Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/Gkcxre1kbTtZ-u2mhXG-t8Tnfqw.roa
File:                     Gkcxre1kbTtZ-u2mhXG-t8Tnfqw.roa (raw, json)
Hash identifier:          cNjVW307NFnRhZBz0Q7Sx/Hc5bCuYipiCmp/ZF9uI+Q=
Subject key identifier:   1A:47:31:AD:ED:64:6D:3B:59:FA:ED:A6:85:71:BE:B7:C4:E7:7E:AC
Certificate issuer:       /CN=92ec295476ca1d934db04d00244fc5079b9c9748
Certificate serial:       01857155365AB1CFEC5E82A5B24EE6618F3E
Authority key identifier: 92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/Gkcxre1kbTtZ-u2mhXG-t8Tnfqw.roa
Signing time:             Mon 02 Jan 2023 07:14:47 +0000
ROA not before:           Mon 02 Jan 2023 07:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211997
IP address blocks:        185.233.32.0/24 maxlen: 24
                          2a10:d780:1::/48 maxlen: 48
                          2a10:d780:cccc::/48 maxlen: 48
                          2a10:d780:2::/48 maxlen: 48
                          2a10:d780::/32 maxlen: 32
                          2a10:d780::/48 maxlen: 48
                          2a10:d780:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:36:5a:b1:cf:ec:5e:82:a5:b2:4e:e6:61:8f:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92ec295476ca1d934db04d00244fc5079b9c9748
        Validity
            Not Before: Jan  2 07:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a4731aded646d3b59faeda68571beb7c4e77eac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:59:81:51:96:de:5b:85:0b:b6:a4:5e:ac:1e:
                    a1:c1:59:b9:48:d0:17:9f:a3:be:a0:1c:2e:8f:60:
                    5b:f1:1a:c8:81:11:7c:82:54:6d:55:d4:93:fa:9d:
                    bf:a1:82:28:66:5d:fb:45:b2:a4:3e:40:be:f6:19:
                    ae:0c:93:10:12:5c:c5:3c:aa:70:46:2d:05:ff:8e:
                    3f:37:77:fb:2d:1b:70:2c:53:64:21:02:bf:22:54:
                    14:eb:a9:78:9b:78:d5:f3:8a:43:af:6a:89:e5:e0:
                    9d:72:fe:f5:9a:1a:c9:a7:25:3c:cd:2a:ef:97:8b:
                    5b:40:d7:ae:04:c9:77:0d:88:58:14:9d:bb:1d:da:
                    c5:98:83:e9:a3:4e:a9:8e:00:3a:81:bc:e3:7d:c6:
                    a2:80:e3:3e:1d:c9:1d:00:cc:43:e5:9d:dd:ce:0e:
                    53:0e:59:27:2e:bd:71:d0:98:1b:f9:d7:4f:81:f0:
                    fc:29:ae:f1:73:d6:8b:40:78:74:8f:44:da:1e:56:
                    48:62:17:5b:ab:a8:10:5f:1b:7b:64:40:b1:15:fb:
                    a7:94:0e:a0:a6:a1:84:69:e6:2c:9b:ae:d1:76:e1:
                    e7:c1:60:28:28:d6:8f:98:6d:57:3f:74:92:71:17:
                    b0:c4:0f:ab:62:f6:9c:cd:b7:e8:f5:a7:dd:fb:c1:
                    e5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:47:31:AD:ED:64:6D:3B:59:FA:ED:A6:85:71:BE:B7:C4:E7:7E:AC
            X509v3 Authority Key Identifier:
                keyid:92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/Gkcxre1kbTtZ-u2mhXG-t8Tnfqw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.233.32.0/24
