Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gkaIREOQnz5YrtWUmwt9c_j9yz8.roa
File:                     gkaIREOQnz5YrtWUmwt9c_j9yz8.roa (raw, json)
Hash identifier:          xLChw2rLcITYaIbS+Y0p7Yxt/wmX1n0ifN3svf5YLaE=
Subject key identifier:   82:46:88:44:43:90:9F:3E:58:AE:D5:94:9B:0B:7D:73:F8:FD:CB:3F
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       01914F81E966F3A7E5E45502D0DE0420800A
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gkaIREOQnz5YrtWUmwt9c_j9yz8.roa
Signing time:             Wed 14 Aug 2024 06:09:59 +0000
ROA not before:           Wed 14 Aug 2024 06:09:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31083
IP address blocks:        5.104.175.0/24 maxlen: 24
                          77.76.14.0/24 maxlen: 24
                          78.128.1.0/24 maxlen: 24
                          78.128.6.0/24 maxlen: 24
                          78.128.7.0/24 maxlen: 24
                          78.128.8.0/24 maxlen: 24
                          78.128.9.0/24 maxlen: 24
                          78.128.42.0/24 maxlen: 24
                          78.128.43.0/24 maxlen: 24
                          78.128.60.0/24 maxlen: 24
                          78.128.62.0/24 maxlen: 24
                          78.128.63.0/24 maxlen: 24
                          78.128.76.0/24 maxlen: 24
                          78.128.77.0/24 maxlen: 24
                          78.128.78.0/24 maxlen: 24
                          78.128.80.0/24 maxlen: 24
                          78.128.81.0/24 maxlen: 24
                          78.128.118.0/24 maxlen: 24
                          78.128.126.0/24 maxlen: 24
                          78.142.6.0/24 maxlen: 24
                          78.142.32.0/24 maxlen: 24
                          78.142.47.0/24 maxlen: 24
                          78.142.51.0/24 maxlen: 24
                          78.142.56.0/24 maxlen: 24
                          78.142.57.0/24 maxlen: 24
                          78.142.58.0/24 maxlen: 24
                          78.142.59.0/24 maxlen: 24
                          78.142.62.0/24 maxlen: 24
                          78.142.63.0/24 maxlen: 24
                          79.124.4.0/24 maxlen: 24
                          79.124.5.0/24 maxlen: 24
                          79.124.6.0/24 maxlen: 24
                          79.124.14.0/24 maxlen: 24
                          79.124.16.0/24 maxlen: 24
                          79.124.17.0/24 maxlen: 24
                          79.124.22.0/24 maxlen: 24
                          79.124.29.0/24 maxlen: 24
                          79.124.31.0/24 maxlen: 24
                          79.124.44.0/24 maxlen: 24
                          79.124.52.0/24 maxlen: 24
                          79.124.63.0/24 maxlen: 24
                          79.124.64.0/24 maxlen: 24
                          79.124.65.0/24 maxlen: 24
                          79.124.66.0/24 maxlen: 24
                          79.124.67.0/24 maxlen: 24
                          79.124.75.0/24 maxlen: 24
                          79.124.76.0/24 maxlen: 24
                          79.124.84.0/24 maxlen: 24
                          79.124.90.0/24 maxlen: 24
                          82.118.229.0/24 maxlen: 24
                          82.118.243.0/24 maxlen: 24
                          91.148.148.0/24 maxlen: 24
