Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/GdjyiV34l9u1XPvZym6d662cic8.roa
File:                     GdjyiV34l9u1XPvZym6d662cic8.roa (raw, json)
Hash identifier:          VetpUFGzhnIieIahEoTpYpwuJPwmA4Mbr01k60zQHIE=
Subject key identifier:   19:D8:F2:89:5D:F8:97:DB:B5:5C:FB:D9:CA:6E:9D:EB:AD:9C:89:CF
Certificate issuer:       /CN=b8d23b1e6c07e62af2d2e7eb6de0893b09119abb
Certificate serial:       01856E8B5F91BF68C3CC3B9D68C4C701657E
Authority key identifier: B8:D2:3B:1E:6C:07:E6:2A:F2:D2:E7:EB:6D:E0:89:3B:09:11:9A:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uNI7HmwH5iry0ufrbeCJOwkRmrs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/GdjyiV34l9u1XPvZym6d662cic8.roa
Signing time:             Sun 01 Jan 2023 18:15:05 +0000
ROA not before:           Sun 01 Jan 2023 18:15:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204141
IP address blocks:        185.140.0.0/22 maxlen: 22
                          82.211.192.0/19 maxlen: 19
                          2a03:19c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:5f:91:bf:68:c3:cc:3b:9d:68:c4:c7:01:65:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8d23b1e6c07e62af2d2e7eb6de0893b09119abb
        Validity
            Not Before: Jan  1 18:15:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19d8f2895df897dbb55cfbd9ca6e9debad9c89cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:64:81:37:38:2c:0f:0b:6b:e7:9b:29:89:4a:
                    45:0f:e9:2f:aa:93:2c:b0:cb:65:dd:d5:30:64:53:
                    05:12:5c:ef:f3:22:23:ac:aa:7b:f2:91:1d:12:99:
                    36:b6:a9:09:27:06:1e:20:3b:b6:91:f6:ff:3a:fe:
                    6a:a2:76:38:29:d2:2a:6d:08:18:3f:68:cb:9d:63:
                    d6:0b:b7:b6:7c:f7:1c:f3:37:f5:7c:bf:b9:41:99:
                    3e:72:78:2a:be:e0:2a:1d:f6:cb:c9:7f:35:0d:5b:
                    ba:6b:f1:14:ab:f1:85:a0:11:0b:a9:86:5d:25:ab:
                    0b:97:4a:63:36:48:d4:e0:29:56:9c:9a:1f:b2:11:
                    48:fc:49:5d:c5:ea:6e:f9:94:ec:ad:3f:e9:95:03:
                    83:f7:8e:a9:f4:27:f8:78:6d:d3:6c:fc:81:0f:3e:
                    f0:63:a1:53:f7:42:c6:53:dd:bb:86:3d:f5:26:fd:
                    ec:51:67:6f:28:07:a8:9f:09:df:79:c2:ee:53:d5:
                    84:e5:e7:d8:9b:db:aa:29:d4:e8:cc:9b:ad:2f:98:
                    fe:1c:9f:21:31:2a:1f:b4:cb:89:6a:02:a9:ce:4c:
                    da:94:c7:e0:3f:0a:1d:bf:0d:6d:14:8c:75:bc:2f:
                    bb:c9:75:fb:33:88:83:81:ba:ed:66:f1:88:60:f1:
                    16:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:D8:F2:89:5D:F8:97:DB:B5:5C:FB:D9:CA:6E:9D:EB:AD:9C:89:CF
            X509v3 Authority Key Identifier:
                keyid:B8:D2:3B:1E:6C:07:E6:2A:F2:D2:E7:EB:6D:E0:89:3B:09:11:9A:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNI7HmwH5iry0ufrbeCJOwkRmrs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/GdjyiV34l9u1XPvZym6d662cic8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/uNI7HmwH5iry0ufrbeCJOwkRmrs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.211.192.0/19
