Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WBfPi9oETGPdEDS4hOcMAvyg0I4.roa
File:                     WBfPi9oETGPdEDS4hOcMAvyg0I4.roa (raw, json)
Hash identifier:          HFnlKi8hfIMBhL0Nu8sx+pRP4UsiNQbRxvKRgHkQKz4=
Subject key identifier:   58:17:CF:8B:DA:04:4C:63:DD:10:34:B8:84:E7:0C:02:FC:A0:D0:8E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CF9518EB7EE605366614DE46581D9925F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WBfPi9oETGPdEDS4hOcMAvyg0I4.roa
Signing time:             Thu 11 Jan 2024 16:18:40 +0000
ROA not before:           Thu 11 Jan 2024 16:18:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        212.193.13.0/24 maxlen: 24
                          62.76.227.0/24 maxlen: 24
                          212.193.25.0/24 maxlen: 24
                          194.87.26.0/24 maxlen: 24
                          193.124.47.0/24 maxlen: 24
                          212.192.214.0/24 maxlen: 24
                          212.192.222.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.63.0/24 maxlen: 24
                          194.58.66.0/24 maxlen: 24
                          194.87.128.0/24 maxlen: 24
                          195.133.2.0/24 maxlen: 24
                          185.72.10.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          193.124.95.0/24 maxlen: 24
                          194.87.81.0/24 maxlen: 24
                          195.133.74.0/24 maxlen: 24
                          195.133.84.0/24 maxlen: 24
                          194.87.224.0/24 maxlen: 24
                          194.87.231.0/24 maxlen: 24
                          194.87.229.0/24 maxlen: 24
                          194.135.33.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          195.133.27.0/24 maxlen: 24
                          195.133.25.0/24 maxlen: 24
                          192.124.183.0/24 maxlen: 24
                          194.87.170.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          193.124.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Jan 2024 08:42:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f9:51:8e:b7:ee:60:53:66:61:4d:e4:65:81:d9:92:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 11 16:18:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5817cf8bda044c63dd1034b884e70c02fca0d08e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:64:78:40:d2:6c:cc:d6:5e:d2:b9:8c:d3:ba:
                    5f:75:88:7e:2d:56:24:99:31:00:57:de:b9:59:a4:
                    79:92:2e:a7:1d:a2:0b:46:0b:9c:25:c3:65:45:41:
                    e8:d0:d9:50:2c:8b:c9:8a:59:b9:42:52:7b:c8:76:
                    a3:15:a2:57:df:27:84:9a:42:bf:86:de:76:30:45:
                    0a:6b:a1:db:00:81:b9:1e:52:b7:1a:a0:e9:b9:c8:
                    50:3f:32:a1:83:14:05:63:db:f3:43:72:7d:bf:63:
                    d6:dd:8d:c2:64:ad:c2:ab:55:ea:c7:06:eb:6a:54:
                    f4:a5:63:b9:ba:2a:95:ce:5d:0d:51:c4:c6:ab:fe:
                    6a:61:01:44:54:9f:18:0d:f3:eb:08:c5:47:41:9e:
                    bf:f6:61:ac:db:85:ef:5f:54:25:d9:ea:e9:a8:e4:
                    b4:06:fc:ed:6c:31:3b:e7:16:52:d5:f6:00:3b:27:
                    22:0f:57:08:a9:41:98:38:64:88:b3:66:06:be:b1:
                    10:a6:03:5a:c2:5d:46:ea:df:84:27:30:17:b3:04:
                    a1:85:75:33:a4:c3:c8:27:6e:64:80:8a:4a:a1:7b:
                    11:66:c6:ab:87:ff:c8:30:2f:ef:47:52:95:b0:d1:
                    d2:38:65:d1:c7:41:7d:c9:e2:85:32:2d:54:7a:3e:
                    b3:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:17:CF:8B:DA:04:4C:63:DD:10:34:B8:84:E7:0C:02:FC:A0:D0:8E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WBfPi9oETGPdEDS4hOcMAvyg0I4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.227.0/24
