Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/gomMCSk2mxx-8h83vXwuyMM4C60.roa
File:                     gomMCSk2mxx-8h83vXwuyMM4C60.roa (raw, json)
Hash identifier:          +7nuRwCbmslJs26X3IxKEr4RtBH1z9Sp/PhMnUgRiSk=
Subject key identifier:   82:89:8C:09:29:36:9B:1C:7E:F2:1F:37:BD:7C:2E:C8:C3:38:0B:AD
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01896499DC4D9CDD518FBD071A67339F23AD
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/gomMCSk2mxx-8h83vXwuyMM4C60.roa
Signing time:             Mon 17 Jul 2023 16:05:52 +0000
ROA not before:           Mon 17 Jul 2023 16:05:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49505
IP address blocks:        45.85.66.0/24 maxlen: 24
                          91.230.38.0/24 maxlen: 24
                          91.230.39.0/24 maxlen: 24
                          195.245.103.0/24 maxlen: 24
                          194.32.222.0/24 maxlen: 24
                          45.144.37.0/24 maxlen: 24
                          92.249.15.0/24 maxlen: 24
                          92.249.12.0/24 maxlen: 24
                          194.55.105.0/24 maxlen: 24
                          194.55.102.0/24 maxlen: 24
                          109.196.172.0/24 maxlen: 24
                          45.152.226.0/24 maxlen: 24
                          45.152.224.0/24 maxlen: 24
                          91.220.81.0/24 maxlen: 24
                          45.154.163.0/24 maxlen: 24
                          45.154.160.0/24 maxlen: 24
                          45.154.161.0/24 maxlen: 24
                          91.191.184.0/24 maxlen: 24
                          194.156.93.0/24 maxlen: 24
                          45.94.20.0/24 maxlen: 24
                          45.155.61.0/24 maxlen: 24
                          45.141.197.0/24 maxlen: 24
                          45.150.60.0/24 maxlen: 24
                          45.150.61.0/24 maxlen: 24
                          45.146.230.0/24 maxlen: 24
                          45.146.231.0/24 maxlen: 24
                          194.61.77.0/24 maxlen: 24
                          45.148.240.0/24 maxlen: 24
                          45.148.241.0/24 maxlen: 24
                          45.148.242.0/24 maxlen: 24
                          45.147.0.0/24 maxlen: 24
                          45.145.88.0/24 maxlen: 24
                          45.145.89.0/24 maxlen: 24
                          45.145.91.0/24 maxlen: 24
                          193.150.99.0/24 maxlen: 24
                          109.94.210.0/24 maxlen: 24
                          91.221.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 19:28:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:99:dc:4d:9c:dd:51:8f:bd:07:1a:67:33:9f:23:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 16:05:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82898c0929369b1c7ef21f37bd7c2ec8c3380bad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:82:38:27:e8:36:cd:7a:dd:f6:fa:77:2d:fd:
                    d5:39:36:bb:16:0d:88:01:e7:5a:e0:a2:66:b5:68:
                    68:10:8b:a3:d4:9e:3a:b7:7c:7f:83:72:f1:85:4c:
                    00:85:1a:fa:75:2f:ac:b1:67:a1:03:75:8d:f1:c6:
                    e1:f4:c7:e1:5e:5b:99:cb:01:67:4e:e2:d9:cb:ab:
                    d3:aa:98:5b:fb:eb:88:39:c3:d9:02:37:21:b0:29:
                    9e:5d:56:dc:da:7a:20:5c:bc:e2:f2:76:51:54:bc:
                    74:f9:35:c5:8c:af:28:0b:f2:c5:3e:d7:09:e0:bf:
                    ee:ab:2f:c5:94:c0:a9:16:a1:1b:28:c6:2d:a3:9b:
                    96:15:13:26:42:48:be:2c:1c:79:11:e2:18:cf:37:
                    bd:8f:dc:c5:2c:1c:5f:07:a8:c2:b5:63:75:cb:78:
                    67:14:32:de:65:0c:2b:d7:ee:6d:85:28:63:2f:db:
                    7b:88:c7:ae:cf:55:c9:03:89:7e:93:d8:49:a5:f6:
                    05:0f:4b:09:1a:9e:e7:80:d2:b5:40:51:dc:2a:21:
                    5a:ff:e8:e0:47:84:2e:5b:c8:eb:0c:b3:ff:ab:4e:
