Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/glxKgIwqwx5UEoYJw4d22Ms1_Mg.roa
File:                     glxKgIwqwx5UEoYJw4d22Ms1_Mg.roa (raw, json)
Hash identifier:          w+tltTJ4s9dOXVgiIV8PXYijzaefEnFjZm1RgLPBuOI=
Subject key identifier:   82:5C:4A:80:8C:2A:C3:1E:54:12:86:09:C3:87:76:D8:CB:35:FC:C8
Certificate issuer:       /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial:       018DBE8312AF1AF07C84669258135D581562
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/glxKgIwqwx5UEoYJw4d22Ms1_Mg.roa
Signing time:             Sun 18 Feb 2024 23:17:57 +0000
ROA not before:           Sun 18 Feb 2024 23:17:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215600
IP address blocks:        188.64.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 12:50:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:be:83:12:af:1a:f0:7c:84:66:92:58:13:5d:58:15:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
        Validity
            Not Before: Feb 18 23:17:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=825c4a808c2ac31e54128609c38776d8cb35fcc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5b:5e:50:18:16:f9:d4:4c:7e:c6:9e:ca:46:
                    9f:dd:51:b4:57:5a:72:5f:a5:3f:a3:cc:4e:81:68:
                    4e:b2:73:94:47:6b:3b:25:40:8f:a4:46:ad:b9:d6:
                    78:35:d7:68:15:f1:1c:d8:fe:68:4a:0d:fb:e7:87:
                    12:0c:88:81:58:20:bb:22:d8:d2:e8:57:38:35:85:
                    0b:5b:bf:43:05:5c:6c:39:e8:6f:d2:2b:60:fe:18:
                    23:2d:01:e2:8f:4c:8c:0c:ec:65:4f:6e:1a:b7:dd:
                    59:f8:5c:28:a9:22:71:95:1d:03:da:3a:4a:10:9f:
                    ab:ab:ee:8c:bb:d7:2c:ce:fc:ee:b3:1e:34:74:82:
                    92:02:65:a9:15:d0:e7:22:ef:3f:e0:d8:48:80:54:
                    33:0b:06:61:c6:30:f1:a7:ff:ef:ef:12:0c:85:1e:
                    d1:21:57:1d:fd:61:62:3e:93:41:ff:8b:74:7e:73:
                    97:18:73:b8:92:3c:91:b4:a8:f7:55:a5:3d:b0:29:
                    18:1a:8a:2c:47:8e:9f:1e:64:de:ca:aa:56:ce:be:
                    25:dc:7c:55:5a:5b:23:65:a1:94:a2:fe:20:18:dc:
                    2d:2a:4f:32:17:0c:e5:cf:2c:c8:a5:ce:7e:5f:f9:
                    53:bd:6d:ee:5d:06:65:fc:26:cd:5c:bf:8c:22:da:
                    e7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:5C:4A:80:8C:2A:C3:1E:54:12:86:09:C3:87:76:D8:CB:35:FC:C8
            X509v3 Authority Key Identifier:
                keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/glxKgIwqwx5UEoYJw4d22Ms1_Mg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:3f:dd:c4:38:d3:eb:89:a0:30:8d:fe:9c:21:4f:8f:83:a8:
         4e:fd:90:e6:26:75:66:58:4c:c1:c4:f6:a4:f3:5a:09:46:60:
         3b:7b:01:3b:9a:7b:26:93:22:70:a2:36:f6:ab:5a:9b:99:a7:
         66:6b:f8:c3:c4:06:38:d5:99:e8:9a:a7:c5:bf:8a:f0:67:a0:
         a6:8a:8e:3a:f2:7d:68:c5:9e:73:9a:55:57:c4:0f:a2:ef:b5:
         a9:0d:e7:48:eb:50:21:a3:a5:d9:17:98:bb:08:ad:cb:0f:e2:
         77:6a:d9:68:99:da:1e:86:dc:89:5d:49:c8:60:91:a3:e2:1c:
         34:0e:81:fc:fe:e6:0e:84:fd:99:ac:b2:a3:ed:6f:2c:69:54:
         6d:5c:54:13:f4:08:cb:c7:e3:09:f7:fe:0e:6c:51:3a:7b:ee:
         f9:e5:50:ae:b1:13:50:54:69:0c:8b:e0:45:ab:01:75:cb:c1:
         b0:70:4f:e4:21:f3:d5:aa:0e:19:cb:09:2d:0a:c5:5d:1c:a5:
         21:24:43:db:1e:4f:39:74:67:86:c0:08:8b:54:bb:1b:ba:4a:
         0c:53:29:b6:11:76:7d:8f:df:cc:d3:d8:d7:e7:22:9d:db:22:
         80:66:a8:c5:7f:9c:87:83:5f:71:8d:e1:f1:bd:69:87:2d:de:
         eb:66:c6:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2+gxKvGvB8hGaSWBNdWBViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjQwMjE4MjMxNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjVjNGE4MDhjMmFjMzFlNTQxMjg2MDljMzg3NzZkOGNiMzVmY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVteUBgW+dRMfsaeykaf3VG0V1py
X6U/o8xOgWhOsnOUR2s7JUCPpEatudZ4NddoFfEc2P5oSg3754cSDIiBWCC7ItjS
6Fc4NYULW79DBVxsOehv0itg/hgjLQHij0yMDOxlT24at91Z+FwoqSJxlR0D2jpK
EJ+rq+6Mu9cszvzusx40dIKSAmWpFdDnIu8/4NhIgFQzCwZhxjDxp//v7xIMhR7R
IVcd/WFiPpNB/4t0fnOXGHO4kjyRtKj3VaU9sCkYGoosR46fHmTeyqpWzr4l3HxV
WlsjZaGUov4gGNwtKk8yFwzlzyzIpc5+X/lTvW3uXQZl/CbNXL+MItrneQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJcSoCMKsMeVBKGCcOHdtjLNfzIMB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvZ2x4S2dJd3F3eDVVRW9ZSnc0ZDIyTXMxX01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEAhMA0G
CSqGSIb3DQEBCwUAA4IBAQBMP93EONPriaAwjf6cIU+Pg6hO/ZDmJnVmWEzBxPak
81oJRmA7ewE7mnsmkyJwojb2q1qbmadma/jDxAY41ZnomqfFv4rwZ6Cmio468n1o
xZ5zmlVXxA+i77WpDedI61Aho6XZF5i7CK3LD+J3atlomdoehtyJXUnIYJGj4hw0
DoH8/uYOhP2ZrLKj7W8saVRtXFQT9AjLx+MJ9/4ObFE6e+755VCusRNQVGkMi+BF
qwF1y8GwcE/kIfPVqg4ZywktCsVdHKUhJEPbHk85dGeGwAiLVLsbukoMUym2EXZ9
j9/M09jX5yKd2yKAZqjFf5yHg19xjeHxvWmHLd7rZsZz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org