                          91.148.167.0/24 maxlen: 24
                          91.148.168.0/24 maxlen: 24
                          94.72.136.0/22 maxlen: 24
                          130.185.225.0/24 maxlen: 24
                          130.185.232.0/24 maxlen: 24
                          178.132.86.0/24 maxlen: 24
                          178.132.87.0/24 maxlen: 24
                          185.197.152.0/22 maxlen: 24
                          185.232.156.0/23 maxlen: 24
                          217.174.146.0/23 maxlen: 24
                          217.174.148.0/23 maxlen: 24
                          217.174.151.0/24 maxlen: 24
                          217.174.152.0/23 maxlen: 24
                          217.174.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Sep 2024 11:45:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:4f:81:e9:66:f3:a7:e5:e4:55:02:d0:de:04:20:80:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Aug 14 06:09:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8246884443909f3e58aed5949b0b7d73f8fdcb3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:11:87:c3:2d:cc:b7:98:dd:6c:59:49:f1:bd:
                    66:2e:cd:e7:cf:e9:30:e6:0e:88:7e:c8:76:bd:12:
                    f8:c5:c7:45:be:9f:f7:f1:b3:44:b8:15:d1:8d:68:
                    8a:97:a0:c5:87:92:b1:d7:dd:aa:8a:01:ba:be:df:
                    20:24:61:10:93:58:cd:79:e9:38:23:96:23:bf:2b:
                    10:81:96:81:f2:02:16:b6:db:40:79:eb:66:f1:b5:
                    8f:46:52:84:9e:58:ef:a4:04:90:a4:ae:8f:71:12:
                    c4:c4:24:4b:fc:4d:6c:68:3e:65:5d:e1:c0:50:39:
                    42:02:08:ab:d8:fc:b6:45:f5:a8:b9:da:9c:dc:c7:
                    4d:c8:86:58:68:7f:ca:d2:c0:b7:71:0c:3b:24:4e:
                    a9:bd:68:ff:2e:e2:43:30:3b:79:c4:22:a3:fc:f6:
                    81:8a:07:be:b2:da:a2:f0:d5:87:10:dc:6a:5c:d9:
                    5a:ff:de:c0:c9:46:8b:f2:d4:28:88:64:ac:22:75:
                    ea:57:bb:1b:5e:62:02:a1:0c:7f:34:0c:7c:7d:e0:
                    4a:3f:f6:5f:40:1f:43:d6:fa:db:0c:e8:23:53:ae:
                    b1:12:c8:4a:67:39:ff:95:61:de:46:4e:5f:e8:73:
                    40:18:e2:49:31:40:ec:9e:0b:09:6a:fc:dc:c5:3d:
                    c1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:46:88:44:43:90:9F:3E:58:AE:D5:94:9B:0B:7D:73:F8:FD:CB:3F
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gkaIREOQnz5YrtWUmwt9c_j9yz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.175.0/24
                  77.76.14.0/24
                  78.128.1.0/24
                  78.128.6.0-78.128.9.255
                  78.128.42.0/23
                  78.128.60.0/24
                  78.128.62.0/23
                  78.128.76.0-78.128.78.255
                  78.128.80.0/23
                  78.128.118.0/24
                  78.128.126.0/24
                  78.142.6.0/24
                  78.142.32.0/24
                  78.142.47.0/24
                  78.142.51.0/24
                  78.142.56.0/22
                  78.142.62.0/23
                  79.124.4.0-79.124.6.255
                  79.124.14.0/24
                  79.124.16.0/23
                  79.124.22.0/24
                  79.124.29.0/24
                  79.124.31.0/24
                  79.124.44.0/24
                  79.124.52.0/24