                IPv6:
                  2a10:d780::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:10:28:45:e7:2f:ef:aa:85:a2:99:27:64:f3:2b:8c:3e:92:
         3e:44:49:38:6f:49:a9:77:1b:aa:3b:ee:52:7d:0b:c8:aa:75:
         cb:e7:85:0c:8a:28:77:3f:a6:a6:77:c2:25:3b:9c:07:f7:05:
         3b:92:45:43:7e:5e:7c:38:8b:21:d1:fa:aa:fa:04:f3:98:fa:
         e0:7a:72:1c:39:83:db:25:7e:06:46:d1:6c:12:a9:ee:92:66:
         48:19:15:77:04:ec:f1:3a:6f:9b:c9:f3:23:80:70:17:fd:7f:
         8d:fa:20:37:c8:8a:df:78:6e:78:cd:0e:45:9a:04:78:0c:9a:
         40:f6:b7:eb:ed:12:eb:a9:33:9a:e9:e2:68:5a:de:fe:87:d0:
         ae:60:5f:7a:c4:48:40:f6:b9:40:d2:f6:df:60:4a:89:ba:28:
         34:32:ed:56:ab:24:33:3b:1f:4b:1c:67:a3:53:19:b1:0c:d2:
         60:b6:6a:43:af:7d:45:79:ee:a8:bb:78:c5:81:ae:a4:b1:a7:
         57:c3:f4:06:55:dc:14:b3:96:0c:44:1c:dc:3f:4c:c7:d2:25:
         fb:7b:4f:cf:3b:f9:d3:73:71:ec:2e:cb:43:55:f5:25:e4:d8:
         2b:49:55:3e:68:64:f1:4c:af:24:66:51:29:7e:b4:f9:f4:24:
         f7:9b:b6:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxVTZasc/sXoKlsk7mYY8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZWMyOTU0NzZjYTFkOTM0ZGIwNGQwMDI0NGZjNTA3OWI5
Yzk3NDgwHhcNMjMwMTAyMDcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQ3MzFhZGVkNjQ2ZDNiNTlmYWVkYTY4NTcxYmViN2M0ZTc3ZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlmBUZbeW4ULtqRerB6hwVm5SNAX
n6O+oBwuj2Bb8RrIgRF8glRtVdST+p2/oYIoZl37RbKkPkC+9hmuDJMQElzFPKpw
Ri0F/44/N3f7LRtwLFNkIQK/IlQU66l4m3jV84pDr2qJ5eCdcv71mhrJpyU8zSrv
l4tbQNeuBMl3DYhYFJ27HdrFmIPpo06pjgA6gbzjfcaigOM+HckdAMxD5Z3dzg5T
DlknLr1x0Jgb+ddPgfD8Ka7xc9aLQHh0j0TaHlZIYhdbq6gQXxt7ZECxFfunlA6g
pqGEaeYsm67RduHnwWAoKNaPmG1XP3SScRewxA+rYvaczbfo9afd+8HlVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBpHMa3tZG07WfrtpoVxvrfE536sMB8GA1UdIwQY
MBaAFJLsKVR2yh2TTbBNACRPxQebnJdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3V3cFZIYktIWk5Oc0UwQUpFX0ZCNXVjbDBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81ODM5NGEtOGNmNi00YjExLWJlY2It
M2JhNjkxMzE0NThiLzEvR2tjeHJlMWtiVHRaLXUybWhYRy10OFRuZnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81ODM5NGEtOGNmNi00YjExLWJlY2ItM2JhNjkxMzE0NThi
LzEva3V3cFZIYktIWk5Oc0UwQUpFX0ZCNXVjbDBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuekgMA0E
AgACMAcDBQAqENeAMA0GCSqGSIb3DQEBCwUAA4IBAQAWEChF5y/vqoWimSdk8yuM
PpI+REk4b0mpdxuqO+5SfQvIqnXL54UMiih3P6amd8IlO5wH9wU7kkVDfl58OIsh
0fqq+gTzmPrgenIcOYPbJX4GRtFsEqnukmZIGRV3BOzxOm+byfMjgHAX/X+N+iA3
yIrfeG54zQ5FmgR4DJpA9rfr7RLrqTOa6eJoWt7+h9CuYF96xEhA9rlA0vbfYEqJ
uig0Mu1WqyQzOx9LHGejUxmxDNJgtmpDr31Fee6ou3jFga6ksadXw/QGVdwUs5YM
RBzcP0zH0iX7e0/PO/nTc3HsLstDVfUl5NgrSVU+aGTxTK8kZlEpfrT59CT3m7Z6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:38 2024 by rpki-client on console-ams.rpki-client.org