Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GsKlqXg28BgpJqXPCeozSWifNj0.roa
File:                     GsKlqXg28BgpJqXPCeozSWifNj0.roa (raw, json)
Hash identifier:          BXhL0rNKhLaNFPKD/Fr28Pe1kR6K99IKG46InYOB+Nc=
Subject key identifier:   1A:C2:A5:A9:78:36:F0:18:29:26:A5:CF:09:EA:33:49:68:9F:36:3D
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018CC3B6BC60589B446C66A74B2AC7A573ED
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GsKlqXg28BgpJqXPCeozSWifNj0.roa
Signing time:             Mon 01 Jan 2024 06:29:42 +0000
ROA not before:           Mon 01 Jan 2024 06:29:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58061
IP address blocks:        88.209.199.0/24 maxlen: 24
                          88.209.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 12:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:bc:60:58:9b:44:6c:66:a7:4b:2a:c7:a5:73:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jan  1 06:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1ac2a5a97836f0182926a5cf09ea3349689f363d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:e2:0f:27:09:6a:c1:d6:91:9f:fe:33:e6:a2:
                    79:fc:14:7e:b3:8c:4b:ab:e2:4f:c7:3e:38:62:7b:
                    f1:ef:57:ad:4f:5d:92:17:a1:dc:79:40:98:a2:38:
                    ad:c1:96:be:6e:9e:7a:52:2a:45:77:74:ab:b6:18:
                    6f:29:44:d2:52:71:bf:ad:2b:97:48:b5:61:ba:07:
                    9c:fd:86:f2:27:9e:eb:15:88:3c:0c:54:f1:c9:1e:
                    03:61:d0:6d:98:06:38:31:e2:8b:90:fb:ec:a7:9b:
                    e5:a6:51:01:a7:3e:6d:cd:46:ba:9b:5f:24:d6:85:
                    a6:88:f7:73:72:34:f7:e8:cb:59:f9:32:e9:3d:9a:
                    a9:92:b4:80:e1:d4:6f:b4:d9:bd:0f:22:59:86:fc:
                    14:f3:56:7f:9e:5e:e3:dd:2c:99:65:1c:9d:4c:87:
                    cc:46:b9:ff:8d:71:c3:f6:96:07:c8:09:6d:c8:22:
                    61:a4:c9:2e:0c:52:f2:23:7e:64:ce:37:6d:df:18:
                    2f:b6:57:c4:10:1c:d5:5f:61:0b:56:03:a9:ad:80:
                    90:a1:37:bf:08:98:ba:c6:b2:4f:4f:16:19:1b:6c:
                    78:19:6b:e2:f1:22:2a:fa:8d:3b:0f:2a:f2:12:ce:
                    e6:99:52:55:62:e6:59:41:74:f9:e1:0a:d2:01:20:
                    91:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:C2:A5:A9:78:36:F0:18:29:26:A5:CF:09:EA:33:49:68:9F:36:3D
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GsKlqXg28BgpJqXPCeozSWifNj0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         af:ea:9b:c0:a9:b8:a3:86:44:cf:98:30:3b:f8:f7:2b:f3:e2:
         71:f8:09:cd:b5:a1:0a:2a:2e:54:5b:f9:da:1b:9f:2d:27:6a:
         45:a5:9d:63:a0:fe:55:c8:e3:32:e5:fc:1a:69:2f:cf:a3:b6:
         62:e8:11:ff:d1:eb:23:78:8a:f8:00:be:1f:6a:11:78:a9:57:
         fd:61:d9:24:04:c5:fe:5b:f0:94:06:6b:fe:e3:f7:3d:3b:92:
         87:d4:98:a6:5d:10:5a:c5:c0:26:f3:35:30:fb:24:99:4e:17:
         4e:12:4f:8c:58:38:32:1c:26:8d:b7:4c:51:86:52:78:d7:0b:
         d8:3f:b0:83:92:ca:37:a0:8b:b5:5b:03:ec:24:f7:f0:a4:a0:
         bf:cb:87:f4:6c:6b:57:f1:4b:aa:9d:c3:b9:4b:8a:85:40:7c:
         00:14:fe:ef:c0:6d:a4:de:14:4d:f9:68:cf:fc:41:a7:56:19:
         ff:58:3d:f8:b3:8a:9e:f8:3c:cb:f0:6b:cd:c1:90:1c:ff:8e:
         bc:6b:d3:60:56:39:af:43:fc:6f:be:3b:c6:eb:f1:0d:76:60:
         d3:0c:ce:7d:7b:1a:bd:78:b4:aa:e5:44:72:a2:df:86:8f:5b:
         21:dd:46:a0:f4:22:12:bc:36:41:41:28:9d:26:d1:1a:36:e3:
         6c:74:9a:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtrxgWJtEbGanSyrHpXPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWMyYTVhOTc4MzZmMDE4MjkyNmE1Y2YwOWVhMzM0OTY4OWYzNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguIPJwlqwdaRn/4z5qJ5/BR+s4xL
q+JPxz44Ynvx71etT12SF6HceUCYojitwZa+bp56UipFd3SrthhvKUTSUnG/rSuX
SLVhugec/YbyJ57rFYg8DFTxyR4DYdBtmAY4MeKLkPvsp5vlplEBpz5tzUa6m18k
1oWmiPdzcjT36MtZ+TLpPZqpkrSA4dRvtNm9DyJZhvwU81Z/nl7j3SyZZRydTIfM
Rrn/jXHD9pYHyAltyCJhpMkuDFLyI35kzjdt3xgvtlfEEBzVX2ELVgOprYCQoTe/
CJi6xrJPTxYZG2x4GWvi8SIq+o07DyryEs7mmVJVYuZZQXT54QrSASCRtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrCpal4NvAYKSalzwnqM0lonzY9MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvR3NLbHFYZzI4QmdwSnFYUENlb3pTV2lmTmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNHGMA0G
CSqGSIb3DQEBCwUAA4IBAQCv6pvAqbijhkTPmDA7+Pcr8+Jx+AnNtaEKKi5UW/na
G58tJ2pFpZ1joP5VyOMy5fwaaS/Po7Zi6BH/0esjeIr4AL4fahF4qVf9YdkkBMX+
W/CUBmv+4/c9O5KH1JimXRBaxcAm8zUw+ySZThdOEk+MWDgyHCaNt0xRhlJ41wvY
P7CDkso3oIu1WwPsJPfwpKC/y4f0bGtX8UuqncO5S4qFQHwAFP7vwG2k3hRN+WjP
/EGnVhn/WD34s4qe+DzL8GvNwZAc/468a9NgVjmvQ/xvvjvG6/ENdmDTDM59exq9
eLSq5URyot+Gj1sh3Uag9CISvDZBQSidJtEaNuNsdJqB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org