Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/wNTC_qRE6dw2dtLQ5b64UrPIqCk.roa
File:                     wNTC_qRE6dw2dtLQ5b64UrPIqCk.roa (raw, json)
Hash identifier:          0gq6mi8iTpkBV4wz+GW7tUeYyv1x5fhBbrYbsa90ooM=
Subject key identifier:   C0:D4:C2:FE:A4:44:E9:DC:36:76:D2:D0:E5:BE:B8:52:B3:C8:A8:29
Certificate issuer:       /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial:       018C6C19994AEC73A0DB3D417FF767CAFF90
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/wNTC_qRE6dw2dtLQ5b64UrPIqCk.roa
Signing time:             Fri 15 Dec 2023 06:11:06 +0000
ROA not before:           Fri 15 Dec 2023 06:11:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24877
IP address blocks:        213.164.112.0/22 maxlen: 22
                          88.223.100.0/22 maxlen: 22
                          84.55.0.0/19 maxlen: 19
                          84.55.0.0/20 maxlen: 20
                          84.55.16.0/21 maxlen: 21
                          84.55.24.0/21 maxlen: 21
                          88.223.132.0/22 maxlen: 22
                          88.223.139.0/24 maxlen: 24
                          88.223.136.0/23 maxlen: 23
                          88.223.136.0/24 maxlen: 24
                          88.223.140.0/22 maxlen: 22
                          88.223.64.0/21 maxlen: 21
                          88.223.64.0/20 maxlen: 20
                          88.223.72.0/21 maxlen: 21
                          84.55.44.0/23 maxlen: 23
                          84.55.40.0/22 maxlen: 22
                          84.55.40.0/21 maxlen: 21
                          84.55.38.0/23 maxlen: 23
                          88.223.156.0/22 maxlen: 22
                          84.55.46.0/23 maxlen: 23
                          88.222.0.0/17 maxlen: 17
                          88.222.128.0/18 maxlen: 18
                          217.147.42.0/23 maxlen: 23
                          217.147.39.0/24 maxlen: 24
                          88.222.248.0/22 maxlen: 22
                          88.222.192.0/20 maxlen: 20
                          88.222.216.0/24 maxlen: 24
                          88.222.224.0/20 maxlen: 20
                          217.147.32.0/23 maxlen: 23
                          217.147.33.0/24 maxlen: 24
                          217.147.32.0/24 maxlen: 24
                          2a01:7c80:8000::/33 maxlen: 33

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6c:19:99:4a:ec:73:a0:db:3d:41:7f:f7:67:ca:ff:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
        Validity
            Not Before: Dec 15 06:11:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c0d4c2fea444e9dc3676d2d0e5beb852b3c8a829
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:34:cc:8b:d3:b9:7c:36:0d:d2:76:8a:5e:2c:
                    ee:11:b9:11:5b:55:76:d7:98:5e:49:01:bb:07:c0:
                    47:4e:6e:5b:57:4b:bd:df:a5:ed:71:8e:0e:d6:38:
                    c1:e6:f0:3f:35:b1:93:dc:b8:46:67:7a:a9:69:c6:
                    8c:0e:7f:70:ff:40:90:f6:a4:75:e4:ae:c4:be:9d:
                    21:3f:ef:f6:11:14:4e:18:a7:36:c1:bb:2e:b1:d0:
                    ea:71:5d:1d:f6:9a:59:03:d5:32:21:33:4f:46:81:
                    83:a4:54:0d:33:92:f6:90:c8:a3:88:64:14:46:ec:
                    ab:c8:f3:63:fe:7f:65:61:33:db:d8:ac:da:7f:b0:
                    d7:ab:5c:39:ae:00:bb:51:c5:98:94:1e:78:60:42:
                    e4:fb:e8:18:b5:2e:ee:fe:3e:ff:61:dc:0f:72:a8:
                    b0:8f:52:84:c0:95:14:ff:a3:21:dd:cf:4b:2b:e6:
                    9d:25:bc:a1:1a:d6:77:be:49:75:95:a9:b3:2a:5e:
                    8e:16:d8:96:8f:f8:a3:08:22:f5:72:ca:65:f6:6b:
