Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w520vv_YfRdlM_TbjCVUREsj25w.roa
File:                     w520vv_YfRdlM_TbjCVUREsj25w.roa (raw, json)
Hash identifier:          vDFZXHpQjr56EP3yVkz0u8WmtQa8Itn684wF5Qr5fZU=
Subject key identifier:   C3:9D:B4:BE:FF:D8:7D:17:65:33:F4:DB:8C:25:54:44:4B:23:DB:9C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0186FE425D3A76F3AE807950476EC78E3243
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w520vv_YfRdlM_TbjCVUREsj25w.roa
Signing time:             Mon 20 Mar 2023 09:03:27 +0000
ROA not before:           Mon 20 Mar 2023 09:03:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211252
IP address blocks:        194.87.151.0/24 maxlen: 24
                          195.133.18.0/24 maxlen: 24
                          195.133.38.0/24 maxlen: 24
                          195.133.40.0/24 maxlen: 24
                          194.87.84.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Mar 2023 06:03:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:fe:42:5d:3a:76:f3:ae:80:79:50:47:6e:c7:8e:32:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar 20 09:03:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c39db4beffd87d176533f4db8c2554444b23db9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1a:95:d4:3a:f2:f8:ab:9b:a5:4d:96:fa:a9:
                    40:ad:d4:06:96:cd:8a:15:79:36:4f:77:d1:e8:d0:
                    ea:33:70:15:50:9d:a9:10:7a:ad:e9:b4:3c:73:3c:
                    ba:21:9b:57:61:95:ec:cb:fc:82:cd:b4:4d:a2:fd:
                    30:b4:64:b3:7e:0b:8d:85:5a:55:9a:b6:c1:55:96:
                    3c:17:87:ce:4c:e7:fc:9f:3c:58:26:14:77:7b:28:
                    01:96:32:b2:d8:b5:83:cf:43:f9:d0:66:90:7c:83:
                    ce:5e:84:14:58:b8:6c:50:d6:ad:a1:d4:5d:6c:ea:
                    58:4e:46:9f:55:cd:a1:f8:a0:ee:12:c5:c5:38:ac:
                    92:05:de:34:ff:b6:06:d7:91:ad:43:5c:30:12:20:
                    ed:9d:8e:7f:ef:fd:97:6c:81:26:88:13:39:ec:9f:
                    1c:cb:3b:19:ba:dc:b0:85:41:56:c5:24:c3:e7:f9:
                    a0:ef:a7:2b:3c:58:fd:d6:91:e6:7e:63:cc:cc:66:
                    6b:25:c2:fd:bc:eb:cc:a2:95:5b:0d:b3:dd:49:83:
                    13:56:8d:97:70:de:4e:cf:e1:44:91:75:39:d1:04:
                    0c:de:89:26:83:8c:f7:1f:2e:ef:ed:1a:06:67:88:
                    59:10:81:ee:2c:9a:4d:f9:e5:f6:92:be:0b:cf:30:
                    13:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:9D:B4:BE:FF:D8:7D:17:65:33:F4:DB:8C:25:54:44:4B:23:DB:9C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w520vv_YfRdlM_TbjCVUREsj25w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.84.0/22
                  194.87.151.0/24
                  195.133.18.0/24
                  195.133.38.0/24
                  195.133.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:ca:8b:53:43:31:20:7a:10:03:14:43:dc:5f:bb:15:f7:5b:
         7c:cc:b5:3d:f0:f6:b5:09:24:54:6e:40:2f:10:15:bc:ea:3a:
         8f:f6:5d:4f:a6:fb:09:0f:0f:eb:e0:9a:97:67:35:39:25:ed:
         51:d9:e5:99:47:41:e1:f3:90:7a:da:8d:cc:35:35:4c:23:2d:
         1d:5c:b6:9d:10:7f:95:2d:6a:f3:b4:5b:8a:ce:27:9b:14:4e:
         42:33:d4:79:33:71:95:f4:3b:8f:1e:f2:5c:10:85:5e:e2:c0:
         5f:69:76:be:e0:b0:72:9c:d1:e1:fa:9e:94:0f:a0:e1:42:fc:
         f3:e4:d2:58:ed:6f:c3:75:27:f8:d6:93:23:5b:06:39:bb:0f:
         0a:bd:b5:6c:8b:6f:95:d7:ea:7b:d7:a3:8d:f6:8e:7b:8d:6a:
         fa:67:a4:b3:c3:be:03:3d:26:68:ce:e0:2f:f6:6d:77:21:b1:
         ea:15:15:75:1c:6c:4f:09:ac:3b:ef:9e:ae:30:90:63:00:43:
         28:35:86:6c:80:c1:8e:4a:17:4c:04:00:60:44:b0:01:11:2b:
         60:97:4c:bf:f9:97:a1:23:6c:b7:8e:02:91:30:23:bb:30:8a:
         ee:23:b5:90:a4:c1:3f:fa:7a:80:ee:54:0e:3b:bf:b4:34:46:
         50:28:97:2c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYb+Ql06dvOugHlQR27HjjJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIwMDkwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlkYjRiZWZmZDg3ZDE3NjUzM2Y0ZGI4YzI1NTQ0NDRiMjNkYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxqV1Dry+KubpU2W+qlArdQGls2K
FXk2T3fR6NDqM3AVUJ2pEHqt6bQ8czy6IZtXYZXsy/yCzbRNov0wtGSzfguNhVpV
mrbBVZY8F4fOTOf8nzxYJhR3eygBljKy2LWDz0P50GaQfIPOXoQUWLhsUNatodRd
bOpYTkafVc2h+KDuEsXFOKySBd40/7YG15GtQ1wwEiDtnY5/7/2XbIEmiBM57J8c
yzsZutywhUFWxSTD5/mg76crPFj91pHmfmPMzGZrJcL9vOvMopVbDbPdSYMTVo2X
cN5Oz+FEkXU50QQM3okmg4z3Hy7v7RoGZ4hZEIHuLJpN+eX2kr4LzzAT6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMOdtL7/2H0XZTP024wlVERLI9ucMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdzUyMHZ2X1lmUmRsTV9UYmpDVlVSRXNqMjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwldUAwQA
wleXAwQAw4USAwQAw4UmAwQAw4UoMA0GCSqGSIb3DQEBCwUAA4IBAQANyotTQzEg
ehADFEPcX7sV91t8zLU98Pa1CSRUbkAvEBW86jqP9l1PpvsJDw/r4JqXZzU5Je1R
2eWZR0Hh85B62o3MNTVMIy0dXLadEH+VLWrztFuKziebFE5CM9R5M3GV9DuPHvJc
EIVe4sBfaXa+4LBynNHh+p6UD6DhQvzz5NJY7W/DdSf41pMjWwY5uw8KvbVsi2+V
1+p716ON9o57jWr6Z6Szw74DPSZozuAv9m13IbHqFRV1HGxPCaw7756uMJBjAEMo
NYZsgMGOShdMBABgRLABEStgl0y/+ZehI2y3jgKRMCO7MIruI7WQpME/+nqA7lQO
O7+0NEZQKJcs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org