Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/GY5GpLHNSQTGZT_7dEX-lBcqTHk.roa
File:                     GY5GpLHNSQTGZT_7dEX-lBcqTHk.roa (raw, json)
Hash identifier:          jJ+lTPQ02CDwxQC7kksrRf1TA6OwKZVd3sYXuYZfZpA=
Subject key identifier:   19:8E:46:A4:B1:CD:49:04:C6:65:3F:FB:74:45:FE:94:17:2A:4C:79
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0185A25FC9A97C10889FC408151F9672904E
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/GY5GpLHNSQTGZT_7dEX-lBcqTHk.roa
Signing time:             Wed 11 Jan 2023 19:47:44 +0000
ROA not before:           Wed 11 Jan 2023 19:47:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213296
IP address blocks:        185.95.102.0/23 maxlen: 24
                          185.95.100.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a2:5f:c9:a9:7c:10:88:9f:c4:08:15:1f:96:72:90:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan 11 19:47:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=198e46a4b1cd4904c6653ffb7445fe94172a4c79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:29:2b:b3:09:90:7e:81:af:c3:8d:58:c7:49:
                    44:1e:ed:ee:1d:e5:70:32:af:97:af:29:25:d6:e6:
                    28:91:f4:23:5f:01:b7:74:dc:7d:84:a6:2b:62:25:
                    0d:7e:6e:71:52:60:60:4c:e2:73:98:59:1c:f0:93:
                    42:f6:28:8d:8e:96:9c:31:78:30:91:31:33:80:d7:
                    a7:92:73:cf:0b:d8:51:db:e8:97:09:af:b7:fd:57:
                    a7:55:5d:f1:dc:68:00:75:de:a4:e5:bb:a2:b4:2e:
                    90:2f:2d:ab:60:0e:85:23:54:58:a4:72:6e:e2:9b:
                    03:c9:23:a1:c1:75:a1:a2:c0:d2:55:ee:d3:e8:6a:
                    bf:aa:3d:b0:cb:e8:5a:fc:ef:44:0b:a5:df:94:96:
                    2f:36:e7:26:ca:de:75:b0:a1:10:c6:bb:df:9f:6f:
                    43:89:75:2b:80:0a:bc:e2:d8:9c:dd:95:41:5a:3a:
                    72:99:68:76:3d:4c:bd:34:a4:3f:0d:b5:08:d8:56:
                    ed:7b:e6:b1:a9:d0:ed:32:55:ff:bc:8b:f1:8d:f6:
                    c3:90:3e:f5:97:fd:5b:4c:23:fd:6f:41:5a:2c:e6:
                    a0:bd:4a:2d:11:1f:f1:6a:71:d6:56:0c:0c:c2:5c:
                    bd:ee:88:5d:36:3f:a1:de:ed:81:26:36:0f:61:ce:
                    ff:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:8E:46:A4:B1:CD:49:04:C6:65:3F:FB:74:45:FE:94:17:2A:4C:79
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/GY5GpLHNSQTGZT_7dEX-lBcqTHk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:0d:51:fd:9b:44:f3:46:5d:d9:f8:ef:e5:28:48:de:73:28:
         51:13:a2:59:27:71:f2:04:66:67:4f:9f:63:16:58:13:b7:96:
         1a:c1:59:01:10:cb:e0:45:c1:92:45:95:1f:a2:b8:75:5a:bd:
         b8:ba:ed:c2:0b:5d:c4:c5:53:3b:cd:cd:d0:9f:bf:ca:80:54:
         fd:28:0f:59:d3:98:44:66:8c:a6:c6:b9:0b:64:48:f4:be:b8:
         0f:6f:b8:b4:6b:56:7f:f7:1a:17:3a:27:75:94:5b:2b:2c:0c:
         41:1c:e5:15:c5:db:2f:e9:d6:3c:cc:c5:a5:fa:01:f0:8e:97:
         08:77:ae:42:69:cd:64:2a:82:a5:09:1b:08:49:53:e1:37:ae:
         f2:c0:44:26:1b:75:3e:77:da:77:01:8d:6b:a6:23:b1:71:82:
         80:96:fb:50:1b:c7:ad:a6:04:55:db:82:77:22:2b:9f:2e:1c:
         3b:e2:8a:e5:85:11:ac:a5:ce:12:5d:9d:b8:a1:7a:35:ca:39:
         ce:f7:79:99:2b:81:ac:7d:af:15:19:12:0a:0c:7e:d5:dd:24:
         db:c2:32:69:89:80:25:75:1b:16:1e:7c:9e:a5:a6:4f:24:4c:
         12:fd:dd:cf:8b:ab:96:b2:e3:85:8a:2e:a6:3b:a3:16:5b:d9:
         ac:70:d0:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWiX8mpfBCIn8QIFR+WcpBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMTExMTk0NzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOThlNDZhNGIxY2Q0OTA0YzY2NTNmZmI3NDQ1ZmU5NDE3MmE0Yzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCkrswmQfoGvw41Yx0lEHu3uHeVw
Mq+Xrykl1uYokfQjXwG3dNx9hKYrYiUNfm5xUmBgTOJzmFkc8JNC9iiNjpacMXgw
kTEzgNenknPPC9hR2+iXCa+3/VenVV3x3GgAdd6k5buitC6QLy2rYA6FI1RYpHJu
4psDySOhwXWhosDSVe7T6Gq/qj2wy+ha/O9EC6XflJYvNucmyt51sKEQxrvfn29D
iXUrgAq84tic3ZVBWjpymWh2PUy9NKQ/DbUI2Fbte+axqdDtMlX/vIvxjfbDkD71
l/1bTCP9b0FaLOagvUotER/xanHWVgwMwly97ohdNj+h3u2BJjYPYc7/swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmORqSxzUkExmU/+3RF/pQXKkx5MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvR1k1R3BMSE5TUVRHWlRfN2RFWC1sQmNxVEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV9kMA0G
CSqGSIb3DQEBCwUAA4IBAQAnDVH9m0TzRl3Z+O/lKEjecyhRE6JZJ3HyBGZnT59j
FlgTt5YawVkBEMvgRcGSRZUforh1Wr24uu3CC13ExVM7zc3Qn7/KgFT9KA9Z05hE
ZoymxrkLZEj0vrgPb7i0a1Z/9xoXOid1lFsrLAxBHOUVxdsv6dY8zMWl+gHwjpcI
d65Cac1kKoKlCRsISVPhN67ywEQmG3U+d9p3AY1rpiOxcYKAlvtQG8etpgRV24J3
IiufLhw74orlhRGspc4SXZ24oXo1yjnO93mZK4Gsfa8VGRIKDH7V3STbwjJpiYAl
dRsWHnyepaZPJEwS/d3Pi6uWsuOFii6mO6MWW9mscNAS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org