Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wemoVzUetlB54ltOdZk28Xti8io.roa
File:                     wemoVzUetlB54ltOdZk28Xti8io.roa (raw, json)
Hash identifier:          jj86RVnnMDMr4Nw4yn65D69JsUFDGMt2fW/H5acPRFc=
Subject key identifier:   C1:E9:A8:57:35:1E:B6:50:79:E2:5B:4E:75:99:36:F1:7B:62:F2:2A
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0187574B8F77C4CC7C406DE0DCD4CEF7D2D8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wemoVzUetlB54ltOdZk28Xti8io.roa
Signing time:             Thu 06 Apr 2023 15:59:42 +0000
ROA not before:           Thu 06 Apr 2023 15:59:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211252
IP address blocks:        212.193.30.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          195.133.18.0/24 maxlen: 24
                          195.133.38.0/24 maxlen: 24
                          212.192.242.0/24 maxlen: 24
                          194.87.85.0/24 maxlen: 24
                          194.87.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 May 2023 13:05:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:57:4b:8f:77:c4:cc:7c:40:6d:e0:dc:d4:ce:f7:d2:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr  6 15:59:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1e9a857351eb65079e25b4e759936f17b62f22a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:34:a6:1c:3d:ac:bd:ea:56:5a:28:46:88:43:
                    51:70:fd:ac:c2:35:60:49:f6:77:6f:76:e6:b7:b7:
                    d6:5a:8f:af:fc:ec:e2:80:1e:b6:21:33:50:61:4e:
                    b6:cb:44:41:27:9c:03:4c:19:26:65:1b:d6:1c:1f:
                    49:c7:98:cd:95:4d:74:ba:04:94:29:e0:fc:8c:13:
                    61:21:e1:ce:dc:f2:08:33:63:25:f4:7b:d7:9b:d6:
                    a4:59:ad:a8:8c:87:d6:a9:06:48:82:5f:a1:68:fe:
                    88:8b:4f:9c:9c:69:96:9c:97:5a:0b:e2:f9:35:e3:
                    00:25:cb:f5:83:fb:53:b2:0b:2f:8d:33:42:3b:31:
                    91:d9:52:f8:5d:04:ec:c1:1b:91:30:50:d6:57:26:
                    a9:9c:67:31:ef:a5:8e:95:59:70:09:7e:dc:c4:41:
                    10:f1:52:80:e3:52:f5:a8:cc:86:fd:36:4f:6c:a3:
                    61:d4:8c:29:98:12:2b:65:e7:67:8e:bc:1c:59:a8:
                    91:96:1b:29:0c:7e:0d:cd:6c:0b:29:6c:ae:3b:53:
                    1b:af:57:5e:b7:54:ca:3a:aa:92:12:b9:04:c8:ad:
                    ec:0b:9d:4d:0f:43:02:b3:50:38:44:13:00:f2:22:
                    2f:99:38:6a:cb:80:77:35:5e:33:5e:b4:46:72:a2:
                    34:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E9:A8:57:35:1E:B6:50:79:E2:5B:4E:75:99:36:F1:7B:62:F2:2A
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wemoVzUetlB54ltOdZk28Xti8io.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.85.0/24
                  194.87.87.0/24
                  194.87.151.0/24
                  195.133.18.0/24
                  195.133.38.0/24
                  212.192.242.0/24
                  212.193.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:28:64:a4:40:3f:83:10:1b:61:74:3a:ea:d0:40:8f:d3:04:
         f4:b6:0c:ba:8d:5d:3d:a5:99:12:f5:e3:f9:fe:f4:25:9e:d5:
         14:8c:e2:44:d9:f4:5e:12:22:15:e0:dd:9f:b3:a5:fb:d9:23:
         d5:2e:5b:cd:9c:0b:b0:e7:1e:f1:58:54:11:9d:f7:8c:6a:54:
         fd:a8:03:b4:1c:cf:9e:73:55:55:21:c2:a8:e9:fc:9c:a4:d5:
         ff:cd:83:5a:3e:37:f3:a0:7a:ff:4a:35:6f:b4:82:10:8b:e0:
         90:db:51:85:4e:3e:0f:a5:4f:6e:d5:2d:89:da:bd:08:0c:5a:
         a1:71:28:ad:81:04:90:dc:da:3a:03:bb:92:15:a8:d0:2d:23:
         7f:cc:4c:53:20:78:55:66:74:ee:38:d0:af:4e:ef:00:2f:36:
         e6:a6:a9:9b:38:18:ce:85:bb:49:b1:5d:63:4d:91:2a:16:83:
         6f:da:aa:94:87:68:4b:e1:41:77:90:2a:6c:3b:2e:f8:57:c0:
         af:89:8c:cd:7d:b3:6f:a9:5a:48:2d:6b:77:cf:45:f3:4c:14:
         d1:ab:c8:46:26:f7:61:d8:9d:e9:8e:fc:7e:2d:49:da:1d:1e:
         0f:70:d7:63:de:16:24:a9:6c:5a:44:06:fc:78:12:b4:ab:d9:
         25:74:88:b6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYdXS493xMx8QG3g3NTO99LYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTU1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU5YTg1NzM1MWViNjUwNzllMjViNGU3NTk5MzZmMTdiNjJmMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTSmHD2svepWWihGiENRcP2swjVg
SfZ3b3bmt7fWWo+v/OzigB62ITNQYU62y0RBJ5wDTBkmZRvWHB9Jx5jNlU10ugSU
KeD8jBNhIeHO3PIIM2Ml9HvXm9akWa2ojIfWqQZIgl+haP6Ii0+cnGmWnJdaC+L5
NeMAJcv1g/tTsgsvjTNCOzGR2VL4XQTswRuRMFDWVyapnGcx76WOlVlwCX7cxEEQ
8VKA41L1qMyG/TZPbKNh1IwpmBIrZednjrwcWaiRlhspDH4NzWwLKWyuO1Mbr1de
t1TKOqqSErkEyK3sC51ND0MCs1A4RBMA8iIvmThqy4B3NV4zXrRGcqI0PwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMHpqFc1HrZQeeJbTnWZNvF7YvIqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd2Vtb1Z6VWV0bEI1NGx0T2RaazI4WHRpOGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwldVAwQA
wldXAwQAwleXAwQAw4USAwQAw4UmAwQA1MDyAwQA1MEeMA0GCSqGSIb3DQEBCwUA
A4IBAQAhKGSkQD+DEBthdDrq0ECP0wT0tgy6jV09pZkS9eP5/vQlntUUjOJE2fRe
EiIV4N2fs6X72SPVLlvNnAuw5x7xWFQRnfeMalT9qAO0HM+ec1VVIcKo6fycpNX/
zYNaPjfzoHr/SjVvtIIQi+CQ21GFTj4PpU9u1S2J2r0IDFqhcSitgQSQ3No6A7uS
FajQLSN/zExTIHhVZnTuONCvTu8ALzbmpqmbOBjOhbtJsV1jTZEqFoNv2qqUh2hL
4UF3kCpsOy74V8CviYzNfbNvqVpILWt3z0XzTBTRq8hGJvdh2J3pjvx+LUnaHR4P
cNdj3hYkqWxaRAb8eBK0q9kldIi2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org