Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/GrO3Oseb-sC1HBI9AYTL8U1O9Nw.roa
File:                     GrO3Oseb-sC1HBI9AYTL8U1O9Nw.roa (raw, json)
Hash identifier:          1OlTF09+/jMdK4BaPfR9IgUz1gosLOQkxa/F+GTQYWI=
Subject key identifier:   1A:B3:B7:3A:C7:9B:FA:C0:B5:1C:12:3D:01:84:CB:F1:4D:4E:F4:DC
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018E9F31B040819183DF59027454ED3EBC09
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/GrO3Oseb-sC1HBI9AYTL8U1O9Nw.roa
Signing time:             Tue 02 Apr 2024 14:23:37 +0000
ROA not before:           Tue 02 Apr 2024 14:23:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        31.41.253.0/24 maxlen: 24
                          45.87.124.0/24 maxlen: 24
                          45.87.125.0/24 maxlen: 24
                          45.87.127.0/24 maxlen: 24
                          45.128.124.0/24 maxlen: 24
                          45.128.128.0/24 maxlen: 24
                          62.3.31.0/24 maxlen: 24
                          77.72.84.0/24 maxlen: 24
                          84.252.69.0/24 maxlen: 24
                          88.218.184.0/24 maxlen: 24
                          88.218.185.0/24 maxlen: 24
                          88.218.186.0/24 maxlen: 24
                          88.218.187.0/24 maxlen: 24
                          91.190.158.0/24 maxlen: 24
                          91.239.212.0/24 maxlen: 24
                          91.239.213.0/24 maxlen: 24
                          146.19.120.0/24 maxlen: 24
                          185.214.164.0/24 maxlen: 24
                          194.59.222.0/24 maxlen: 24
                          194.60.76.0/24 maxlen: 24
                          195.64.103.0/24 maxlen: 24
                          212.107.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 19:05:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9f:31:b0:40:81:91:83:df:59:02:74:54:ed:3e:bc:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr  2 14:23:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1ab3b73ac79bfac0b51c123d0184cbf14d4ef4dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f3:b9:16:f7:9a:cc:b3:80:56:fd:01:5a:7e:
                    05:e2:f1:31:ce:35:9c:fd:0f:01:e6:41:eb:09:07:
                    5d:43:98:36:77:fd:7e:c9:9f:f8:58:0f:13:ff:fb:
                    05:23:d4:c4:7a:01:41:85:9c:53:eb:4c:cb:4c:d3:
                    14:39:da:6f:aa:07:b5:56:41:06:f9:25:42:e2:0b:
                    7c:49:b6:88:11:54:39:6c:96:f5:3a:ad:40:d8:53:
                    81:25:2f:d0:ea:44:71:51:5a:75:84:3f:0b:b9:df:
                    b5:26:11:a1:d5:9c:db:7d:ce:23:93:0a:65:27:c3:
                    82:95:f0:af:0e:f0:f7:ce:59:dd:dc:23:75:b6:3d:
                    07:9d:3a:19:6a:7f:83:ce:fc:0c:31:ae:77:53:3f:
                    06:5c:7a:c0:4e:7a:98:ef:ca:4b:b0:51:bf:ca:c1:
                    fe:fa:14:9f:06:76:fc:7f:ea:8b:d9:1b:01:23:91:
                    8d:85:0b:33:6f:15:7c:8f:9e:02:cf:12:aa:d4:f8:
                    ad:aa:50:d5:57:fc:0c:0d:ba:d7:65:19:08:25:61:
                    75:fe:60:9b:91:cf:f6:2d:8e:66:39:eb:fd:8e:d7:
                    ce:37:4d:11:14:10:ae:2b:43:9e:ed:ee:8d:7d:2f:
                    fc:9e:38:2b:9c:ae:05:07:6e:2d:c7:88:85:6c:d3:
                    62:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:B3:B7:3A:C7:9B:FA:C0:B5:1C:12:3D:01:84:CB:F1:4D:4E:F4:DC
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/GrO3Oseb-sC1HBI9AYTL8U1O9Nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.253.0/24
                  45.87.124.0/23
                  45.87.127.0/24
                  45.128.124.0/24
                  45.128.128.0/24
                  62.3.31.0/24
                  77.72.84.0/24
                  84.252.69.0/24
                  88.218.184.0/22
                  91.190.158.0/24
                  91.239.212.0/23
                  146.19.120.0/24
                  185.214.164.0/24
                  194.59.222.0/24
                  194.60.76.0/24
                  195.64.103.0/24
                  212.107.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:2f:23:9e:7e:78:2f:6c:14:54:41:08:50:37:a7:b3:43:a5:
         91:fc:fa:1f:a9:db:58:38:04:93:67:85:c1:8e:53:d8:76:77:
         e5:b5:0c:0c:22:dd:2a:ee:82:e8:3d:2c:09:7a:1e:39:05:60:
         e7:e8:d0:00:ea:63:28:7c:3c:ac:c3:0c:53:90:c9:d3:36:86:
         22:9d:ea:55:28:50:6e:b3:69:0e:6f:f0:6e:d6:d8:55:05:91:
         8f:4a:b6:ab:5a:c1:a0:6d:a3:5f:ea:89:0e:4e:97:47:53:f4:
         27:2f:f2:f1:9f:59:a8:60:11:57:91:19:62:a9:d0:36:ac:0d:
         46:54:69:74:54:06:fa:92:59:97:9a:98:0e:f4:06:c2:7c:fa:
         d4:d9:2e:77:db:6c:df:7d:08:08:ef:ce:53:68:17:0d:50:fd:
         04:20:7f:7a:33:f0:a2:cf:4f:79:18:4f:b0:c6:4f:4e:56:eb:
         2a:ef:77:fc:84:6d:9d:10:00:78:1b:c8:c1:74:56:90:c4:ee:
         47:75:31:98:74:50:28:f3:04:02:2b:0c:d2:1b:21:2a:57:80:
         45:6a:1e:f8:6d:e0:ac:80:13:ec:65:85:87:67:c7:54:60:63:
         58:b4:cc:cc:a7:da:95:d3:60:97:d9:0f:ca:f0:c3:f7:cf:83:
         59:d0:07:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY6fMbBAgZGD31kCdFTtPrwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDAyMTQyMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWIzYjczYWM3OWJmYWMwYjUxYzEyM2QwMTg0Y2JmMTRkNGVmNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPO5FveazLOAVv0BWn4F4vExzjWc
/Q8B5kHrCQddQ5g2d/1+yZ/4WA8T//sFI9TEegFBhZxT60zLTNMUOdpvqge1VkEG
+SVC4gt8SbaIEVQ5bJb1Oq1A2FOBJS/Q6kRxUVp1hD8Lud+1JhGh1Zzbfc4jkwpl
J8OClfCvDvD3zlnd3CN1tj0HnToZan+DzvwMMa53Uz8GXHrATnqY78pLsFG/ysH+
+hSfBnb8f+qL2RsBI5GNhQszbxV8j54CzxKq1PitqlDVV/wMDbrXZRkIJWF1/mCb
kc/2LY5mOev9jtfON00RFBCuK0Oe7e6NfS/8njgrnK4FB24tx4iFbNNiTQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFBqztzrHm/rAtRwSPQGEy/FNTvTcMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvR3JPM09zZWItc0MxSEJJOUFZVEw4VTFPOU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAHyn9AwQB
LVd8AwQALVd/AwQALYB8AwQALYCAAwQAPgMfAwQATUhUAwQAVPxFAwQCWNq4AwQA
W76eAwQBW+/UAwQAkhN4AwQAudakAwQAwjveAwQAwjxMAwQAw0BnAwQA1GsZMA0G
CSqGSIb3DQEBCwUAA4IBAQBfLyOefngvbBRUQQhQN6ezQ6WR/PofqdtYOASTZ4XB
jlPYdnfltQwMIt0q7oLoPSwJeh45BWDn6NAA6mMofDyswwxTkMnTNoYinepVKFBu
s2kOb/Bu1thVBZGPSrarWsGgbaNf6okOTpdHU/QnL/Lxn1moYBFXkRliqdA2rA1G
VGl0VAb6klmXmpgO9AbCfPrU2S5322zffQgI785TaBcNUP0EIH96M/Ciz095GE+w
xk9OVusq73f8hG2dEAB4G8jBdFaQxO5HdTGYdFAo8wQCKwzSGyEqV4BFah74beCs
gBPsZYWHZ8dUYGNYtMzMp9qV02CX2Q/K8MP3z4NZ0AeC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org