Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/Wh2FnsDrW_kiyariBB3EcVPkpGo.roa
File:                     Wh2FnsDrW_kiyariBB3EcVPkpGo.roa (raw, json)
Hash identifier:          upjRZxSBp06My+T+kxhUQSh98jCXoC5SA2b4OzWne/s=
Subject key identifier:   5A:1D:85:9E:C0:EB:5B:F9:22:C9:AA:E2:04:1D:C4:71:53:E4:A4:6A
Certificate issuer:       /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial:       018CC4249570367ADA2BA1FD42DFEC2C60B0
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/Wh2FnsDrW_kiyariBB3EcVPkpGo.roa
Signing time:             Mon 01 Jan 2024 08:29:40 +0000
ROA not before:           Mon 01 Jan 2024 08:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35539
IP address blocks:        46.160.224.0/21 maxlen: 21
                          46.160.232.0/21 maxlen: 21
                          46.160.240.0/21 maxlen: 21
                          46.160.248.0/21 maxlen: 21
                          93.123.192.0/18 maxlen: 18
                          95.131.208.0/22 maxlen: 22
                          95.131.212.0/22 maxlen: 22
                          95.131.208.0/21 maxlen: 21
                          93.95.160.0/21 maxlen: 21
                          93.95.164.0/22 maxlen: 22
                          93.95.160.0/22 maxlen: 22
                          93.123.128.0/17 maxlen: 17
                          93.123.128.0/18 maxlen: 18

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 00:09:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:95:70:36:7a:da:2b:a1:fd:42:df:ec:2c:60:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
        Validity
            Not Before: Jan  1 08:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5a1d859ec0eb5bf922c9aae2041dc47153e4a46a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:79:25:77:92:78:42:5d:ac:1b:92:d7:fa:3f:
                    d5:c3:2c:bb:43:62:3e:cf:d1:fe:2f:1e:32:2d:0b:
                    61:3b:20:c4:fd:a7:2e:92:d2:70:0a:95:62:d8:79:
                    ba:78:6d:2f:1f:88:00:27:25:be:60:cb:c2:db:1c:
                    64:cf:e6:bb:43:b7:c2:28:8c:30:0c:4a:3e:34:c6:
                    b3:f9:7b:de:92:3a:79:d5:25:35:84:45:79:47:ec:
                    e1:a0:f0:ed:6e:e4:02:8a:6b:4d:9e:b1:85:4d:6f:
                    79:99:a0:a3:a0:ff:f0:1d:ce:48:4e:61:51:6e:94:
                    d8:58:dc:aa:fb:da:db:31:fa:fd:e6:3a:bb:d9:ee:
                    0d:f3:d7:fd:26:e0:82:da:d0:f7:a2:4b:1c:c9:8c:
                    9b:44:37:d0:f6:a4:5a:74:fb:5f:b1:34:5c:96:82:
                    57:e9:7c:32:1b:3b:f6:ad:f6:a0:87:d9:21:6c:1e:
                    bf:48:8d:f0:b2:7a:f0:0b:a5:87:48:11:bc:f3:be:
                    ca:ce:13:a2:44:38:05:63:cf:53:c3:b6:52:d7:ba:
                    32:fe:78:12:27:da:5a:dc:92:6f:78:85:3d:ef:74:
                    57:09:4a:59:9d:49:51:cf:bb:e4:7d:bf:ef:49:a2:
                    51:5d:8d:ff:37:a8:7c:2e:34:0f:ff:6a:6f:aa:3d:
                    88:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:1D:85:9E:C0:EB:5B:F9:22:C9:AA:E2:04:1D:C4:71:53:E4:A4:6A
            X509v3 Authority Key Identifier:
                keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/Wh2FnsDrW_kiyariBB3EcVPkpGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.160.224.0/19
                  93.95.160.0/21
                  93.123.128.0/17
                  95.131.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         42:a4:a5:9d:4b:5b:ec:9c:8f:ab:27:51:2d:53:65:f8:58:c6:
         df:7d:f9:88:df:4f:ee:06:02:cf:e7:4f:97:08:b0:31:3f:4a:
         b4:a2:95:2d:77:d3:56:cc:52:21:ae:22:89:b3:bf:3e:7e:2b:
         8e:74:bd:c3:72:f5:20:6c:b9:5f:a9:df:f8:e4:6f:1d:c0:6b:
         54:83:53:cc:66:86:a0:c6:22:ac:2a:1c:66:ba:fc:06:0e:28:
         7a:ac:22:ee:4f:d0:54:f0:b5:46:05:96:03:57:46:ff:57:ee:
         ca:dd:4c:12:c0:b7:b8:de:99:60:78:02:b9:f7:7c:06:a8:0e:
         6a:c8:fe:27:84:86:f2:0b:3e:13:63:ff:1e:d0:e2:76:4b:e4:
         16:d1:4a:ef:ed:f6:58:ed:85:b0:10:44:26:b0:96:c9:61:65:
         16:c7:79:3d:d5:cb:db:bc:fa:95:a2:72:d9:26:a5:49:f1:55:
         ea:36:64:79:f1:21:46:72:f4:be:74:6f:1a:8c:54:0d:56:a5:
         e5:d6:4d:29:3d:10:e6:6f:9e:a7:00:5c:42:34:fb:0f:30:71:
         45:be:9a:ee:e9:90:d3:67:1a:f1:1d:85:54:6d:cf:cb:56:22:
         f3:41:0e:5e:c1:a2:fd:7b:64:b4:47:4c:36:32:47:6f:02:c1:
         56:94:d8:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJJVwNnraK6H9Qt/sLGCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjQwMTAxMDgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFkODU5ZWMwZWI1YmY5MjJjOWFhZTIwNDFkYzQ3MTUzZTRhNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXkld5J4Ql2sG5LX+j/Vwyy7Q2I+
z9H+Lx4yLQthOyDE/acuktJwCpVi2Hm6eG0vH4gAJyW+YMvC2xxkz+a7Q7fCKIww
DEo+NMaz+Xvekjp51SU1hEV5R+zhoPDtbuQCimtNnrGFTW95maCjoP/wHc5ITmFR
bpTYWNyq+9rbMfr95jq72e4N89f9JuCC2tD3okscyYybRDfQ9qRadPtfsTRcloJX
6XwyGzv2rfagh9khbB6/SI3wsnrwC6WHSBG8877KzhOiRDgFY89Tw7ZS17oy/ngS
J9pa3JJveIU973RXCUpZnUlRz7vkfb/vSaJRXY3/N6h8LjQP/2pvqj2IIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFodhZ7A61v5Ismq4gQdxHFT5KRqMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvV2gyRm5zRHJXX2tpeWFyaUJCM0VjVlBrcEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLqDgAwQD
XV+gAwQHXXuAAwQDX4PQMA0GCSqGSIb3DQEBCwUAA4IBAQBCpKWdS1vsnI+rJ1Et
U2X4WMbfffmI30/uBgLP50+XCLAxP0q0opUtd9NWzFIhriKJs78+fiuOdL3DcvUg
bLlfqd/45G8dwGtUg1PMZoagxiKsKhxmuvwGDih6rCLuT9BU8LVGBZYDV0b/V+7K
3UwSwLe43plgeAK593wGqA5qyP4nhIbyCz4TY/8e0OJ2S+QW0Urv7fZY7YWwEEQm
sJbJYWUWx3k91cvbvPqVonLZJqVJ8VXqNmR58SFGcvS+dG8ajFQNVqXl1k0pPRDm
b56nAFxCNPsPMHFFvpru6ZDTZxrxHYVUbc/LViLzQQ5ewaL9e2S0R0w2MkdvAsFW
lNi2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:25 2024 by rpki-client on console-ams.rpki-client.org