Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/GsmZn2FjCPOYQCUb09R0yjEvnxw.roa
File:                     GsmZn2FjCPOYQCUb09R0yjEvnxw.roa (raw, json)
Hash identifier:          Ln5PADajeFG7UI4UnH/f+Cs9nnojzqwkoBB9gymq49c=
Subject key identifier:   1A:C9:99:9F:61:63:08:F3:98:40:25:1B:D3:D4:74:CA:31:2F:9F:1C
Certificate issuer:       /CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Certificate serial:       018AF532EDD57DBB8BC982F60181F954CC61
Authority key identifier: 46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/GsmZn2FjCPOYQCUb09R0yjEvnxw.roa
Signing time:             Tue 03 Oct 2023 11:01:10 +0000
ROA not before:           Tue 03 Oct 2023 11:01:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60607
IP address blocks:        185.28.160.0/24 maxlen: 24
                          185.28.163.0/24 maxlen: 24
                          185.28.162.0/24 maxlen: 24
                          185.28.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f5:32:ed:d5:7d:bb:8b:c9:82:f6:01:81:f9:54:cc:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46815ca15d72a5a696f8bcdf486f5801966772bb
        Validity
            Not Before: Oct  3 11:01:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ac9999f616308f39840251bd3d474ca312f9f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0c:ce:47:57:84:43:35:6e:67:c1:31:09:45:
                    75:55:a3:fb:3a:20:17:47:a0:3f:85:2b:fb:49:96:
                    e3:5e:bb:21:77:57:2a:3c:35:40:a6:58:db:4a:d5:
                    1f:ad:1d:31:16:d4:a3:94:1b:41:2e:e2:78:46:ca:
                    d8:c6:98:e0:2f:73:cc:9c:74:db:a7:a9:ae:ff:f3:
                    41:5d:20:c3:41:77:f3:3b:bb:24:99:47:c0:26:56:
                    44:95:0d:df:33:99:ec:00:ea:4c:04:31:61:01:05:
                    ae:29:24:f7:91:11:e8:45:be:ca:82:91:0d:16:29:
                    02:ec:a6:45:b7:9c:19:4a:f1:35:71:12:46:c0:52:
                    60:d8:8c:42:36:09:55:e4:69:38:ad:3c:e6:33:2e:
                    a2:8a:17:2b:8b:6d:7b:89:26:c0:4d:03:a9:ff:1d:
                    22:0a:b4:5c:c3:99:95:c5:d1:77:f6:75:99:b4:b3:
                    ae:6f:bf:ae:ed:14:59:a9:e7:08:3e:2c:ac:8b:a7:
                    48:a1:63:14:65:cb:9f:06:74:b4:f6:6d:fa:d2:3c:
                    d5:8a:a4:39:64:6e:1e:a2:aa:fb:0f:6f:ea:5e:87:
                    6d:85:08:9b:6f:2b:22:46:03:d4:46:89:be:87:de:
                    c2:fb:96:05:bf:ae:3a:ec:a8:52:73:45:74:76:62:
                    3b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:C9:99:9F:61:63:08:F3:98:40:25:1B:D3:D4:74:CA:31:2F:9F:1C
            X509v3 Authority Key Identifier:
                keyid:46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/GsmZn2FjCPOYQCUb09R0yjEvnxw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.28.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e1:5e:bb:2a:e2:f9:6f:de:0c:80:90:09:7e:a0:9d:2c:db:15:
         e1:36:4d:13:62:d1:5f:55:57:7b:cf:a6:ca:30:d7:c6:b6:c8:
         1a:02:29:f4:3d:96:f4:dc:24:39:e4:02:c5:21:cb:33:2c:74:
         c2:68:a6:2b:a1:8a:91:ad:a1:39:07:2f:37:b6:50:03:7b:8d:
         2a:10:f4:15:95:68:64:16:a4:b3:f3:94:4d:ba:b9:a8:a6:32:
         f8:d2:77:af:10:bb:65:df:89:56:fe:f0:ab:14:5f:a0:f3:96:
         7a:d9:4b:91:16:15:01:68:be:eb:a8:e0:90:26:8b:83:d2:f0:
         8f:e9:1a:03:b3:83:68:1d:c8:c5:e2:a5:e4:2b:c1:fb:69:5a:
         fb:e0:13:d7:3c:c6:d3:ec:f1:be:a5:b1:4a:45:fe:8b:97:15:
         96:b9:a0:1c:17:76:4f:9f:b9:65:c4:27:70:13:cb:a6:71:9b:
         66:c1:df:56:2f:32:d8:a9:17:53:e1:34:28:9d:a9:13:15:85:
         fe:76:a8:0d:09:82:48:e3:35:8d:36:2e:f6:c7:73:e8:fe:b4:
         b1:1e:1e:eb:3f:8c:cf:11:ea:2f:2d:0d:21:04:0f:ec:d1:4b:
         ae:7e:68:b3:43:09:41:4b:f6:e1:80:2e:b2:54:ea:e7:bd:7f:
         4b:e8:f9:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1Mu3VfbuLyYL2AYH5VMxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ODE1Y2ExNWQ3MmE1YTY5NmY4YmNkZjQ4NmY1ODAxOTY2
NzcyYmIwHhcNMjMxMDAzMTEwMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM5OTk5ZjYxNjMwOGYzOTg0MDI1MWJkM2Q0NzRjYTMxMmY5ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwzOR1eEQzVuZ8ExCUV1VaP7OiAX
R6A/hSv7SZbjXrshd1cqPDVApljbStUfrR0xFtSjlBtBLuJ4RsrYxpjgL3PMnHTb
p6mu//NBXSDDQXfzO7skmUfAJlZElQ3fM5nsAOpMBDFhAQWuKST3kRHoRb7KgpEN
FikC7KZFt5wZSvE1cRJGwFJg2IxCNglV5Gk4rTzmMy6iihcri217iSbATQOp/x0i
CrRcw5mVxdF39nWZtLOub7+u7RRZqecIPiysi6dIoWMUZcufBnS09m360jzViqQ5
ZG4eoqr7D2/qXodthQibbysiRgPURom+h97C+5YFv6467KhSc0V0dmI7ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrJmZ9hYwjzmEAlG9PUdMoxL58cMB8GA1UdIwQY
MBaAFEaBXKFdcqWmlvi830hvWAGWZ3K7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWIt
ZDM4YTc2NjBiNTFlLzEvR3NtWm4yRmpDUE9ZUUNVYjA5UjB5akV2bnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWItZDM4YTc2NjBiNTFl
LzEvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRygMA0G
CSqGSIb3DQEBCwUAA4IBAQDhXrsq4vlv3gyAkAl+oJ0s2xXhNk0TYtFfVVd7z6bK
MNfGtsgaAin0PZb03CQ55ALFIcszLHTCaKYroYqRraE5By83tlADe40qEPQVlWhk
FqSz85RNurmopjL40nevELtl34lW/vCrFF+g85Z62UuRFhUBaL7rqOCQJouD0vCP
6RoDs4NoHcjF4qXkK8H7aVr74BPXPMbT7PG+pbFKRf6LlxWWuaAcF3ZPn7llxCdw
E8umcZtmwd9WLzLYqRdT4TQonakTFYX+dqgNCYJI4zWNNi72x3Po/rSxHh7rP4zP
EeovLQ0hBA/s0UuufmizQwlBS/bhgC6yVOrnvX9L6Plo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:42 2024 by rpki-client on console-ams.rpki-client.org