Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa
File:                     g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa (raw, json)
Hash identifier:          /2V25lYvQ+ckL4oF24CUjmNVPKSw5+rrh0UWy4CEvuI=
Subject key identifier:   83:F9:E0:68:76:D8:50:9B:B6:C0:EC:6E:D0:B9:7B:0B:31:70:EE:9D
Certificate issuer:       /CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Certificate serial:       018978E42C781622A09E92C84EA4C0E4C7FB
Authority key identifier: 75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa
Signing time:             Fri 21 Jul 2023 14:39:26 +0000
ROA not before:           Fri 21 Jul 2023 14:39:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201973
IP address blocks:        80.246.97.0/24 maxlen: 24
                          80.246.96.0/20 maxlen: 20
                          80.246.96.0/24 maxlen: 24
                          80.246.107.0/24 maxlen: 24
                          2a03:f8c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:78:e4:2c:78:16:22:a0:9e:92:c8:4e:a4:c0:e4:c7:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75d977aa2a4c10c7b47af2add96804487e2274a9
        Validity
            Not Before: Jul 21 14:39:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83f9e06876d8509bb6c0ec6ed0b97b0b3170ee9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:00:b9:37:1b:5d:c6:92:3d:8d:8a:6e:4a:9b:
                    43:1b:ee:06:ec:a9:d1:75:f3:d3:2c:f9:eb:2f:65:
                    db:51:43:db:82:f1:5c:8e:48:fa:f8:12:f0:73:d7:
                    61:33:b2:ba:87:f7:62:08:24:32:3f:7f:7a:8a:01:
                    91:01:90:96:07:ac:5e:25:b9:6e:73:57:d2:5e:89:
                    ef:e8:3f:61:d7:fe:d1:39:2e:68:a6:95:6f:9d:63:
                    33:6c:2f:f3:63:d6:57:d1:04:7e:ee:88:d1:c5:03:
                    37:48:2e:ce:f4:ce:98:ce:f2:dd:f2:1f:97:17:44:
                    c5:73:c2:f7:c9:40:43:fc:d9:f5:28:1d:59:9c:08:
                    1a:95:d7:8e:c9:68:47:38:cc:3b:7b:a2:38:8f:10:
                    73:03:68:de:f2:8b:36:d3:21:b2:d8:13:d7:65:0e:
                    2c:bd:4c:47:06:4e:14:26:e7:3d:21:de:ec:73:96:
                    41:6d:53:4f:e7:c0:96:5e:51:2a:81:a3:d4:47:cf:
                    d5:a5:ab:78:cc:e9:9d:cb:df:d6:b8:f8:0c:af:b6:
                    c3:fb:bf:b7:00:c0:01:8c:4b:8c:a5:a4:b3:61:8f:
                    89:84:18:b3:5d:0a:fa:b6:97:50:40:b1:80:7a:8b:
                    84:a6:fd:db:8e:02:73:24:03:80:a7:4b:11:53:02:
                    53:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F9:E0:68:76:D8:50:9B:B6:C0:EC:6E:D0:B9:7B:0B:31:70:EE:9D
            X509v3 Authority Key Identifier:
                keyid:75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.96.0/20
                IPv6:
                  2a03:f8c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         98:f0:06:9b:49:b5:37:57:cb:58:37:a7:45:2f:b5:c2:bd:c9:
         da:a4:58:fb:4e:fc:4e:01:f4:f4:f7:3b:84:f2:19:e2:2d:c1:
         e7:03:0d:5c:1a:59:59:d2:54:3f:e9:92:55:fd:94:aa:cc:b2:
         5a:55:4b:f7:39:1c:f0:7e:ba:ff:92:31:f0:19:0e:fd:74:5d:
         27:91:9f:de:60:dd:89:e2:80:86:ff:a3:29:d9:69:79:54:4e:
         ab:46:9f:b4:cf:11:26:48:ba:b6:1d:cc:02:b8:32:40:32:83:
         c4:41:8e:1d:b2:9f:3f:46:27:b5:74:e7:e2:03:4e:8f:42:32:
         ff:4d:c1:70:3e:3a:3e:1a:2a:d2:c3:5f:d6:65:8c:88:86:c2:
         25:08:1b:57:46:59:ef:36:aa:cc:ad:74:b7:a8:7f:4e:7a:05:
         af:68:c4:2d:be:54:06:7b:d7:32:c2:81:4b:f3:b7:50:6b:5d:
         69:5a:fc:9b:b4:36:29:15:d0:f2:b2:e6:f8:d0:65:27:46:43:
         31:ba:0c:9d:72:e8:94:c1:f6:07:b4:61:4a:32:2e:66:b3:12:
         93:a6:72:37:94:f9:44:c0:11:fb:f3:a5:5d:c3:d0:93:dc:6a:
         23:bf:eb:58:44:85:0a:3e:7d:04:51:1f:5b:bb:75:58:5a:89:
         86:52:34:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYl45Cx4FiKgnpLITqTA5Mf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZDk3N2FhMmE0YzEwYzdiNDdhZjJhZGQ5NjgwNDQ4N2Uy
Mjc0YTkwHhcNMjMwNzIxMTQzOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y5ZTA2ODc2ZDg1MDliYjZjMGVjNmVkMGI5N2IwYjMxNzBlZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgC5NxtdxpI9jYpuSptDG+4G7KnR
dfPTLPnrL2XbUUPbgvFcjkj6+BLwc9dhM7K6h/diCCQyP396igGRAZCWB6xeJblu
c1fSXonv6D9h1/7ROS5oppVvnWMzbC/zY9ZX0QR+7ojRxQM3SC7O9M6YzvLd8h+X
F0TFc8L3yUBD/Nn1KB1ZnAgaldeOyWhHOMw7e6I4jxBzA2je8os20yGy2BPXZQ4s
vUxHBk4UJuc9Id7sc5ZBbVNP58CWXlEqgaPUR8/Vpat4zOmdy9/WuPgMr7bD+7+3
AMABjEuMpaSzYY+JhBizXQr6tpdQQLGAeouEpv3bjgJzJAOAp0sRUwJTlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIP54Gh22FCbtsDsbtC5ewsxcO6dMB8GA1UdIwQY
MBaAFHXZd6oqTBDHtHryrdloBEh+InSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzct
MTI2ZGY1NDQ2ZGU5LzEvZ19uZ2FIYllVSnUyd094dTBMbDdDekZ3N3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzctMTI2ZGY1NDQ2ZGU5
LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPZgMA0E
AgACMAcDBQAqA/jAMA0GCSqGSIb3DQEBCwUAA4IBAQCY8AabSbU3V8tYN6dFL7XC
vcnapFj7TvxOAfT09zuE8hniLcHnAw1cGllZ0lQ/6ZJV/ZSqzLJaVUv3ORzwfrr/
kjHwGQ79dF0nkZ/eYN2J4oCG/6Mp2Wl5VE6rRp+0zxEmSLq2HcwCuDJAMoPEQY4d
sp8/Rie1dOfiA06PQjL/TcFwPjo+GirSw1/WZYyIhsIlCBtXRlnvNqrMrXS3qH9O
egWvaMQtvlQGe9cywoFL87dQa11pWvybtDYpFdDysub40GUnRkMxugydcuiUwfYH
tGFKMi5msxKTpnI3lPlEwBH786Vdw9CT3Gojv+tYRIUKPn0EUR9bu3VYWomGUjTJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:29 2024 by rpki-client on console-ams.rpki-client.org