Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/gum_SpwziE93Hqn40EkeEHXpgJo.roa
File:                     gum_SpwziE93Hqn40EkeEHXpgJo.roa (raw, json)
Hash identifier:          CfDr5Ql7FzKP5fPfrHnP7QxwRFimQFCMrgQHQ2KF/4s=
Subject key identifier:   82:E9:BF:4A:9C:33:88:4F:77:1E:A9:F8:D0:49:1E:10:75:E9:80:9A
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       018C999D650DA6D2874B75D28EDDFA5311B1
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/gum_SpwziE93Hqn40EkeEHXpgJo.roa
Signing time:             Sun 24 Dec 2023 02:17:58 +0000
ROA not before:           Sun 24 Dec 2023 02:17:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        109.238.160.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:99:9d:65:0d:a6:d2:87:4b:75:d2:8e:dd:fa:53:11:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Dec 24 02:17:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82e9bf4a9c33884f771ea9f8d0491e1075e9809a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:05:ea:f9:57:99:6e:40:ce:86:96:37:fa:e6:
                    d0:46:e7:04:74:5e:27:ea:c5:4b:36:da:7f:bb:f0:
                    8d:18:29:d9:e5:74:fb:23:11:3e:7f:8f:3e:ae:a8:
                    4a:00:43:ac:5b:7b:37:16:d6:3a:a2:46:ea:ab:ee:
                    31:79:83:63:31:cd:a8:7e:cf:c3:e7:27:8f:45:ef:
                    59:25:27:69:82:a7:ba:39:d7:04:46:8d:bb:ff:9e:
                    05:82:33:ca:16:25:fa:0c:eb:12:0e:e4:a8:e6:35:
                    4d:9f:37:06:6f:1c:88:91:06:60:fa:9e:d1:f1:bf:
                    35:78:2e:5a:69:9a:f2:04:dc:d8:ce:e2:35:54:1b:
                    7c:7e:03:34:71:d5:df:9c:6c:90:c1:c3:09:ce:88:
                    7a:e3:93:eb:a4:ae:3e:95:35:a1:c1:3a:2b:db:b3:
                    f4:9b:59:b1:1a:5c:8c:de:48:2a:80:b0:30:83:5e:
                    58:55:80:e2:38:e0:47:74:37:f2:50:3d:49:bb:94:
                    c0:76:89:6d:56:40:af:8a:e4:98:e7:d7:db:8b:bd:
                    44:23:dc:71:aa:e1:20:64:ca:36:a6:67:5c:f6:93:
                    dc:04:49:42:5b:6b:48:80:17:d9:3f:ec:5d:c1:57:
                    74:c1:4e:5e:0d:84:6e:4f:4a:9d:0a:1f:cd:e3:cc:
                    fd:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:E9:BF:4A:9C:33:88:4F:77:1E:A9:F8:D0:49:1E:10:75:E9:80:9A
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/gum_SpwziE93Hqn40EkeEHXpgJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.238.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2c:9d:3c:36:40:7e:e9:46:32:9b:87:a7:6d:60:f5:5b:4a:64:
         dc:65:c4:0e:98:7b:ef:67:8f:b1:a6:a5:b7:77:37:91:f2:9a:
         ca:b5:65:35:75:fb:5d:47:6a:09:ca:5b:17:01:dd:28:a7:15:
         7d:57:5e:1e:59:6d:7d:cb:65:fe:7a:b5:ce:42:01:3b:c1:90:
         03:f7:13:20:e4:7b:4a:56:27:d4:e8:81:ef:5c:4c:5d:17:a9:
         0e:45:2d:aa:0a:af:dc:40:26:00:72:27:56:c1:d0:de:3b:36:
         4f:d4:6d:23:90:7e:61:2c:5a:fa:3c:c0:2f:93:77:9c:63:6c:
         f3:02:07:d9:fa:ee:95:40:9b:90:30:19:87:db:bb:91:d6:a8:
         94:81:d6:7b:98:48:10:2b:ed:81:77:b2:c4:9b:17:3d:9b:c5:
         65:4f:b1:70:2d:2e:1b:de:43:1e:3e:83:24:76:fa:97:85:ca:
         36:3a:63:15:d6:c8:7e:15:c3:f4:d6:2d:7e:00:d9:0f:d3:42:
         82:08:54:a5:26:31:82:5c:5c:43:71:bd:b4:0a:b5:1c:dd:89:
         8c:e3:14:29:b6:3c:81:7e:ef:c5:b9:97:2b:f0:f8:51:d7:b8:
         22:da:eb:87:62:c7:3a:4d:de:61:48:5d:e1:25:5e:08:60:12:
         82:0d:fe:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyZnWUNptKHS3XSjt36UxGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjMxMjI0MDIxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmU5YmY0YTljMzM4ODRmNzcxZWE5ZjhkMDQ5MWUxMDc1ZTk4MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowXq+VeZbkDOhpY3+ubQRucEdF4n
6sVLNtp/u/CNGCnZ5XT7IxE+f48+rqhKAEOsW3s3FtY6okbqq+4xeYNjMc2ofs/D
5yePRe9ZJSdpgqe6OdcERo27/54FgjPKFiX6DOsSDuSo5jVNnzcGbxyIkQZg+p7R
8b81eC5aaZryBNzYzuI1VBt8fgM0cdXfnGyQwcMJzoh645PrpK4+lTWhwTor27P0
m1mxGlyM3kgqgLAwg15YVYDiOOBHdDfyUD1Ju5TAdoltVkCviuSY59fbi71EI9xx
quEgZMo2pmdc9pPcBElCW2tIgBfZP+xdwVd0wU5eDYRuT0qdCh/N48z9BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILpv0qcM4hPdx6p+NBJHhB16YCaMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvZ3VtX1Nwd3ppRTkzSHFuNDBFa2VFSFhwZ0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbe6gMA0G
CSqGSIb3DQEBCwUAA4IBAQAsnTw2QH7pRjKbh6dtYPVbSmTcZcQOmHvvZ4+xpqW3
dzeR8prKtWU1dftdR2oJylsXAd0opxV9V14eWW19y2X+erXOQgE7wZAD9xMg5HtK
VifU6IHvXExdF6kORS2qCq/cQCYAcidWwdDeOzZP1G0jkH5hLFr6PMAvk3ecY2zz
AgfZ+u6VQJuQMBmH27uR1qiUgdZ7mEgQK+2Bd7LEmxc9m8VlT7FwLS4b3kMePoMk
dvqXhco2OmMV1sh+FcP01i1+ANkP00KCCFSlJjGCXFxDcb20CrUc3YmM4xQptjyB
fu/FuZcr8PhR17gi2uuHYsc6Td5hSF3hJV4IYBKCDf6o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:25 2024 by rpki-client on console-fra.rpki-client.org