Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GTrxp6LI8JEFWR_lK7LD0FqAurU.roa
File:                     GTrxp6LI8JEFWR_lK7LD0FqAurU.roa (raw, json)
Hash identifier:          0E+tUDj8YmxLq5btExdmsNVQvnfdCha7TZA477/PXpA=
Subject key identifier:   19:3A:F1:A7:A2:C8:F0:91:05:59:1F:E5:2B:B2:C3:D0:5A:80:BA:B5
Certificate issuer:       /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial:       0187252FAC027A276AC84E78306B8F459945
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GTrxp6LI8JEFWR_lK7LD0FqAurU.roa
Signing time:             Mon 27 Mar 2023 22:28:13 +0000
ROA not before:           Mon 27 Mar 2023 22:28:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31293
IP address blocks:        185.118.242.0/24 maxlen: 24
                          185.118.241.0/24 maxlen: 24
                          185.118.243.0/24 maxlen: 24
                          194.150.117.0/24 maxlen: 24
                          194.150.116.0/24 maxlen: 24
                          194.150.118.0/24 maxlen: 24
                          194.150.119.0/24 maxlen: 24
                          2a06:9680::/29 maxlen: 48
                          2a06:9682::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 17:34:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:25:2f:ac:02:7a:27:6a:c8:4e:78:30:6b:8f:45:99:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
        Validity
            Not Before: Mar 27 22:28:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=193af1a7a2c8f09105591fe52bb2c3d05a80bab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:32:6b:69:64:2e:16:0e:35:64:0c:c5:2c:5f:
                    40:f1:96:e2:51:57:53:59:98:82:39:6c:23:48:c4:
                    4a:22:2f:cd:3c:d1:06:06:4f:a9:37:96:17:cd:d3:
                    3c:f1:e3:25:86:90:2e:30:da:4d:db:2d:9c:2e:68:
                    2c:e2:d3:70:f9:a9:37:e5:47:85:70:c1:cc:f1:0c:
                    c4:dc:57:1d:43:5f:71:45:5c:3d:b3:83:1d:06:9b:
                    46:e6:b4:f2:98:a9:ee:12:be:5b:2d:33:1c:99:f4:
                    3a:c2:b8:ea:76:f4:f7:aa:dc:b6:8e:21:64:ac:78:
                    9b:0d:f8:a2:dd:17:7a:5d:1e:ab:49:00:38:85:a0:
                    83:86:c4:d2:5f:2c:da:92:da:f4:29:c5:44:fb:25:
                    b9:81:6d:a6:2f:1b:53:39:60:82:b1:87:ed:a0:11:
                    84:f5:44:66:30:7d:b8:6b:05:d2:df:8d:08:89:3e:
                    55:a2:53:4d:e2:b3:87:f3:a0:5f:aa:a1:c5:be:13:
                    b7:a6:83:04:41:18:83:a2:23:51:f3:ae:46:23:19:
                    89:a9:4b:c4:1e:bc:a8:b7:ec:45:c4:a7:8e:d4:52:
                    1c:0f:61:35:70:3a:70:54:05:dc:9d:3b:72:48:32:
                    8f:4f:a7:4c:07:09:8a:dc:f3:52:93:b1:6f:f1:88:
                    c8:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:3A:F1:A7:A2:C8:F0:91:05:59:1F:E5:2B:B2:C3:D0:5A:80:BA:B5
            X509v3 Authority Key Identifier:
                keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GTrxp6LI8JEFWR_lK7LD0FqAurU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.118.241.0-185.118.243.255
                  194.150.116.0/22
                IPv6:
                  2a06:9680::/29

    Signature Algorithm: sha256WithRSAEncryption
         1a:4f:64:d1:af:b6:c0:be:ec:78:cb:68:75:a1:3e:24:b7:9a:
         86:2a:76:f4:65:92:4e:68:30:c9:72:d3:79:15:7f:bd:cc:79:
         9e:b7:c7:cb:de:ed:bd:ed:25:fa:d1:6e:1c:d7:63:f8:d9:5f:
         6e:f1:45:dd:21:8b:4a:87:68:eb:12:2f:99:f8:71:f1:3a:96:
         20:6f:83:40:ee:72:a8:a7:8c:23:e1:55:ca:84:1b:83:a2:40:
         d6:33:f5:d4:02:ae:ae:e7:67:b6:82:2d:9c:84:6a:82:5c:44:
         ed:12:45:29:ca:15:e2:12:46:3e:69:66:f2:67:83:ff:8e:d0:
         5c:ac:ba:3d:38:cc:38:94:91:df:19:53:c0:69:8a:20:02:0c:
         76:c4:2d:4b:ad:cc:57:ad:fd:04:2b:8c:89:b6:d1:6c:e3:03:
         3f:b1:66:9a:3a:b1:36:aa:66:0e:1d:de:33:51:a6:4f:30:3f:
         87:b1:19:79:74:8f:c1:d8:17:2b:aa:70:dc:70:06:e0:4f:40:
         8c:97:f0:24:c1:45:e7:69:85:64:97:72:77:e4:62:c0:fd:95:
         1b:39:f5:59:a0:60:da:b3:8b:99:d7:03:a1:6f:d4:f6:fb:8e:
         40:b5:02:e6:5a:11:d5:be:fa:91:f6:d1:73:e3:39:01:d8:ba:
         9c:1d:59:b5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYclL6wCeidqyE54MGuPRZlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjMwMzI3MjIyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTNhZjFhN2EyYzhmMDkxMDU1OTFmZTUyYmIyYzNkMDVhODBiYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTJraWQuFg41ZAzFLF9A8ZbiUVdT
WZiCOWwjSMRKIi/NPNEGBk+pN5YXzdM88eMlhpAuMNpN2y2cLmgs4tNw+ak35UeF
cMHM8QzE3FcdQ19xRVw9s4MdBptG5rTymKnuEr5bLTMcmfQ6wrjqdvT3qty2jiFk
rHibDfii3Rd6XR6rSQA4haCDhsTSXyzaktr0KcVE+yW5gW2mLxtTOWCCsYftoBGE
9URmMH24awXS340IiT5VolNN4rOH86BfqqHFvhO3poMEQRiDoiNR865GIxmJqUvE
Hryot+xFxKeO1FIcD2E1cDpwVAXcnTtySDKPT6dMBwmK3PNSk7Fv8YjIiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBk68aeiyPCRBVkf5Suyw9BagLq1MB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvR1RyeHA2TEk4SkVGV1JfbEs3TEQwRnFBdXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5dvED
BAK5dvADBALClnQwDQQCAAIwBwMFAyoGloAwDQYJKoZIhvcNAQELBQADggEBABpP
ZNGvtsC+7HjLaHWhPiS3moYqdvRlkk5oMMly03kVf73MeZ63x8ve7b3tJfrRbhzX
Y/jZX27xRd0hi0qHaOsSL5n4cfE6liBvg0DucqinjCPhVcqEG4OiQNYz9dQCrq7n
Z7aCLZyEaoJcRO0SRSnKFeISRj5pZvJng/+O0Fysuj04zDiUkd8ZU8BpiiACDHbE
LUutzFet/QQrjIm20WzjAz+xZpo6sTaqZg4d3jNRpk8wP4exGXl0j8HYFyuqcNxw
BuBPQIyX8CTBRedphWSXcnfkYsD9lRs59VmgYNqzi5nXA6Fv1Pb7jkC1AuZaEdW+
+pH20XPjOQHYupwdWbU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:12 2024 by rpki-client on console-ams.rpki-client.org