Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa
File:                     gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa (raw, json)
Hash identifier:          ihLpsFXP5uvDrTCY76pQ2cz2HiPUdX3KZ1QUTWG0+1A=
Subject key identifier:   83:34:95:81:B9:EA:06:91:AE:D9:05:02:ED:68:BC:73:5D:4C:DD:58
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018BCCC139AE8183084C1B265261EBAB6E1D
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa
Signing time:             Tue 14 Nov 2023 07:34:57 +0000
ROA not before:           Tue 14 Nov 2023 07:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        188.191.98.0/24 maxlen: 24
                          91.225.227.0/24 maxlen: 24
                          188.191.103.0/24 maxlen: 24
                          188.191.101.0/24 maxlen: 24
                          188.191.110.0/24 maxlen: 24
                          188.191.109.0/24 maxlen: 24
                          91.225.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:cc:c1:39:ae:81:83:08:4c:1b:26:52:61:eb:ab:6e:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Nov 14 07:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83349581b9ea0691aed90502ed68bc735d4cdd58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a4:5e:6d:aa:d1:70:e0:67:23:5d:52:a6:f4:
                    59:52:06:7c:60:77:48:72:cc:d6:28:f3:a9:e1:7b:
                    54:a0:bd:0b:7f:77:f7:09:51:5f:ba:53:8a:19:09:
                    7d:7b:84:ed:83:b2:37:0e:b2:e0:d2:f0:3a:e7:76:
                    db:a6:3c:2c:56:8b:04:b8:42:bf:33:1a:61:4c:6a:
                    e4:92:53:79:96:90:c8:a2:09:7d:e8:46:77:c6:cf:
                    32:be:98:57:47:d9:e0:b7:d3:74:97:4b:f3:e9:47:
                    1f:e4:c1:80:3d:56:0b:9e:14:0a:2a:32:d7:b9:e9:
                    42:35:59:61:4a:98:3f:70:de:98:fb:59:87:1c:c5:
                    d0:12:c8:8f:0c:05:bc:aa:f7:04:46:3b:bc:2b:a4:
                    8e:3e:c2:bc:72:31:27:fa:19:f8:70:60:3c:04:b0:
                    c5:e2:a0:35:ac:0d:01:b8:4e:75:a7:41:1b:20:21:
                    ac:e2:ee:a4:73:2a:63:8d:64:d5:7a:fa:24:50:3d:
                    1d:98:ac:20:57:a8:28:ec:40:43:73:47:f6:f3:03:
                    d0:3a:0c:f1:46:72:f3:ab:11:81:6b:71:e9:da:a7:
                    8f:14:6f:98:d1:87:10:7d:14:01:44:59:70:fe:d9:
                    9b:78:0f:a3:05:b9:d1:47:8a:0e:55:db:59:c9:8a:
                    28:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:34:95:81:B9:EA:06:91:AE:D9:05:02:ED:68:BC:73:5D:4C:DD:58
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.226.0/23
                  188.191.98.0/24
                  188.191.101.0/24
                  188.191.103.0/24
                  188.191.109.0-188.191.110.255

    Signature Algorithm: sha256WithRSAEncryption
         48:5a:fa:19:b5:8e:3b:aa:26:4a:2c:6a:f9:54:cd:3a:5d:71:
         3c:37:1c:b3:5e:69:1d:b1:97:b4:64:ac:c5:d5:53:e2:5c:c5:
         ae:bd:93:5b:3e:21:55:f2:a9:97:31:7f:7d:74:d3:81:50:d2:
         ee:ce:09:eb:1c:34:93:88:9a:49:07:36:6b:78:5d:e2:e0:46:
         51:2c:7d:ac:fe:af:78:6b:7a:01:55:6d:91:e1:7b:59:df:6a:
         5f:a3:0d:d0:20:21:cc:a7:0a:d4:30:aa:80:58:c5:f5:d3:fb:
         e5:3e:0b:1e:f1:2c:d5:6d:03:38:63:45:b4:76:ae:02:b3:b3:
         5b:e0:cb:c8:7e:33:0f:bb:ad:47:02:da:cd:b2:5e:0e:3e:ab:
         64:5d:82:44:9e:d2:c8:07:bf:90:e2:cc:58:7a:75:4b:e9:91:
         16:5b:27:55:63:5e:6a:89:72:34:a1:ad:62:7d:92:ce:6d:71:
         62:f5:6c:29:93:1e:be:5d:9f:c9:93:cf:e3:a4:ba:7c:f3:e8:
         19:80:7f:a3:cc:fe:c9:82:c2:c2:42:8f:db:c7:8a:f5:59:22:
         3a:c5:31:6d:f1:06:55:1f:17:ad:41:97:c5:d8:a5:cf:48:11:
         7d:c0:b3:ed:35:10:c7:cb:d9:b0:42:a9:0f:8e:0f:2d:81:ab:
         8b:94:98:6f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYvMwTmugYMITBsmUmHrq24dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMxMTE0MDczNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM0OTU4MWI5ZWEwNjkxYWVkOTA1MDJlZDY4YmM3MzVkNGNkZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aRebarRcOBnI11SpvRZUgZ8YHdI
cszWKPOp4XtUoL0Lf3f3CVFfulOKGQl9e4Ttg7I3DrLg0vA653bbpjwsVosEuEK/
MxphTGrkklN5lpDIogl96EZ3xs8yvphXR9ngt9N0l0vz6Ucf5MGAPVYLnhQKKjLX
uelCNVlhSpg/cN6Y+1mHHMXQEsiPDAW8qvcERju8K6SOPsK8cjEn+hn4cGA8BLDF
4qA1rA0BuE51p0EbICGs4u6kcypjjWTVevokUD0dmKwgV6go7EBDc0f28wPQOgzx
RnLzqxGBa3Hp2qePFG+Y0YcQfRQBRFlw/tmbeA+jBbnRR4oOVdtZyYooaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIM0lYG56gaRrtkFAu1ovHNdTN1YMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZ3pTVmdibnFCcEd1MlFVQzdXaThjMTFNM1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBW+HiAwQA
vL9iAwQAvL9lAwQAvL9nMAwDBAC8v20DBAC8v24wDQYJKoZIhvcNAQELBQADggEB
AEha+hm1jjuqJkosavlUzTpdcTw3HLNeaR2xl7RkrMXVU+Jcxa69k1s+IVXyqZcx
f31004FQ0u7OCescNJOImkkHNmt4XeLgRlEsfaz+r3hregFVbZHhe1nfal+jDdAg
IcynCtQwqoBYxfXT++U+Cx7xLNVtAzhjRbR2rgKzs1vgy8h+Mw+7rUcC2s2yXg4+
q2RdgkSe0sgHv5DizFh6dUvpkRZbJ1VjXmqJcjShrWJ9ks5tcWL1bCmTHr5dn8mT
z+Okunzz6BmAf6PM/smCwsJCj9vHivVZIjrFMW3xBlUfF61Bl8XYpc9IEX3As+01
EMfL2bBCqQ+ODy2Bq4uUmG8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org