Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/GlCZZmb3Et03pku7ss6pXGmIyQo.roa
File:                     GlCZZmb3Et03pku7ss6pXGmIyQo.roa (raw, json)
Hash identifier:          zvskndEVh5/tCrgH6a1G5GRE4VaOoXL24ZFPYjucUBg=
Subject key identifier:   1A:50:99:66:66:F7:12:DD:37:A6:4B:BB:B2:CE:A9:5C:69:88:C9:0A
Certificate issuer:       /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial:       018CC802BC4E602B9205488E7D0A0D4D56F2
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/GlCZZmb3Et03pku7ss6pXGmIyQo.roa
Signing time:             Tue 02 Jan 2024 02:31:11 +0000
ROA not before:           Tue 02 Jan 2024 02:31:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41717
IP address blocks:        193.242.106.0/24 maxlen: 32
                          193.242.109.0/24 maxlen: 32
                          193.43.79.0/24 maxlen: 32
                          193.43.91.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Sat 19 Oct 2024 12:17:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:bc:4e:60:2b:92:05:48:8e:7d:0a:0d:4d:56:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
        Validity
            Not Before: Jan  2 02:31:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1a50996666f712dd37a64bbbb2cea95c6988c90a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:69:7d:28:54:80:68:a3:ea:ca:00:8d:f6:0a:
                    61:8b:1a:3c:04:8b:c5:18:a6:48:08:a4:bc:7d:95:
                    f3:0e:77:b3:42:47:1f:32:74:8f:e7:d1:47:c8:41:
                    4e:02:62:5c:db:9d:d7:54:e8:13:cb:8a:ea:13:d0:
                    b1:c4:b2:2d:fd:ad:1c:9b:53:7a:4b:7b:e8:3f:da:
                    65:11:13:ce:66:b4:4d:ec:ad:08:6c:26:f9:1d:c3:
                    cd:86:7e:78:eb:00:19:e5:ee:0b:11:4c:84:02:0f:
                    76:c8:2c:cf:33:d9:6e:a7:77:6d:0d:9c:1c:2c:85:
                    30:c0:86:30:8f:78:21:2f:68:a0:59:77:10:4b:98:
                    10:84:7b:9b:f5:f5:d5:ca:aa:56:d3:19:6d:88:7e:
                    af:a1:0c:97:3b:6c:4d:7c:29:37:81:e9:fd:d4:fc:
                    6c:61:df:9a:f2:e5:16:08:ea:2d:0b:ed:46:ef:d3:
                    c8:77:48:40:74:c8:c9:e7:38:a3:4f:43:a9:dd:3d:
                    84:2b:8b:08:5e:28:bf:a8:3f:e3:f2:2a:91:20:f9:
                    3c:aa:31:2a:e0:f4:49:41:6b:0f:75:6c:b4:83:16:
                    d7:bf:c5:4d:33:bd:e0:5d:0f:a1:4b:0d:1f:81:f2:
                    11:95:7a:c9:97:ef:f1:be:8a:0a:e4:5b:c9:1e:a9:
                    17:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:50:99:66:66:F7:12:DD:37:A6:4B:BB:B2:CE:A9:5C:69:88:C9:0A
            X509v3 Authority Key Identifier:
                keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/GlCZZmb3Et03pku7ss6pXGmIyQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.43.79.0/24
                  193.43.91.0/24
                  193.242.106.0/24
                  193.242.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:7d:a3:24:d3:10:76:47:ff:03:20:d3:61:34:f4:c9:0c:0e:
         a6:3a:56:e4:64:7c:70:a2:82:6a:83:3d:13:b9:c0:c7:74:60:
         47:29:32:3d:72:8e:f5:33:35:fa:00:2a:4d:d7:5f:06:2f:05:
         cd:99:ef:ac:98:d8:e7:fa:b5:f4:72:21:74:c7:b2:ef:36:44:
         6d:82:a2:73:77:7d:68:bf:a7:84:fd:07:45:4c:db:90:0a:dc:
         12:a4:48:c1:99:32:64:a7:a4:d2:25:9e:93:4e:7a:dd:50:ed:
         7a:af:9b:00:e3:fc:49:98:39:3b:c8:11:10:48:0f:db:2b:69:
         6b:d7:af:7b:7d:b1:46:43:1e:1a:84:06:b2:9f:5e:06:7d:bd:
         9d:93:68:0d:78:55:c8:b3:fc:c4:0c:62:33:12:ed:f6:30:01:
         f7:94:27:ad:10:85:ad:e6:68:fa:a5:3c:e7:28:4b:36:d0:4f:
         4e:91:3b:dc:39:6e:ec:51:54:8a:59:46:6b:bd:07:e2:b1:f1:
         77:3d:b5:44:bf:dd:e2:c6:69:34:39:7a:0d:32:e6:20:06:c1:
         c2:5c:2b:5e:57:e3:64:79:81:a5:e4:a9:9f:f6:8e:13:d0:65:
         7c:9e:d6:72:b4:fb:71:73:b9:97:16:52:b2:e6:09:19:6d:aa:
         50:0f:1a:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIArxOYCuSBUiOfQoNTVbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjQwMTAyMDIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTUwOTk2NjY2ZjcxMmRkMzdhNjRiYmJiMmNlYTk1YzY5ODhjOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsml9KFSAaKPqygCN9gphixo8BIvF
GKZICKS8fZXzDnezQkcfMnSP59FHyEFOAmJc253XVOgTy4rqE9CxxLIt/a0cm1N6
S3voP9plERPOZrRN7K0IbCb5HcPNhn546wAZ5e4LEUyEAg92yCzPM9lup3dtDZwc
LIUwwIYwj3ghL2igWXcQS5gQhHub9fXVyqpW0xltiH6voQyXO2xNfCk3gen91Pxs
Yd+a8uUWCOotC+1G79PId0hAdMjJ5zijT0Op3T2EK4sIXii/qD/j8iqRIPk8qjEq
4PRJQWsPdWy0gxbXv8VNM73gXQ+hSw0fgfIRlXrJl+/xvooK5FvJHqkXkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBpQmWZm9xLdN6ZLu7LOqVxpiMkKMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvR2xDWlptYjNFdDAzcGt1N3NzNnBYR21JeVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwStPAwQA
wStbAwQAwfJqAwQAwfJtMA0GCSqGSIb3DQEBCwUAA4IBAQBofaMk0xB2R/8DINNh
NPTJDA6mOlbkZHxwooJqgz0TucDHdGBHKTI9co71MzX6ACpN118GLwXNme+smNjn
+rX0ciF0x7LvNkRtgqJzd31ov6eE/QdFTNuQCtwSpEjBmTJkp6TSJZ6TTnrdUO16
r5sA4/xJmDk7yBEQSA/bK2lr1697fbFGQx4ahAayn14Gfb2dk2gNeFXIs/zEDGIz
Eu32MAH3lCetEIWt5mj6pTznKEs20E9OkTvcOW7sUVSKWUZrvQfisfF3PbVEv93i
xmk0OXoNMuYgBsHCXCteV+NkeYGl5Kmf9o4T0GV8ntZytPtxc7mXFlKy5gkZbapQ
DxoW
-----END CERTIFICATE-----
Generated at Sat Oct 19 13:44:27 2024 by rpki-client on console-fra.rpki-client.org