Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/GSsAOpGXh5UxQexqEyd02y0gTqo.roa
File:                     GSsAOpGXh5UxQexqEyd02y0gTqo.roa (raw, json)
Hash identifier:          hgDRIO33sZGe7YZqNDJVY57Grp5ZyfwRDP2qAaAJjO8=
Subject key identifier:   19:2B:00:3A:91:97:87:95:31:41:EC:6A:13:27:74:DB:2D:20:4E:AA
Certificate issuer:       /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial:       01856F547CE4196BEF8C9D90967D09D76AC7
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/GSsAOpGXh5UxQexqEyd02y0gTqo.roa
Signing time:             Sun 01 Jan 2023 21:54:45 +0000
ROA not before:           Sun 01 Jan 2023 21:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50330
IP address blocks:        213.244.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:7c:e4:19:6b:ef:8c:9d:90:96:7d:09:d7:6a:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
        Validity
            Not Before: Jan  1 21:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=192b003a919787953141ec6a132774db2d204eaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:51:3a:57:ac:8c:1c:a3:b9:46:a3:a5:cd:3a:
                    a8:92:7a:6b:1a:69:60:c4:98:a7:e1:05:db:16:ae:
                    c3:91:82:89:d6:05:f6:a5:c9:e1:e8:ab:8f:b9:e7:
                    dd:88:c9:8a:6b:42:25:02:40:41:44:4a:d9:0e:4d:
                    8b:81:c7:f7:97:06:df:1f:ad:65:da:d1:0d:5f:24:
                    34:ad:f8:0b:ae:08:ec:f7:4b:0d:ff:88:95:71:07:
                    71:67:4d:60:fd:06:e9:74:75:ee:30:27:47:0b:5d:
                    f4:ab:b9:4c:c1:dd:d9:65:f4:ad:1e:e8:00:4f:3c:
                    04:19:0c:8f:4c:88:7f:26:5e:d3:de:e2:a1:62:5a:
                    e2:2f:ee:29:96:a2:5e:f0:7a:f4:8f:a2:7b:2a:a8:
                    24:17:a7:38:02:ab:c8:51:f2:cb:08:b6:30:c5:f4:
                    27:17:7e:b1:b7:8d:94:1f:14:71:1f:d2:ee:68:a0:
                    f6:8a:c6:c5:2f:03:8d:bc:e7:6c:da:5e:be:15:b6:
                    22:90:df:7b:24:8c:23:03:a6:2c:93:e0:b1:7b:d6:
                    9a:11:63:d8:88:ec:db:a3:48:8e:4e:1e:08:09:5a:
                    f1:cc:ae:15:70:f9:56:99:38:08:67:9e:26:11:de:
                    6e:b7:be:e5:b9:5e:6f:78:2c:57:90:3a:be:c5:a3:
                    b9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:2B:00:3A:91:97:87:95:31:41:EC:6A:13:27:74:DB:2D:20:4E:AA
            X509v3 Authority Key Identifier:
                keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/GSsAOpGXh5UxQexqEyd02y0gTqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.244.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:16:1a:37:51:08:c7:b0:d5:3a:2c:40:9f:2c:b4:1e:59:9a:
         d7:60:ab:83:5b:77:84:7f:a9:cb:0a:87:2b:17:16:a9:b1:d0:
         34:92:76:56:07:72:28:12:5b:b9:0d:f4:42:ab:e3:47:97:dc:
         9c:6f:6a:07:71:dd:a4:99:30:e6:89:68:aa:93:3c:c9:04:e7:
         67:85:15:ab:6f:fe:07:1e:26:46:7c:f6:39:9e:37:f1:df:38:
         32:4b:4f:71:1e:68:b2:d9:ed:a2:72:bb:4e:f3:aa:48:d8:d2:
         89:ad:68:ca:ea:c7:d0:b3:6d:4f:93:5d:f5:04:d2:dd:28:ab:
         9c:82:e4:6d:cf:05:96:03:a4:b9:27:72:77:6d:fa:70:4a:e1:
         b4:fd:f7:1b:c8:75:c3:f8:06:a0:36:aa:f7:0e:f3:d7:d9:06:
         1c:a5:8a:d2:ef:91:7a:12:06:13:77:96:8a:8f:1f:84:05:23:
         4b:b0:1c:e6:3f:a1:3a:5e:ae:58:58:5a:22:a4:69:6f:73:5b:
         79:03:20:f2:79:e8:05:06:c3:88:f6:6b:76:95:d3:bb:78:3e:
         b4:84:c9:17:7a:98:cc:84:4e:4a:66:27:e9:af:7d:78:fd:f5:
         70:e0:0a:56:28:b8:af:f2:38:59:f2:4b:31:75:02:11:2f:bb:
         63:9c:7b:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVHzkGWvvjJ2Qln0J12rHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjMwMTAxMjE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJiMDAzYTkxOTc4Nzk1MzE0MWVjNmExMzI3NzRkYjJkMjA0ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglE6V6yMHKO5RqOlzTqoknprGmlg
xJin4QXbFq7DkYKJ1gX2pcnh6KuPuefdiMmKa0IlAkBBRErZDk2Lgcf3lwbfH61l
2tENXyQ0rfgLrgjs90sN/4iVcQdxZ01g/QbpdHXuMCdHC130q7lMwd3ZZfStHugA
TzwEGQyPTIh/Jl7T3uKhYlriL+4plqJe8Hr0j6J7KqgkF6c4AqvIUfLLCLYwxfQn
F36xt42UHxRxH9LuaKD2isbFLwONvOds2l6+FbYikN97JIwjA6Ysk+Cxe9aaEWPY
iOzbo0iOTh4ICVrxzK4VcPlWmTgIZ54mEd5ut77luV5veCxXkDq+xaO5HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkrADqRl4eVMUHsahMndNstIE6qMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvR1NzQU9wR1hoNVV4UWV4cUV5ZDAyeTBnVHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1fR5MA0G
CSqGSIb3DQEBCwUAA4IBAQCWFho3UQjHsNU6LECfLLQeWZrXYKuDW3eEf6nLCocr
FxapsdA0knZWB3IoElu5DfRCq+NHl9ycb2oHcd2kmTDmiWiqkzzJBOdnhRWrb/4H
HiZGfPY5njfx3zgyS09xHmiy2e2icrtO86pI2NKJrWjK6sfQs21Pk131BNLdKKuc
guRtzwWWA6S5J3J3bfpwSuG0/fcbyHXD+AagNqr3DvPX2QYcpYrS75F6EgYTd5aK
jx+EBSNLsBzmP6E6Xq5YWFoipGlvc1t5AyDyeegFBsOI9mt2ldO7eD60hMkXepjM
hE5KZifpr314/fVw4ApWKLiv8jhZ8ksxdQIRL7tjnHsb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:09 2024 by rpki-client on console-ams.rpki-client.org