Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GHfLgso7NzuqOYoLYK9nRRKd3lo.roa
File:                     GHfLgso7NzuqOYoLYK9nRRKd3lo.roa (raw, json)
Hash identifier:          uYAUuOWooWrCik1FatBeP3SDY7FHN0phKZc3klbExMo=
Subject key identifier:   18:77:CB:82:CA:3B:37:3B:AA:39:8A:0B:60:AF:67:45:12:9D:DE:5A
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018AF60121BBF835767DF42D498D030DDC0A
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GHfLgso7NzuqOYoLYK9nRRKd3lo.roa
Signing time:             Tue 03 Oct 2023 14:46:23 +0000
ROA not before:           Tue 03 Oct 2023 14:46:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147293
IP address blocks:        45.146.232.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f6:01:21:bb:f8:35:76:7d:f4:2d:49:8d:03:0d:dc:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Oct  3 14:46:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1877cb82ca3b373baa398a0b60af6745129dde5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:94:09:30:84:ea:82:8e:54:69:a9:33:2d:fb:
                    de:87:52:87:05:49:8e:8c:c2:cb:df:f6:27:98:b1:
                    b8:e5:fc:b7:44:b3:fb:2e:90:f1:0e:ce:f5:02:fb:
                    6e:85:da:80:ef:0f:69:fc:17:db:fd:a2:75:83:1c:
                    75:6b:5c:d2:e6:18:e1:a3:ca:eb:b6:e2:6b:53:9e:
                    02:31:46:b1:d8:11:39:79:b5:b3:6f:87:6d:8f:56:
                    7f:b9:e5:e3:cd:17:63:41:46:e1:92:93:8f:cc:95:
                    c1:92:4a:f0:6b:04:bf:10:2e:ce:e3:46:a5:2b:f9:
                    70:d8:0d:dd:bc:f5:a1:17:da:c2:e8:16:63:08:dd:
                    31:cf:94:c3:1f:93:fc:23:29:07:dd:bf:67:13:a5:
                    8b:ef:13:14:17:ef:40:fe:41:6d:8e:42:01:8f:c7:
                    89:71:c2:4c:a1:1b:b3:80:fa:38:1b:8e:8f:f4:3c:
                    ea:a8:3d:a7:02:cd:53:6b:d6:8f:e9:22:ec:bf:21:
                    2e:90:d6:61:02:4d:e3:cc:0c:dd:cc:3e:65:35:b0:
                    a7:4b:a5:cf:3b:94:5b:41:45:92:71:e1:12:6b:7f:
                    c0:d3:55:4c:51:44:59:25:76:dc:27:80:d8:5f:09:
                    ba:d8:e7:e1:10:c3:bf:8f:7a:75:6a:63:00:19:e5:
                    ca:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:77:CB:82:CA:3B:37:3B:AA:39:8A:0B:60:AF:67:45:12:9D:DE:5A
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GHfLgso7NzuqOYoLYK9nRRKd3lo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         86:e9:f8:a0:c6:1c:0f:19:ef:c9:f1:d2:3b:11:e5:76:be:0f:
         7e:d9:ce:73:2f:09:ad:ca:8c:b8:c1:5f:6e:a0:c1:bb:42:56:
         e5:5a:ef:e8:6a:0f:e7:e2:ab:3a:a4:f9:40:28:3a:4f:99:b6:
         5b:fb:87:16:74:49:69:8b:c8:9a:f1:c9:3d:90:af:57:82:36:
         1d:ee:65:7f:4f:2b:5f:44:e3:c8:50:56:0f:eb:b4:da:af:ad:
         8f:65:52:ae:18:cd:4e:1a:40:e5:a9:03:76:fc:05:d1:c3:13:
         bb:6e:6e:f4:a7:b5:ea:92:1b:0a:61:13:16:d6:eb:8d:c9:73:
         94:89:8d:fb:fe:9a:ea:21:87:9a:53:0b:a9:49:a5:3f:7c:1f:
         79:a1:51:1d:18:a9:e4:c9:92:22:a8:44:54:ce:06:90:c4:f1:
         9f:bc:ba:f4:22:4f:43:52:ea:30:a7:79:61:95:5f:18:bb:2f:
         f4:e1:54:94:e6:15:4c:b1:72:71:df:e6:37:4c:2d:20:f0:9d:
         8c:55:93:08:08:0f:5f:93:19:96:4d:47:d2:9a:54:50:09:64:
         56:b5:1f:4c:c5:51:c6:93:a4:b7:5d:ca:0c:ad:d6:9d:df:54:
         16:b4:23:41:2a:2d:8f:72:77:0b:9e:cd:86:7d:e3:7c:e2:07:
         31:9d:7b:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr2ASG7+DV2ffQtSY0DDdwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMxMDAzMTQ0NjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODc3Y2I4MmNhM2IzNzNiYWEzOThhMGI2MGFmNjc0NTEyOWRkZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5QJMITqgo5UaakzLfveh1KHBUmO
jMLL3/YnmLG45fy3RLP7LpDxDs71AvtuhdqA7w9p/Bfb/aJ1gxx1a1zS5hjho8rr
tuJrU54CMUax2BE5ebWzb4dtj1Z/ueXjzRdjQUbhkpOPzJXBkkrwawS/EC7O40al
K/lw2A3dvPWhF9rC6BZjCN0xz5TDH5P8IykH3b9nE6WL7xMUF+9A/kFtjkIBj8eJ
ccJMoRuzgPo4G46P9DzqqD2nAs1Ta9aP6SLsvyEukNZhAk3jzAzdzD5lNbCnS6XP
O5RbQUWSceESa3/A01VMUURZJXbcJ4DYXwm62OfhEMO/j3p1amMAGeXK6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBh3y4LKOzc7qjmKC2CvZ0USnd5aMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvR0hmTGdzbzdOenVxT1lvTFlLOW5SUktkM2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZLoMA0G
CSqGSIb3DQEBCwUAA4IBAQCG6figxhwPGe/J8dI7EeV2vg9+2c5zLwmtyoy4wV9u
oMG7QlblWu/oag/n4qs6pPlAKDpPmbZb+4cWdElpi8ia8ck9kK9XgjYd7mV/Tytf
ROPIUFYP67Tar62PZVKuGM1OGkDlqQN2/AXRwxO7bm70p7XqkhsKYRMW1uuNyXOU
iY37/prqIYeaUwupSaU/fB95oVEdGKnkyZIiqERUzgaQxPGfvLr0Ik9DUuowp3lh
lV8Yuy/04VSU5hVMsXJx3+Y3TC0g8J2MVZMICA9fkxmWTUfSmlRQCWRWtR9MxVHG
k6S3XcoMrdad31QWtCNBKi2PcncLns2GfeN84gcxnXvP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org