Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1GHVPgaoPB8ofbjdY9rj__6NG-I.roa
File:                     1GHVPgaoPB8ofbjdY9rj__6NG-I.roa (raw, json)
Hash identifier:          YGCjT6oDMkkGFx7wCDYb7OLXHvQS5SHRhmhlNcYs1To=
Subject key identifier:   D4:61:D5:3E:06:A8:3C:1F:28:7D:B8:DD:63:DA:E3:FF:FE:8D:1B:E2
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       01856C5CB3C1B427BEC8081F06990E0DE053
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1GHVPgaoPB8ofbjdY9rj__6NG-I.roa
Signing time:             Sun 01 Jan 2023 08:04:52 +0000
ROA not before:           Sun 01 Jan 2023 08:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397221
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:5c:b3:c1:b4:27:be:c8:08:1f:06:99:0e:0d:e0:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 08:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d461d53e06a83c1f287db8dd63dae3fffe8d1be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:83:6d:aa:64:88:db:5a:d7:e4:75:12:d9:b7:
                    f5:d5:aa:00:ab:7b:68:e7:ef:2d:17:85:9e:84:a5:
                    bb:0f:4a:f1:81:f8:fc:3c:7d:f0:00:38:53:55:6f:
                    a2:53:65:f0:5c:d3:2c:0a:6b:41:70:7b:37:4c:36:
                    4b:66:1b:91:63:0b:59:34:30:4d:50:b5:59:32:ee:
                    40:96:a0:6d:fb:93:99:5f:dd:7f:35:d9:c6:d4:dd:
                    29:42:1b:ff:07:16:81:ad:ee:d3:02:8a:8a:4f:74:
                    3b:53:98:72:8b:bc:4c:e7:b1:ed:05:4d:54:23:5f:
                    fc:79:f9:60:d4:65:14:6b:8e:1f:77:14:f0:88:f6:
                    e6:a2:20:de:f6:50:50:d8:8c:4d:51:c0:97:61:50:
                    9a:c6:92:17:15:f4:c8:c0:c8:27:d6:f1:72:37:b2:
                    cb:bb:81:64:30:90:d3:76:54:c6:3a:fa:de:a6:a4:
                    6b:b6:2c:52:d4:bb:77:93:7e:57:07:d8:d7:69:50:
                    4e:0e:9f:a0:fe:50:ef:aa:c1:a7:c6:86:a8:81:6e:
                    b5:8f:a2:d8:ec:5f:35:f2:34:84:62:af:7a:b0:97:
                    fa:cf:20:97:1a:c6:79:69:f1:7c:68:0e:92:11:fe:
                    28:00:20:59:e0:b0:b8:6b:f6:35:bd:70:d1:db:2a:
                    46:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:61:D5:3E:06:A8:3C:1F:28:7D:B8:DD:63:DA:E3:FF:FE:8D:1B:E2
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1GHVPgaoPB8ofbjdY9rj__6NG-I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:f3:a8:d0:10:2f:6b:85:8d:01:51:67:31:73:98:1f:1d:be:
         bb:6c:23:7b:1e:84:f9:01:e4:19:73:4f:b1:2d:73:f7:96:e4:
         f0:23:bc:14:0b:a8:09:60:5b:54:4d:8a:34:51:22:6d:7d:4a:
         c6:9a:ce:03:90:0a:11:fa:0c:f3:d7:cf:1c:fd:80:1d:87:89:
         05:36:95:2b:0b:ae:bb:a9:46:5a:d0:0a:41:93:49:e0:77:3a:
         0f:e4:0e:17:a4:74:5a:56:6b:83:1c:15:41:27:d3:cf:b5:cc:
         de:86:8e:ec:fe:ea:11:36:ed:42:8e:a7:0c:0d:1f:34:84:c3:
         55:05:1d:38:63:dc:d0:20:ab:52:40:7d:84:38:4d:c5:d6:27:
         57:26:ed:b7:0c:a6:6e:61:97:7d:c0:3a:f3:2a:93:b4:0a:91:
         4e:01:e5:98:2f:40:7e:58:4e:7f:ed:e0:51:38:23:74:b4:72:
         6a:7b:b4:42:82:f1:0d:d6:30:b0:f8:d0:bc:32:84:03:d4:46:
         0f:c0:bf:9c:d2:d3:4e:43:91:d9:14:26:7f:bd:c0:41:8c:e2:
         f2:90:f7:b1:d3:2a:14:02:f2:7c:c6:7d:83:96:3f:32:ec:7c:
         1f:4a:f1:27:f3:13:52:26:7d:82:67:44:b6:1c:a0:80:9e:e4:
         16:60:63:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLPBtCe+yAgfBpkODeBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDYxZDUzZTA2YTgzYzFmMjg3ZGI4ZGQ2M2RhZTNmZmZlOGQxYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsINtqmSI21rX5HUS2bf11aoAq3to
5+8tF4WehKW7D0rxgfj8PH3wADhTVW+iU2XwXNMsCmtBcHs3TDZLZhuRYwtZNDBN
ULVZMu5AlqBt+5OZX91/NdnG1N0pQhv/BxaBre7TAoqKT3Q7U5hyi7xM57HtBU1U
I1/8eflg1GUUa44fdxTwiPbmoiDe9lBQ2IxNUcCXYVCaxpIXFfTIwMgn1vFyN7LL
u4FkMJDTdlTGOvrepqRrtixS1Lt3k35XB9jXaVBODp+g/lDvqsGnxoaogW61j6LY
7F818jSEYq96sJf6zyCXGsZ5afF8aA6SEf4oACBZ4LC4a/Y1vXDR2ypGkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNRh1T4GqDwfKH243WPa4//+jRviMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvMUdIVlBnYW9QQjhvZmJqZFk5cmpfXzZORy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBV86jQEC9rhY0BUWcx
c5gfHb67bCN7HoT5AeQZc0+xLXP3luTwI7wUC6gJYFtUTYo0USJtfUrGms4DkAoR
+gzz188c/YAdh4kFNpUrC667qUZa0ApBk0ngdzoP5A4XpHRaVmuDHBVBJ9PPtcze
ho7s/uoRNu1CjqcMDR80hMNVBR04Y9zQIKtSQH2EOE3F1idXJu23DKZuYZd9wDrz
KpO0CpFOAeWYL0B+WE5/7eBROCN0tHJqe7RCgvEN1jCw+NC8MoQD1EYPwL+c0tNO
Q5HZFCZ/vcBBjOLykPex0yoUAvJ8xn2Dlj8y7HwfSvEn8xNSJn2CZ0S2HKCAnuQW
YGMA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:24 2024 by rpki-client on console-fra.rpki-client.org