                  79.124.63.0-79.124.67.255
                  79.124.75.0-79.124.76.255
                  79.124.84.0/24
                  79.124.90.0/24
                  82.118.229.0/24
                  82.118.243.0/24
                  91.148.148.0/24
                  91.148.167.0-91.148.168.255
                  94.72.136.0/22
                  130.185.225.0/24
                  130.185.232.0/24
                  178.132.86.0/23
                  185.197.152.0/22
                  185.232.156.0/23
                  217.174.146.0-217.174.149.255
                  217.174.151.0-217.174.153.255
                  217.174.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:eb:65:0c:3e:dd:c8:15:4e:f4:35:4f:91:4a:9f:d4:d0:62:
         f6:2b:d6:d9:d6:43:6f:66:5f:09:c1:6b:09:c9:b7:69:90:e1:
         9a:99:59:20:89:a7:92:3a:b1:ec:e7:ca:08:2a:f3:f1:8e:83:
         ba:c9:09:08:4e:08:d4:39:cc:9a:fc:ab:e9:9a:17:43:72:1b:
         a4:61:3b:c3:0d:c1:57:c4:40:92:04:ed:3f:09:1d:59:45:92:
         ad:35:42:5a:31:b6:91:e5:0e:74:5f:7c:36:f0:83:09:b2:e9:
         e2:00:0f:92:dc:52:16:aa:55:7f:65:b3:b5:95:27:23:7e:3c:
         5a:5f:08:c0:af:1c:d8:37:ae:ee:61:88:4e:66:f9:af:1e:6c:
         cc:29:2e:aa:91:4f:cb:bc:b7:13:1d:a1:a3:42:dd:53:f3:f5:
         25:4d:97:fe:c2:c6:06:e4:f9:90:02:51:e2:74:18:84:4d:a9:
         b7:11:51:01:2c:e1:fe:a6:d0:3c:77:06:a2:99:09:db:32:0b:
         20:72:bb:c1:7e:47:32:3a:4f:4b:cb:a6:3e:c6:91:a0:50:80:
         33:d8:3e:64:c4:fc:ea:eb:7e:e1:34:20:97:76:a3:ee:ef:29:
         79:4b:94:b2:6a:5f:79:98:a4:aa:54:aa:35:b2:1e:40:a2:53:
         24:a1:10:6c
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAZFPgelm86fl5FUC0N4EIIAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwODE0MDYwOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ2ODg0NDQzOTA5ZjNlNThhZWQ1OTQ5YjBiN2Q3M2Y4ZmRjYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxGHwy3Mt5jdbFlJ8b1mLs3nz+kw
5g6Ifsh2vRL4xcdFvp/38bNEuBXRjWiKl6DFh5Kx192qigG6vt8gJGEQk1jNeek4
I5YjvysQgZaB8gIWtttAeetm8bWPRlKEnljvpASQpK6PcRLExCRL/E1saD5lXeHA
UDlCAgir2Py2RfWoudqc3MdNyIZYaH/K0sC3cQw7JE6pvWj/LuJDMDt5xCKj/PaB
ige+stqi8NWHENxqXNla/97AyUaL8tQoiGSsInXqV7sbXmICoQx/NAx8feBKP/Zf
QB9D1vrbDOgjU66xEshKZzn/lWHeRk5f6HNAGOJJMUDsngsJavzcxT3BsQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFIJGiERDkJ8+WK7VlJsLfXP4/cs/MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ2thSVJFT1FuejVZcnRXVW13dDljX2o5eXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAAVorwMEAE1MDgMEAE6AATAMAwQBToAGAwQBToAIAwQBToAqAwQAToA8AwQB
ToA+MAwDBAJOgEwDBABOgE4DBAFOgFADBABOgHYDBABOgH4DBABOjgYDBABOjiAD
BABOji8DBABOjjMDBAJOjjgDBAFOjj4wDAMEAk98BAMEAE98BgMEAE98DgMEAU98
EAMEAE98FgMEAE98HQMEAE98HwMEAE98LAMEAE98NDAMAwQAT3w/AwQCT3xAMAwD
BABPfEsDBABPfEwDBABPfFQDBABPfFoDBABSduUDBABSdvMDBABblJQwDAMEAFuU
pwMEAFuUqAMEAl5IiAMEAIK54QMEAIK56AMEAbKEVgMEArnFmAMEAbnonDAMAwQB
2a6SAwQB2a6UMAwDBADZrpcDBAHZrpgDBADZrpswDQYJKoZIhvcNAQELBQADggEB
AKnrZQw+3cgVTvQ1T5FKn9TQYvYr1tnWQ29mXwnBawnJt2mQ4ZqZWSCJp5I6sezn
yggq8/GOg7rJCQhOCNQ5zJr8q+maF0NyG6RhO8MNwVfEQJIE7T8JHVlFkq01Qlox
tpHlDnRffDbwgwmy6eIAD5LcUhaqVX9ls7WVJyN+PFpfCMCvHNg3ru5hiE5m+a8e
bMwpLqqRT8u8txMdoaNC3VPz9SVNl/7Cxgbk+ZACUeJ0GIRNqbcRUQEs4f6m0Dx3
BqKZCdsyCyByu8F+RzI6T0vLpj7GkaBQgDPYPmTE/OrrfuE0IJd2o+7vKXlLlLJq
X3mYpKpUqjWyHkCiUyShEGw=
-----END CERTIFICATE-----
Generated at Tue Sep 17 15:54:05 2024 by rpki-client on console-fra.rpki-client.org