                  185.140.0.0/22
                IPv6:
                  2a03:19c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:f8:5d:8b:fb:00:fa:d0:a1:f1:84:17:aa:61:e8:ec:8b:f3:
         47:0e:e8:13:94:79:d3:ad:75:91:52:3b:66:37:92:87:ba:de:
         37:5d:a2:54:9d:44:54:42:a1:82:a1:68:e7:62:a4:7b:7b:b4:
         6f:fd:ef:af:8c:5d:b1:58:3b:b4:1a:93:6c:a5:cc:5a:71:96:
         5e:c0:26:3d:4b:91:c2:21:f7:a7:60:50:3d:fc:2c:74:c5:29:
         97:ae:65:74:dd:9c:81:2b:b3:10:39:1e:09:2e:15:38:c0:31:
         31:1d:c1:c1:09:66:14:a4:8d:0d:89:17:2f:aa:20:5a:d0:26:
         d3:10:4a:0d:a9:9f:6b:c9:8c:d0:47:39:47:92:f3:be:aa:e4:
         a8:86:ef:4c:cc:ed:41:81:ca:22:87:4f:d1:4f:eb:4d:e2:9c:
         de:fc:65:fe:3c:30:f7:92:1a:e2:85:23:08:a7:bf:d4:2a:e2:
         fc:77:d4:01:5e:8b:69:e1:ed:33:62:27:07:1d:10:49:cd:e2:
         f8:6d:8b:14:dc:da:96:bd:6d:eb:19:3a:f7:ab:96:b1:78:40:
         eb:f7:d7:0b:a3:0d:d7:42:b2:77:12:1a:44:ed:01:95:29:71:
         e1:82:2d:23:a3:b4:ec:91:f6:f8:7b:c4:0e:30:94:5c:37:93:
         9e:7c:64:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVui1+Rv2jDzDudaMTHAWV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDIzYjFlNmMwN2U2MmFmMmQyZTdlYjZkZTA4OTNiMDkx
MTlhYmIwHhcNMjMwMTAxMTgxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ4ZjI4OTVkZjg5N2RiYjU1Y2ZiZDljYTZlOWRlYmFkOWM4OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmSBNzgsDwtr55spiUpFD+kvqpMs
sMtl3dUwZFMFElzv8yIjrKp78pEdEpk2tqkJJwYeIDu2kfb/Ov5qonY4KdIqbQgY
P2jLnWPWC7e2fPcc8zf1fL+5QZk+cngqvuAqHfbLyX81DVu6a/EUq/GFoBELqYZd
JasLl0pjNkjU4ClWnJofshFI/Eldxepu+ZTsrT/plQOD946p9Cf4eG3TbPyBDz7w
Y6FT90LGU927hj31Jv3sUWdvKAeonwnfecLuU9WE5efYm9uqKdTozJutL5j+HJ8h
MSoftMuJagKpzkzalMfgPwodvw1tFIx1vC+7yXX7M4iDgbrtZvGIYPEWTQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBnY8old+JfbtVz72cpuneutnInPMB8GA1UdIwQY
MBaAFLjSOx5sB+Yq8tLn623giTsJEZq7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5JN0htd0g1aXJ5MHVmcmJlQ0pPd2tSbXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9iNzRhYTItMjVlMC00YWQ1LThjYzMt
NjkwNjFlZjJjNDk5LzEvR2RqeWlWMzRsOXUxWFB2WnltNmQ2NjJjaWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9iNzRhYTItMjVlMC00YWQ1LThjYzMtNjkwNjFlZjJjNDk5
LzEvdU5JN0htd0g1aXJ5MHVmcmJlQ0pPd2tSbXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUtPAAwQC
uYwAMA0EAgACMAcDBQAqAxnAMA0GCSqGSIb3DQEBCwUAA4IBAQBV+F2L+wD60KHx
hBeqYejsi/NHDugTlHnTrXWRUjtmN5KHut43XaJUnURUQqGCoWjnYqR7e7Rv/e+v
jF2xWDu0GpNspcxacZZewCY9S5HCIfenYFA9/Cx0xSmXrmV03ZyBK7MQOR4JLhU4
wDExHcHBCWYUpI0NiRcvqiBa0CbTEEoNqZ9ryYzQRzlHkvO+quSohu9MzO1Bgcoi
h0/RT+tN4pze/GX+PDD3khrihSMIp7/UKuL8d9QBXotp4e0zYicHHRBJzeL4bYsU
3NqWvW3rGTr3q5axeEDr99cLow3XQrJ3EhpE7QGVKXHhgi0jo7Tskfb4e8QOMJRc
N5OefGRu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:10 2024 by rpki-client on console-ams.rpki-client.org