Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/gwRrZB-WJzAIcfw9a0QRKaKs7KY.roa
File:                     gwRrZB-WJzAIcfw9a0QRKaKs7KY.roa (raw, json)
Hash identifier:          6QNRZt3ywkEQu5CN4oMq3EkTio66dqP4iD7P9DCsMw4=
Subject key identifier:   83:04:6B:64:1F:96:27:30:08:71:FC:3D:6B:44:11:29:A2:AC:EC:A6
Certificate issuer:       /CN=1e02b2489f4713962d105112b25276eb81f1ac90
Certificate serial:       018CC9BC32D1A143FA55AF75432D02740BB2
Authority key identifier: 1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/gwRrZB-WJzAIcfw9a0QRKaKs7KY.roa
Signing time:             Tue 02 Jan 2024 10:33:23 +0000
ROA not before:           Tue 02 Jan 2024 10:33:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56650
IP address blocks:        85.208.64.0/22 maxlen: 22
                          85.208.64.0/24 maxlen: 24
                          85.208.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 13:38:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:32:d1:a1:43:fa:55:af:75:43:2d:02:74:0b:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e02b2489f4713962d105112b25276eb81f1ac90
        Validity
            Not Before: Jan  2 10:33:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=83046b641f9627300871fc3d6b441129a2aceca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:05:3b:4a:c2:96:e7:a1:a0:db:a7:e4:11:8f:
                    53:37:07:90:d0:7b:1b:b7:2b:10:fc:56:0a:a9:b7:
                    99:dc:72:b9:ba:21:fa:f5:7d:eb:37:f2:bf:65:d2:
                    f1:dc:bc:ca:e1:60:6e:7c:e6:02:8b:07:a4:bd:6d:
                    60:7b:47:2d:f2:fd:62:f8:34:60:b2:bd:87:0c:41:
                    92:14:5b:24:d5:87:f0:4a:eb:e6:81:f1:3d:52:45:
                    c5:83:77:b8:64:9c:70:74:2d:27:ea:25:8f:f4:62:
                    6b:54:2a:f3:e1:90:a3:01:14:ba:01:68:4f:89:ed:
                    6f:f4:7d:d2:cf:b0:50:1d:3f:74:82:e3:01:c5:2f:
                    2f:98:90:76:aa:ea:e4:d7:6d:e8:86:eb:94:28:5b:
                    d6:4a:8c:4f:d1:d2:70:45:67:22:b1:f3:71:5b:fe:
                    a2:b3:77:c6:b0:ec:76:11:4e:87:e6:68:b2:0f:ce:
                    74:97:b9:a0:e2:fb:ad:36:ac:9f:73:9f:94:a8:56:
                    b5:3d:ea:d5:51:03:8d:3c:ee:1d:c7:0f:8c:67:5e:
                    1e:19:33:f3:64:c4:ec:f2:4a:db:aa:59:ff:46:b3:
                    83:13:1e:03:98:9b:5d:1d:8a:1d:82:da:bd:0e:a7:
                    5a:a4:69:5c:96:eb:d6:b5:97:42:61:9d:d1:25:1a:
                    cc:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:04:6B:64:1F:96:27:30:08:71:FC:3D:6B:44:11:29:A2:AC:EC:A6
            X509v3 Authority Key Identifier:
                keyid:1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/gwRrZB-WJzAIcfw9a0QRKaKs7KY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/HgKySJ9HE5YtEFESslJ264HxrJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:98:59:b9:a1:68:ea:1a:26:9b:a9:3a:8b:db:7b:28:80:1d:
         5a:7f:e2:90:31:35:12:89:e4:a7:58:69:1c:f0:81:5f:9f:04:
         9c:ea:4c:5f:7d:3f:2a:46:fb:a8:14:e4:df:8d:2b:78:4b:7c:
         b8:9d:d9:c3:40:11:9f:ed:4a:9c:df:0f:f6:5d:00:31:64:eb:
         b5:05:ad:9a:ef:fc:b7:91:71:47:be:29:54:9c:43:a7:04:78:
         7b:3c:ba:09:27:5f:88:b1:e5:d0:6d:1d:17:ea:aa:f1:6b:f7:
         a9:a3:a3:e9:d1:8f:4e:8e:39:d7:b2:99:f8:4e:39:1f:c0:4f:
         29:45:1c:59:fe:27:5d:77:9e:2f:80:51:b5:c5:35:47:d3:91:
         02:7d:9d:57:7c:ed:d2:8f:7d:45:f6:88:fb:e3:04:34:60:70:
         93:ee:61:cc:f1:e5:09:e9:9c:ea:16:66:ad:f6:90:8b:1c:f4:
         f9:08:a8:b5:0f:67:32:db:4e:c3:bf:87:36:3d:9e:6f:42:cc:
         69:b6:fb:e1:d1:b0:47:70:09:72:f5:d4:07:56:e1:b4:7a:1b:
         37:23:03:98:fb:98:4b:e4:ce:7b:c3:35:54:89:f4:80:55:63:
         10:fd:2d:a9:4c:e1:62:f5:ef:8f:99:6e:42:e7:18:9e:d8:6e:
         1f:58:3a:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvDLRoUP6Va91Qy0CdAuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDJiMjQ4OWY0NzEzOTYyZDEwNTExMmIyNTI3NmViODFm
MWFjOTAwHhcNMjQwMTAyMTAzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzA0NmI2NDFmOTYyNzMwMDg3MWZjM2Q2YjQ0MTEyOWEyYWNlY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAU7SsKW56Gg26fkEY9TNweQ0Hsb
tysQ/FYKqbeZ3HK5uiH69X3rN/K/ZdLx3LzK4WBufOYCiwekvW1ge0ct8v1i+DRg
sr2HDEGSFFsk1YfwSuvmgfE9UkXFg3e4ZJxwdC0n6iWP9GJrVCrz4ZCjARS6AWhP
ie1v9H3Sz7BQHT90guMBxS8vmJB2qurk123ohuuUKFvWSoxP0dJwRWcisfNxW/6i
s3fGsOx2EU6H5miyD850l7mg4vutNqyfc5+UqFa1PerVUQONPO4dxw+MZ14eGTPz
ZMTs8krbqln/RrODEx4DmJtdHYodgtq9DqdapGlcluvWtZdCYZ3RJRrM0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMEa2QflicwCHH8PWtEESmirOymMB8GA1UdIwQY
MBaAFB4CskifRxOWLRBRErJSduuB8ayQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdLeVNKOUhFNVl0RUZFU3NsSjI2NEh4ckpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jMGEzMjYtODhlMS00MmI0LTlkNTYt
MDkyMWQxYmJmMzQ5LzEvZ3dSclpCLVdKekFJY2Z3OWEwUVJLYUtzN0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jMGEzMjYtODhlMS00MmI0LTlkNTYtMDkyMWQxYmJmMzQ5
LzEvSGdLeVNKOUhFNVl0RUZFU3NsSjI2NEh4ckpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdBAMA0G
CSqGSIb3DQEBCwUAA4IBAQBJmFm5oWjqGiabqTqL23sogB1af+KQMTUSieSnWGkc
8IFfnwSc6kxffT8qRvuoFOTfjSt4S3y4ndnDQBGf7Uqc3w/2XQAxZOu1Ba2a7/y3
kXFHvilUnEOnBHh7PLoJJ1+IseXQbR0X6qrxa/epo6Pp0Y9OjjnXspn4TjkfwE8p
RRxZ/iddd54vgFG1xTVH05ECfZ1XfO3Sj31F9oj74wQ0YHCT7mHM8eUJ6ZzqFmat
9pCLHPT5CKi1D2cy207Dv4c2PZ5vQsxptvvh0bBHcAly9dQHVuG0ehs3IwOY+5hL
5M57wzVUifSAVWMQ/S2pTOFi9e+PmW5C5xie2G4fWDp/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org