                  185.72.10.0/24
                  192.124.183.0/24
                  193.124.47.0/24
                  193.124.95.0/24
                  193.124.202.0/24
                  194.58.42.0/24
                  194.58.66.0/24
                  194.87.26.0/24
                  194.87.76.0/24
                  194.87.81.0/24
                  194.87.128.0/24
                  194.87.149.0/24
                  194.87.170.0/24
                  194.87.172.0/24
                  194.87.224.0/24
                  194.87.229.0/24
                  194.87.231.0/24
                  194.135.33.0/24
                  195.58.54.0/24
                  195.58.63.0/24
                  195.133.2.0/24
                  195.133.25.0/24
                  195.133.27.0/24
                  195.133.74.0/24
                  195.133.84.0/24
                  212.192.1.0/24
                  212.192.214.0/24
                  212.192.222.0/24
                  212.193.13.0/24
                  212.193.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:71:df:06:90:dd:4f:74:0d:cd:26:43:1f:a4:a7:b4:77:cc:
         d0:3a:bb:dd:09:d9:c6:9a:ea:f9:11:7d:72:e6:18:de:b9:17:
         2c:97:8d:8a:8f:5f:be:89:55:61:7d:dd:54:6b:fc:c9:bf:96:
         9f:92:93:ca:8a:90:eb:f9:09:b4:32:3b:89:07:7c:2a:40:b9:
         aa:72:c3:3d:2f:ca:25:89:27:28:40:7c:7a:17:89:c5:21:e9:
         99:89:3e:34:13:13:20:ea:e5:b9:d5:b7:6f:a4:f1:01:59:f2:
         e7:29:e1:43:f4:02:c1:c1:6c:d6:19:75:0a:0d:61:79:17:2d:
         39:a3:e4:0f:76:03:7b:fe:2a:27:12:97:d1:da:85:c7:6f:42:
         bf:a6:65:64:66:ef:30:83:c9:6a:8e:1c:06:52:c6:f1:8b:0b:
         0a:41:b6:72:c1:d0:9a:7a:34:66:c1:08:3f:b4:e4:4e:01:90:
         b6:f2:76:83:39:34:5f:09:5a:a5:fb:9f:a2:87:ee:da:eb:82:
         85:08:30:26:cf:8e:4e:68:b6:3e:ac:cc:e3:7c:bb:a8:54:bb:
         3e:f5:c6:cf:8f:ca:ac:19:83:b7:a8:a6:15:ed:49:c8:63:d9:
         48:ba:c6:d3:3e:34:30:84:19:ff:e9:53:2c:35:d1:8a:24:35:
         0a:a1:02:f5
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYz5UY637mBTZmFN5GWB2ZJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTExMTYxODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE3Y2Y4YmRhMDQ0YzYzZGQxMDM0Yjg4NGU3MGMwMmZjYTBkMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGR4QNJszNZe0rmM07pfdYh+LVYk
mTEAV965WaR5ki6nHaILRgucJcNlRUHo0NlQLIvJilm5QlJ7yHajFaJX3yeEmkK/
ht52MEUKa6HbAIG5HlK3GqDpuchQPzKhgxQFY9vzQ3J9v2PW3Y3CZK3Cq1Xqxwbr
alT0pWO5uiqVzl0NUcTGq/5qYQFEVJ8YDfPrCMVHQZ6/9mGs24XvX1Ql2erpqOS0
BvztbDE75xZS1fYAOyciD1cIqUGYOGSIs2YGvrEQpgNawl1G6t+EJzAXswShhXUz
pMPIJ25kgIpKoXsRZsarh//IMC/vR1KVsNHSOGXRx0F9yeKFMi1Uej6zmQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFFgXz4vaBExj3RA0uITnDAL8oNCOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV0JmUGk5b0VUR1BkRURTNGhPY01BdnlnMEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAA+
TOMDBAC5SAoDBADAfLcDBADBfC8DBADBfF8DBADBfMoDBADCOioDBADCOkIDBADC
VxoDBADCV0wDBADCV1EDBADCV4ADBADCV5UDBADCV6oDBADCV6wDBADCV+ADBADC
V+UDBADCV+cDBADChyEDBADDOjYDBADDOj8DBADDhQIDBADDhRkDBADDhRsDBADD
hUoDBADDhVQDBADUwAEDBADUwNYDBADUwN4DBADUwQ0DBADUwRkwDQYJKoZIhvcN
AQELBQADggEBAFhx3waQ3U90Dc0mQx+kp7R3zNA6u90J2caa6vkRfXLmGN65FyyX
jYqPX76JVWF93VRr/Mm/lp+Sk8qKkOv5CbQyO4kHfCpAuapywz0vyiWJJyhAfHoX
icUh6ZmJPjQTEyDq5bnVt2+k8QFZ8ucp4UP0AsHBbNYZdQoNYXkXLTmj5A92A3v+
KicSl9HahcdvQr+mZWRm7zCDyWqOHAZSxvGLCwpBtnLB0Jp6NGbBCD+05E4BkLby
doM5NF8JWqX7n6KH7trrgoUIMCbPjk5otj6szON8u6hUuz71xs+PyqwZg7eophXt
Schj2Ui6xtM+NDCEGf/pUyw10YokNQqhAvU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org