Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/GCbycHbk2wbskRl7ThIrcw-vhPA.roa
File:                     GCbycHbk2wbskRl7ThIrcw-vhPA.roa (raw, json)
Hash identifier:          wWzWWRIdfwVKDPyKoCT8PgNEPytm+YY5GeqRrvp/4+E=
Subject key identifier:   18:26:F2:70:76:E4:DB:06:EC:91:19:7B:4E:12:2B:73:0F:AF:84:F0
Certificate issuer:       /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial:       0188A9C26F1A0DC590667A7945870198E899
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/GCbycHbk2wbskRl7ThIrcw-vhPA.roa
Signing time:             Sun 11 Jun 2023 09:21:11 +0000
ROA not before:           Sun 11 Jun 2023 09:21:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49558
IP address blocks:        195.20.137.0/24 maxlen: 24
                          194.4.164.0/22 maxlen: 22
                          91.228.64.0/22 maxlen: 22
                          45.128.224.0/22 maxlen: 22
                          91.213.39.0/24 maxlen: 24
                          2a0e:4240::/29 maxlen: 29
                          2a0d:8540::/29 maxlen: 29
                          2a11:500::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a9:c2:6f:1a:0d:c5:90:66:7a:79:45:87:01:98:e8:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
        Validity
            Not Before: Jun 11 09:21:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1826f27076e4db06ec91197b4e122b730faf84f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ae:0c:12:7e:79:7c:52:da:d1:8c:22:02:76:
                    44:2d:23:b1:76:25:8f:70:30:6b:5c:be:22:a5:80:
                    5c:26:2f:81:5e:ef:b4:ab:47:32:b0:74:59:46:5f:
                    25:ef:50:94:7e:88:c8:77:a8:b8:ec:0b:6b:9f:bc:
                    83:e8:39:26:0c:bf:4f:6b:76:f2:78:a4:a5:d5:1c:
                    d8:68:1d:cc:00:6f:d4:0b:2d:1f:6b:43:82:2f:a1:
                    4c:69:50:1d:ca:91:6a:4f:dd:24:d0:2b:48:80:21:
                    14:91:57:c4:42:b7:92:b7:bf:42:ca:cc:c1:56:47:
                    05:3b:e8:f2:47:82:e1:77:b6:d2:ed:07:2f:82:02:
                    91:7c:dd:5d:32:7e:76:12:1a:22:42:7b:68:c1:7e:
                    c0:ee:6a:9c:94:1b:3c:74:8e:7c:8c:a6:6a:19:88:
                    da:ef:bf:a6:d8:8f:97:35:f1:17:10:88:81:da:45:
                    36:92:df:87:39:a3:d1:a0:8c:d8:ec:4d:ee:97:49:
                    e6:74:9a:ef:4a:5b:2d:a6:67:3e:c8:98:2c:15:1e:
                    cb:4c:3e:14:d1:33:a6:d9:5b:9b:d0:5e:ca:32:f6:
                    1a:ee:ee:bd:af:bf:1d:06:30:78:3f:5b:bc:53:13:
                    fd:64:4e:24:59:3e:e2:ea:f5:08:90:34:a2:9a:41:
                    7e:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:26:F2:70:76:E4:DB:06:EC:91:19:7B:4E:12:2B:73:0F:AF:84:F0
            X509v3 Authority Key Identifier:
                keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/GCbycHbk2wbskRl7ThIrcw-vhPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.224.0/22
