Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/gaOngtqmB_kN4REzJSYcBLLim2o.roa
File:                     gaOngtqmB_kN4REzJSYcBLLim2o.roa (raw, json)
Hash identifier:          eZLXvQ4PJM5ONj2Uio5g6a9x+Z/2AoQtWkNx64srifw=
Subject key identifier:   81:A3:A7:82:DA:A6:07:F9:0D:E1:11:33:25:26:1C:04:B2:E2:9B:6A
Certificate issuer:       /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial:       0189FDA919C1D18B411C5CF5643D5B9AA63A
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/gaOngtqmB_kN4REzJSYcBLLim2o.roa
Signing time:             Wed 16 Aug 2023 09:24:25 +0000
ROA not before:           Wed 16 Aug 2023 09:24:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     133499
IP address blocks:        92.118.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:fd:a9:19:c1:d1:8b:41:1c:5c:f5:64:3d:5b:9a:a6:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
        Validity
            Not Before: Aug 16 09:24:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81a3a782daa607f90de1113325261c04b2e29b6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:59:49:fb:b4:e8:7a:5c:e8:6e:ca:d2:12:66:
                    da:cb:ad:c6:ca:1f:78:57:03:30:de:54:61:85:15:
                    7a:79:33:89:1d:ac:6d:2c:2d:3e:c8:80:5b:1e:9b:
                    e2:b6:f6:28:ba:49:b4:18:84:b0:6e:fb:a0:e5:7c:
                    a3:59:cb:3a:1d:8b:f6:fb:d8:59:22:be:96:53:3d:
                    53:f9:b1:bc:97:e2:b7:4b:f7:ad:54:69:61:b6:c3:
                    27:fb:81:33:71:f8:0d:2e:a0:07:92:dc:24:56:87:
                    d8:64:36:09:0c:f2:c5:51:b2:74:1d:af:a4:94:99:
                    23:d4:fd:53:24:0a:22:21:a7:67:9e:87:6c:41:ac:
                    10:ff:3e:30:3e:58:62:35:0f:04:5f:b3:92:f3:71:
                    68:9f:d9:d7:5e:01:85:28:9d:3d:6e:ae:ef:ce:f8:
                    f2:6f:5d:e0:54:79:ed:6c:e6:b0:a3:c3:58:d7:ee:
                    2b:c6:7d:fb:a8:36:bd:3b:c9:72:e1:b8:48:10:89:
                    38:e8:cb:22:aa:f8:38:13:1e:cb:04:93:0c:3f:dc:
                    e0:dd:c1:25:fa:86:17:16:1e:92:aa:ac:50:79:f9:
                    a8:81:f2:cf:ea:d2:f0:c8:5e:3e:48:26:1b:c9:62:
                    6f:6a:15:f1:51:af:99:98:59:d3:6b:23:ba:de:79:
                    c5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A3:A7:82:DA:A6:07:F9:0D:E1:11:33:25:26:1C:04:B2:E2:9B:6A
            X509v3 Authority Key Identifier:
                keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/gaOngtqmB_kN4REzJSYcBLLim2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.118.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:ff:a6:07:0a:4e:61:cf:e1:a5:7b:89:43:a4:9f:76:ab:54:
         03:b3:70:25:3b:00:91:72:28:03:5f:a2:11:66:1a:93:bf:ea:
         e5:7a:74:d8:04:0b:c0:a9:2c:0f:c2:92:43:1e:8e:4a:17:38:
         19:b5:8d:9a:95:03:09:4e:6c:95:88:7f:a9:72:4f:ef:55:3b:
         f4:d9:f1:53:b0:79:59:d5:e8:2b:3d:58:c0:bf:e1:20:f7:1a:
         8e:42:b9:ef:ba:bc:5c:ae:b2:88:c3:c2:b8:b9:a4:9d:79:c3:
         62:a4:ff:03:5f:8b:c1:27:fd:6d:4f:ea:18:2b:be:70:6b:52:
         9d:43:a1:2d:c4:af:ee:d4:1b:b2:df:0f:d6:8d:00:f7:5e:bc:
         28:ae:7f:9c:73:07:f9:a7:b7:69:d7:f4:59:a4:17:9a:6e:0f:
         ad:bc:83:8c:3b:10:24:da:a9:4a:ac:02:1a:5b:9a:8a:44:43:
         2c:0d:c9:8a:52:d9:78:94:db:95:14:19:99:81:a3:d7:7c:59:
         dd:59:2a:76:70:0a:d6:7e:7b:68:84:e1:d4:ff:3a:45:48:2e:
         10:50:99:96:5f:71:7f:61:ef:e6:2f:ee:dd:41:d4:60:ae:0b:
         34:50:28:38:31:31:68:93:c8:50:d9:ce:29:ef:02:56:32:20:
         07:7e:9a:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn9qRnB0YtBHFz1ZD1bmqY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjMwODE2MDkyNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWEzYTc4MmRhYTYwN2Y5MGRlMTExMzMyNTI2MWMwNGIyZTI5YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1lJ+7ToelzobsrSEmbay63Gyh94
VwMw3lRhhRV6eTOJHaxtLC0+yIBbHpvitvYoukm0GISwbvug5XyjWcs6HYv2+9hZ
Ir6WUz1T+bG8l+K3S/etVGlhtsMn+4EzcfgNLqAHktwkVofYZDYJDPLFUbJ0Ha+k
lJkj1P1TJAoiIadnnodsQawQ/z4wPlhiNQ8EX7OS83Fon9nXXgGFKJ09bq7vzvjy
b13gVHntbOawo8NY1+4rxn37qDa9O8ly4bhIEIk46Msiqvg4Ex7LBJMMP9zg3cEl
+oYXFh6SqqxQefmogfLP6tLwyF4+SCYbyWJvahXxUa+ZmFnTayO63nnF3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGjp4Lapgf5DeERMyUmHASy4ptqMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvZ2FPbmd0cW1CX2tONFJFekpTWWNCTExpbTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHZEMA0G
CSqGSIb3DQEBCwUAA4IBAQCV/6YHCk5hz+Gle4lDpJ92q1QDs3AlOwCRcigDX6IR
ZhqTv+rlenTYBAvAqSwPwpJDHo5KFzgZtY2alQMJTmyViH+pck/vVTv02fFTsHlZ
1egrPVjAv+Eg9xqOQrnvurxcrrKIw8K4uaSdecNipP8DX4vBJ/1tT+oYK75wa1Kd
Q6EtxK/u1Buy3w/WjQD3Xrworn+ccwf5p7dp1/RZpBeabg+tvIOMOxAk2qlKrAIa
W5qKREMsDcmKUtl4lNuVFBmZgaPXfFndWSp2cArWfntohOHU/zpFSC4QUJmWX3F/
Ye/mL+7dQdRgrgs0UCg4MTFok8hQ2c4p7wJWMiAHfprx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:15 2024 by rpki-client on console-ams.rpki-client.org