Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/gyl16swg1aisWTxHl0fgbQPSwz0.roa
File:                     gyl16swg1aisWTxHl0fgbQPSwz0.roa (raw, json)
Hash identifier:          URyIbZge1HBF3c9qBmwDOl930EctqTrIkex8O83yVpE=
Subject key identifier:   83:29:75:EA:CC:20:D5:A8:AC:59:3C:47:97:47:E0:6D:03:D2:C3:3D
Certificate issuer:       /CN=798e0da4f91007b224768acb4d131f12517d2b7a
Certificate serial:       0188D87D839D20E9AF63526374BE8F442C80
Authority key identifier: 79:8E:0D:A4:F9:10:07:B2:24:76:8A:CB:4D:13:1F:12:51:7D:2B:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/gyl16swg1aisWTxHl0fgbQPSwz0.roa
Signing time:             Tue 20 Jun 2023 11:08:04 +0000
ROA not before:           Tue 20 Jun 2023 11:08:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        91.202.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d8:7d:83:9d:20:e9:af:63:52:63:74:be:8f:44:2c:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=798e0da4f91007b224768acb4d131f12517d2b7a
        Validity
            Not Before: Jun 20 11:08:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=832975eacc20d5a8ac593c479747e06d03d2c33d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:7c:7f:a0:ea:4c:a9:26:0e:4b:fa:11:42:72:
                    c0:11:a8:84:11:e6:a7:f6:66:7a:43:b9:15:94:fb:
                    a3:26:26:fd:22:69:46:48:47:77:0f:11:2b:90:ab:
                    41:9f:a3:3f:63:9f:5f:e7:79:44:d2:01:5d:0b:b5:
                    78:dc:1d:d0:c4:d3:aa:e9:61:37:79:2c:97:d5:78:
                    2a:18:0b:62:37:5f:44:fe:92:77:24:ad:f7:86:20:
                    83:db:22:15:4d:78:57:45:7c:01:ad:6d:80:f0:c5:
                    fa:10:ce:0a:23:d5:13:b1:75:e0:71:78:65:5f:be:
                    db:a3:75:d5:9c:99:e6:8c:4f:27:ee:c3:15:db:70:
                    99:4e:75:e2:09:2e:7c:dd:bd:b7:63:a5:43:e3:b1:
                    8d:22:8f:f2:7a:b7:c4:1e:aa:e1:d8:1f:35:7f:33:
                    4f:b8:06:af:ea:6d:15:5b:21:5b:6b:08:4c:88:e1:
                    48:57:df:13:dc:7a:fc:03:91:24:39:8f:05:d5:1d:
                    f3:6c:c0:22:fe:90:c8:c5:70:84:81:d4:f6:5b:75:
                    47:35:63:68:0f:f6:ef:d9:e3:59:32:ea:aa:8e:90:
                    4f:be:ec:84:65:ad:be:c1:ec:ad:0d:e7:63:e2:31:
                    bd:62:28:c5:30:92:bb:de:b9:a0:b8:7e:d3:3b:32:
                    b0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:29:75:EA:CC:20:D5:A8:AC:59:3C:47:97:47:E0:6D:03:D2:C3:3D
            X509v3 Authority Key Identifier:
                keyid:79:8E:0D:A4:F9:10:07:B2:24:76:8A:CB:4D:13:1F:12:51:7D:2B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/gyl16swg1aisWTxHl0fgbQPSwz0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/eY4NpPkQB7IkdorLTRMfElF9K3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:38:21:12:77:6b:66:8c:ed:13:07:cd:98:d4:f5:1b:a7:07:
         55:05:eb:62:cd:61:b9:9d:7c:dd:25:42:ab:21:69:2d:2b:8f:
         94:49:40:05:0a:3f:9e:de:45:1c:95:3f:54:84:24:ad:52:5c:
         4b:29:9c:1d:0a:e7:d8:94:27:00:f9:77:91:f8:6d:85:80:5b:
         01:ca:30:b1:80:ff:e0:af:28:e9:de:21:8e:81:17:fb:75:af:
         3f:d4:27:d6:c4:43:64:a6:67:d3:ad:4a:dc:6c:15:98:62:43:
         c5:da:ad:b3:a8:cd:71:18:81:be:84:dc:81:0b:c4:95:da:cf:
         cf:6d:66:f0:ab:ea:8d:8c:43:70:d1:39:40:43:c7:f9:1a:82:
         04:fd:ac:50:80:6d:80:09:68:b8:2c:eb:17:54:fe:86:3d:0d:
         b0:d6:cc:58:1c:f6:a7:1a:0a:0f:8f:c7:ce:9e:ed:5d:a0:63:
         c4:e0:9d:77:81:3d:d6:ac:49:20:ac:c7:00:37:61:95:a9:be:
         97:90:ca:3b:78:29:fe:de:6f:69:da:35:dd:ac:c6:7d:bc:cb:
         90:d1:ce:67:d9:1f:7b:e4:0b:a9:36:4d:00:d8:1a:0b:bd:a5:
         0c:5a:72:a9:90:f8:d2:ef:64:c1:03:2b:cd:fc:bd:bf:0e:5a:
         f7:78:e4:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjYfYOdIOmvY1JjdL6PRCyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGUwZGE0ZjkxMDA3YjIyNDc2OGFjYjRkMTMxZjEyNTE3
ZDJiN2EwHhcNMjMwNjIwMTEwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI5NzVlYWNjMjBkNWE4YWM1OTNjNDc5NzQ3ZTA2ZDAzZDJjMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHx/oOpMqSYOS/oRQnLAEaiEEean
9mZ6Q7kVlPujJib9ImlGSEd3DxErkKtBn6M/Y59f53lE0gFdC7V43B3QxNOq6WE3
eSyX1XgqGAtiN19E/pJ3JK33hiCD2yIVTXhXRXwBrW2A8MX6EM4KI9UTsXXgcXhl
X77bo3XVnJnmjE8n7sMV23CZTnXiCS583b23Y6VD47GNIo/yerfEHqrh2B81fzNP
uAav6m0VWyFbawhMiOFIV98T3Hr8A5EkOY8F1R3zbMAi/pDIxXCEgdT2W3VHNWNo
D/bv2eNZMuqqjpBPvuyEZa2+weytDedj4jG9YijFMJK73rmguH7TOzKw5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMpderMINWorFk8R5dH4G0D0sM9MB8GA1UdIwQY
MBaAFHmODaT5EAeyJHaKy00THxJRfSt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk0TnBQa1FCN0lrZG9yTFRSTWZFbEY5SzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MDRlNjQtZjk4MS00NWI1LTljYWUt
NGZiNGVmOTFhODJmLzEvZ3lsMTZzd2cxYWlzV1R4SGwwZmdiUVBTd3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MDRlNjQtZjk4MS00NWI1LTljYWUtNGZiNGVmOTFhODJm
LzEvZVk0TnBQa1FCN0lrZG9yTFRSTWZFbEY5SzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8pnMA0G
CSqGSIb3DQEBCwUAA4IBAQCGOCESd2tmjO0TB82Y1PUbpwdVBetizWG5nXzdJUKr
IWktK4+USUAFCj+e3kUclT9UhCStUlxLKZwdCufYlCcA+XeR+G2FgFsByjCxgP/g
ryjp3iGOgRf7da8/1CfWxENkpmfTrUrcbBWYYkPF2q2zqM1xGIG+hNyBC8SV2s/P
bWbwq+qNjENw0TlAQ8f5GoIE/axQgG2ACWi4LOsXVP6GPQ2w1sxYHPanGgoPj8fO
nu1doGPE4J13gT3WrEkgrMcAN2GVqb6XkMo7eCn+3m9p2jXdrMZ9vMuQ0c5n2R97
5AupNk0A2BoLvaUMWnKpkPjS72TBAyvN/L2/Dlr3eOTu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org