                    53:62:b1:33:ba:d0:a3:44:06:c1:9d:56:b5:84:c8:
                    45:68:41:c5:38:a3:3f:c9:17:0f:70:b7:0c:82:81:
                    2b:58:89:b0:74:05:6b:da:bf:91:fb:83:95:7b:23:
                    89:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:D4:C2:FE:A4:44:E9:DC:36:76:D2:D0:E5:BE:B8:52:B3:C8:A8:29
            X509v3 Authority Key Identifier:
                keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/wNTC_qRE6dw2dtLQ5b64UrPIqCk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.55.0.0/19
                  84.55.38.0-84.55.47.255
                  88.222.0.0-88.222.207.255
                  88.222.216.0/24
                  88.222.224.0/20
                  88.222.248.0/22
                  88.223.64.0/20
                  88.223.100.0/22
                  88.223.132.0-88.223.137.255
                  88.223.139.0-88.223.143.255
                  88.223.156.0/22
                  213.164.112.0/22
                  217.147.32.0/23
                  217.147.39.0/24
                  217.147.42.0/23
                IPv6:
                  2a01:7c80:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         6b:5b:a6:6e:e6:15:6c:65:fe:b9:58:d6:91:b5:1b:2b:b0:9a:
         b2:0c:fd:3a:21:46:4f:b8:4e:8c:65:19:32:ea:58:44:d1:bd:
         7c:5a:38:f4:02:30:44:0e:25:73:7e:44:45:4a:00:52:65:43:
         c0:37:06:51:2d:eb:43:fe:6c:e0:27:0b:1c:28:5b:65:d9:d7:
         db:1b:9f:62:56:4c:88:14:4e:83:17:fe:a6:d7:43:14:38:bf:
         d0:b7:2c:e4:ea:28:8b:69:71:00:31:b8:0d:a0:c7:b9:76:d9:
         60:f6:9a:e9:6d:06:bf:0e:aa:cf:11:9d:3e:36:c1:41:6d:da:
         79:9d:c7:48:30:9f:3e:30:c6:63:47:53:24:30:b3:9d:0a:c9:
         aa:4a:6f:8b:d9:a0:76:e9:ac:51:e1:f7:fb:07:53:b4:98:1d:
         d4:e3:b4:76:d1:8b:2e:c8:67:74:97:4f:93:67:b3:69:da:74:
         77:d0:e6:70:6e:7f:43:7a:7a:e0:aa:8d:0c:e0:6f:7d:d6:30:
         f1:c9:20:00:3e:65:6a:28:1e:17:07:e0:fa:14:21:d6:9e:83:
         b4:98:98:be:14:bb:94:0e:0f:56:55:9e:0f:75:33:30:a0:91:
         d3:23:87:fc:16:f0:d6:74:70:13:c9:95:e9:ce:06:de:89:b1:
         d1:99:ec:d9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYxsGZlK7HOg2z1Bf/dnyv+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjMxMjE1MDYxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ0YzJmZWE0NDRlOWRjMzY3NmQyZDBlNWJlYjg1MmIzYzhhODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TTMi9O5fDYN0naKXizuEbkRW1V2
15heSQG7B8BHTm5bV0u936XtcY4O1jjB5vA/NbGT3LhGZ3qpacaMDn9w/0CQ9qR1
5K7Evp0hP+/2ERROGKc2wbsusdDqcV0d9ppZA9UyITNPRoGDpFQNM5L2kMijiGQU
RuyryPNj/n9lYTPb2Kzaf7DXq1w5rgC7UcWYlB54YELk++gYtS7u/j7/YdwPcqiw
j1KEwJUU/6Mh3c9LK+adJbyhGtZ3vkl1lamzKl6OFtiWj/ijCCL1cspl9mtTYrEz
utCjRAbBnVa1hMhFaEHFOKM/yRcPcLcMgoErWImwdAVr2r+R+4OVeyOJ6QIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFMDUwv6kROncNnbS0OW+uFKzyKgpMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvd05UQ19xUkU2ZHcyZHRMUTViNjRVclBJcUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB/BAIAATB5AwQFVDcA
MAwDBAFUNyYDBARUNyAwCwMDAVjeAwQEWN7AAwQAWN7YAwQEWN7gAwQCWN74AwQE
WN9AAwQCWN9kMAwDBAJY34QDBAFY34gwDAMEAFjfiwMEBFjfgAMEAljfnAMEAtWk
cAMEAdmTIAMEANmTJwMEAdmTKjAOBAIAAjAIAwYHKgF8gIAwDQYJKoZIhvcNAQEL
BQADggEBAGtbpm7mFWxl/rlY1pG1GyuwmrIM/TohRk+4ToxlGTLqWETRvXxaOPQC
MEQOJXN+REVKAFJlQ8A3BlEt60P+bOAnCxwoW2XZ19sbn2JWTIgUToMX/qbXQxQ4
v9C3LOTqKItpcQAxuA2gx7l22WD2multBr8Oqs8RnT42wUFt2nmdx0gwnz4wxmNH
UyQws50KyapKb4vZoHbprFHh9/sHU7SYHdTjtHbRiy7IZ3SXT5Nns2nadHfQ5nBu
f0N6euCqjQzgb33WMPHJIAA+ZWooHhcH4PoUIdaeg7SYmL4Uu5QOD1ZVng91MzCg
kdMjh/wW8NZ0cBPJlenOBt6JsdGZ7Nk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org