                    f8:0c:41:93:55:ce:e6:2a:2f:05:76:f8:8d:74:37:
                    19:b7:23:ca:6a:4d:9f:b3:f5:db:99:06:9a:2f:97:
                    27:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:89:8C:09:29:36:9B:1C:7E:F2:1F:37:BD:7C:2E:C8:C3:38:0B:AD
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/gomMCSk2mxx-8h83vXwuyMM4C60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.66.0/24
                  45.94.20.0/24
                  45.141.197.0/24
                  45.144.37.0/24
                  45.145.88.0/23
                  45.145.91.0/24
                  45.146.230.0/23
                  45.147.0.0/24
                  45.148.240.0-45.148.242.255
                  45.150.60.0/23
                  45.152.224.0/24
                  45.152.226.0/24
                  45.154.160.0/23
                  45.154.163.0/24
                  45.155.61.0/24
                  91.191.184.0/24
                  91.220.81.0/24
                  91.221.39.0/24
                  91.230.38.0/23
                  92.249.12.0/24
                  92.249.15.0/24
                  109.94.210.0/24
                  109.196.172.0/24
                  193.150.99.0/24
                  194.32.222.0/24
                  194.55.102.0/24
                  194.55.105.0/24
                  194.61.77.0/24
                  194.156.93.0/24
                  195.245.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:b9:3b:d8:30:a4:3d:d2:d9:ac:1f:24:c5:98:56:ea:d6:e4:
         cd:b3:bf:02:c0:6d:23:fb:66:d5:31:22:a0:b8:ca:af:6c:53:
         88:d3:75:a0:0b:f8:7b:20:a9:50:8c:bb:c1:b8:e0:40:82:a7:
         3e:a6:68:43:6c:a2:8f:86:7b:79:79:19:9c:82:2f:55:b5:9f:
         12:1f:ea:11:66:fe:74:e2:57:ae:23:aa:16:8f:1d:8a:b8:b9:
         ef:1f:c3:2d:bb:53:1e:3a:7b:05:8b:9c:1b:66:91:a6:14:a8:
         a7:16:63:6b:a3:e8:a6:35:69:0c:4a:d0:d8:14:e9:5c:06:27:
         40:7e:0a:ab:3c:d6:9e:3b:49:4b:46:bb:6a:a1:40:22:48:7f:
         60:12:f1:82:45:d5:aa:93:94:22:ff:82:b4:1e:57:87:2b:63:
         e7:00:e9:9c:d7:64:82:09:8a:65:d1:7b:9c:cb:8d:9e:62:1e:
         7b:1e:ee:de:66:5c:54:ff:9a:55:4d:64:19:02:af:5c:e0:cc:
         69:a1:c9:b5:37:31:56:d6:47:46:f9:14:f1:83:76:95:a5:47:
         a1:d4:5f:28:38:17:2d:96:11:1f:74:74:21:8b:1a:2f:4d:8d:
         d2:da:e2:72:f2:11:76:22:cb:ee:5d:c3:29:f8:c9:8d:9a:90:
         63:74:4e:9e
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYlkmdxNnN1Rj70HGmcznyOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTYwNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg5OGMwOTI5MzY5YjFjN2VmMjFmMzdiZDdjMmVjOGMzMzgwYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYI4J+g2zXrd9vp3Lf3VOTa7Fg2I
Aeda4KJmtWhoEIuj1J46t3x/g3LxhUwAhRr6dS+ssWehA3WN8cbh9MfhXluZywFn
TuLZy6vTqphb++uIOcPZAjchsCmeXVbc2nogXLzi8nZRVLx0+TXFjK8oC/LFPtcJ
4L/uqy/FlMCpFqEbKMYto5uWFRMmQki+LBx5EeIYzze9j9zFLBxfB6jCtWN1y3hn
FDLeZQwr1+5thShjL9t7iMeuz1XJA4l+k9hJpfYFD0sJGp7ngNK1QFHcKiFa/+jg
R4QuW8jrDLP/q074DEGTVc7mKi8FdviNdDcZtyPKak2fs/XbmQaaL5cnhwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFIKJjAkpNpscfvIfN718LsjDOAutMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvZ29tTUNTazJteHgtOGg4M3ZYd3V5TU00QzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAt
VUIDBAAtXhQDBAAtjcUDBAAtkCUDBAEtkVgDBAAtkVsDBAEtkuYDBAAtkwAwDAME
BC2U8AMEAC2U8gMEAS2WPAMEAC2Y4AMEAC2Y4gMEAS2aoAMEAC2aowMEAC2bPQME
AFu/uAMEAFvcUQMEAFvdJwMEAVvmJgMEAFz5DAMEAFz5DwMEAG1e0gMEAG3ErAME
AMGWYwMEAMIg3gMEAMI3ZgMEAMI3aQMEAMI9TQMEAMKcXQMEAMP1ZzANBgkqhkiG
9w0BAQsFAAOCAQEAIrk72DCkPdLZrB8kxZhW6tbkzbO/AsBtI/tm1TEioLjKr2xT
iNN1oAv4eyCpUIy7wbjgQIKnPqZoQ2yij4Z7eXkZnIIvVbWfEh/qEWb+dOJXriOq
Fo8diri57x/DLbtTHjp7BYucG2aRphSopxZja6PopjVpDErQ2BTpXAYnQH4KqzzW
njtJS0a7aqFAIkh/YBLxgkXVqpOUIv+CtB5Xhytj5wDpnNdkggmKZdF7nMuNnmIe
ex7u3mZcVP+aVU1kGQKvXODMaaHJtTcxVtZHRvkU8YN2laVHodRfKDgXLZYRH3R0
IYsaL02N0tricvIRdiLL7l3DKfjJjZqQY3ROng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org