                  91.213.39.0/24
                  91.228.64.0/22
                  194.4.164.0/22
                  195.20.137.0/24
                IPv6:
                  2a0d:8540::/29
                  2a0e:4240::/29
                  2a11:500::/29

    Signature Algorithm: sha256WithRSAEncryption
         be:11:34:1b:9b:d4:f3:34:b7:ce:39:08:69:42:fb:c2:60:c6:
         cd:19:b5:dc:bc:30:ba:06:aa:cf:ae:62:d6:3e:10:ae:14:56:
         7f:77:6e:90:3c:10:f5:60:cd:3c:7c:0e:05:1a:2a:56:85:b9:
         1d:16:84:4a:16:76:d4:00:44:72:b1:1e:7d:fd:3b:d2:6f:3c:
         40:6f:1d:b4:59:54:80:c6:6e:d4:1e:37:f2:51:47:05:56:30:
         00:bb:d6:e4:e8:c9:53:7f:05:c1:a2:cb:7b:ea:fc:15:9b:43:
         78:24:20:e6:06:47:c6:8d:d2:a2:d4:4e:16:05:b8:65:83:17:
         4f:6a:db:00:9f:3c:13:d4:03:17:09:1e:b8:76:36:8d:57:0d:
         9f:56:79:1d:c3:b6:86:5f:f6:f5:6b:c3:a6:16:6c:99:ec:3f:
         bd:52:c9:ff:78:b6:81:58:0c:d7:ad:e5:f2:a6:f2:a0:21:2e:
         79:b8:0c:aa:01:49:c9:38:9e:d9:4d:1b:33:ef:e4:ca:58:c0:
         46:7e:55:5a:8c:4d:ca:f3:dc:7f:a3:0b:85:81:63:9b:4d:37:
         33:b7:94:59:4c:b4:0f:39:98:6a:b3:8f:51:95:12:69:5c:0e:
         7f:e9:80:4b:1d:fe:66:cd:01:b9:9d:19:df:56:a6:d5:ba:07:
         da:20:30:b8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYipwm8aDcWQZnp5RYcBmOiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWUwNTFhOTM5MDFlY2MwMTc0NDA3OWFhNGFjMmZiMDc3
YjlmYzEwHhcNMjMwNjExMDkyMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODI2ZjI3MDc2ZTRkYjA2ZWM5MTE5N2I0ZTEyMmI3MzBmYWY4NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk64MEn55fFLa0YwiAnZELSOxdiWP
cDBrXL4ipYBcJi+BXu+0q0cysHRZRl8l71CUfojId6i47Atrn7yD6DkmDL9Pa3by
eKSl1RzYaB3MAG/UCy0fa0OCL6FMaVAdypFqT90k0CtIgCEUkVfEQreSt79CyszB
VkcFO+jyR4Lhd7bS7QcvggKRfN1dMn52EhoiQntowX7A7mqclBs8dI58jKZqGYja
77+m2I+XNfEXEIiB2kU2kt+HOaPRoIzY7E3ul0nmdJrvSlstpmc+yJgsFR7LTD4U
0TOm2Vub0F7KMvYa7u69r78dBjB4P1u8UxP9ZE4kWT7i6vUIkDSimkF+KQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBgm8nB25NsG7JEZe04SK3MPr4TwMB8GA1UdIwQY
MBaAFFvuBRqTkB7MAXRAeapKwvsHe5/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjIt
YTUyYTg3OTVkOTU2LzEvR0NieWNIYmsyd2Jza1JsN1RoSXJjdy12aFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjItYTUyYTg3OTVkOTU2
LzEvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCLYDgAwQA
W9UnAwQCW+RAAwQCwgSkAwQAwxSJMBsEAgACMBUDBQMqDYVAAwUDKg5CQAMFAyoR
BQAwDQYJKoZIhvcNAQELBQADggEBAL4RNBub1PM0t845CGlC+8Jgxs0Ztdy8MLoG
qs+uYtY+EK4UVn93bpA8EPVgzTx8DgUaKlaFuR0WhEoWdtQARHKxHn39O9JvPEBv
HbRZVIDGbtQeN/JRRwVWMAC71uToyVN/BcGiy3vq/BWbQ3gkIOYGR8aN0qLUThYF
uGWDF09q2wCfPBPUAxcJHrh2No1XDZ9WeR3DtoZf9vVrw6YWbJnsP71Syf94toFY
DNet5fKm8qAhLnm4DKoBSck4ntlNGzPv5MpYwEZ+VVqMTcrz3H+jC4WBY5tNNzO3
lFlMtA85mGqzj1GVEmlcDn/pgEsd/mbNAbmdGd9WptW6B9ogMLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:13 2024 by rpki-client on console-fra.rpki-client.org