcNMjMxMTE1MDk0OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzA4YTk0ZjY1NTczYjU2MTlhM2MzYWFjMDY1ZmQxMmU0MGJkODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFZ3NN/NrjKRAnu4bQN7q8UXwc55
qJ4QoQeFPdEt64cAX5F4eXhVxCg5fI7f1DAHIYGkPCH6z3X1d0XUKsgM09sS4dzt
92aralpdc+2pWbfYmRNIjjbf5ji6Cmo9DdGa0qZG7pm2v9b3io5s9y5I+qMclxfY
xR+Of8yyXbCos/nhDKZW/T8QiQOfYTXpgQVFHSx1cFnl7p1Mj8CSvscuWEvx9/V2
gLtep5fCCty7Fu03BAesO5o6hLhWDrWqZ+c5JSW2WSJI1OJS/4sUG5g17sLS8I1Y
gl1L9F8dGNie+rBbHIJGW5MT2C/LhR2Hcg3YzxWhPZffKkS4jRDVpCqyVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMIqU9lVztWGaPDqsBl/RLkC9grMB8GA1UdIwQY
MBaAFNQjpb5eIcpGBzKuSPOFo+oVCivhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2It
ZDk0NzY2NjU3NTVhLzEvZ3dpcFQyVlhPMVlabzhPcXdHWDlFdVFMMkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2ItZDk0NzY2NjU3NTVh
LzEvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUR+AMA0G
CSqGSIb3DQEBCwUAA4IBAQCA86Q5K/dYQczghtJ4xbIcTYg7E8II89A620iVF7On
VSXKDffo9bFq/BlwZ8JGlPvM4RIINZm1s5XQx9jUkUMy/tjkGHz5SbXXmxmnxwhM
150jks+JhiBMFFDOuf+3rLpGWU4Znxm8kpEMRkArw+pkPjfnbwLKgGuIgdpNY9Db
BkHB1x+6UojRqndgt6XrSOIxCUV/Gd2XJtAjPwTThiixK1nmDpqKSe9MouwLl9em
ELtAsxY2ZKQmM2YsJdaYqEd4/9TYUxdT7RbioAze53S+mp5N8ZyBhUUzW2B9ihGO
ja3HplIgk4HM8bpD5qHolM21e5OXTapHmQnOu9VsLAGs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org