Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WIraXM2vHHs7-ADysSa9LfV7XxQ.roa
File:                     WIraXM2vHHs7-ADysSa9LfV7XxQ.roa (raw, json)
Hash identifier:          Ve7SZPUwNT2qpGwcOo9Ri43m0QbY+btWFL5HGmsOHWo=
Subject key identifier:   58:8A:DA:5C:CD:AF:1C:7B:3B:F8:00:F2:B1:26:BD:2D:F5:7B:5F:14
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       01856FF96726C3039158E8E29520080EA93B
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WIraXM2vHHs7-ADysSa9LfV7XxQ.roa
Signing time:             Mon 02 Jan 2023 00:54:53 +0000
ROA not before:           Mon 02 Jan 2023 00:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20911
IP address blocks:        95.111.125.0/24 maxlen: 24
                          95.111.122.0/24 maxlen: 24
                          95.111.124.0/24 maxlen: 24
                          95.111.120.0/21 maxlen: 21
                          95.111.121.0/24 maxlen: 24
                          95.111.123.0/24 maxlen: 24
                          95.111.120.0/24 maxlen: 24
                          95.111.127.0/24 maxlen: 24
                          95.111.126.0/24 maxlen: 24
                          78.90.252.0/24 maxlen: 24
                          78.90.250.0/24 maxlen: 24
                          78.90.253.0/24 maxlen: 24
                          78.90.248.0/24 maxlen: 24
                          78.90.251.0/24 maxlen: 24
                          78.90.249.0/24 maxlen: 24
                          78.90.248.0/21 maxlen: 21
                          78.90.255.0/24 maxlen: 24
                          78.90.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:67:26:c3:03:91:58:e8:e2:95:20:08:0e:a9:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  2 00:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=588ada5ccdaf1c7b3bf800f2b126bd2df57b5f14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:fe:66:33:8b:b9:29:77:f6:de:25:16:2f:06:
                    e9:49:7d:ea:8f:f3:30:6d:87:ab:ad:ca:f6:17:fa:
                    3d:f2:b7:d9:29:a3:d7:2a:31:2e:94:95:2c:23:b1:
                    46:11:11:29:0e:52:d0:3b:96:0e:81:89:c4:49:5f:
                    01:78:45:1d:83:a3:94:b1:2d:e1:64:df:dd:74:dc:
                    ce:12:d1:81:57:ba:ee:ce:47:06:3e:a9:6c:8c:c2:
                    a7:52:dc:40:81:9f:fc:7e:48:c6:ee:ab:b3:97:04:
                    d0:e4:cd:9d:6c:04:74:48:4e:5d:57:04:0e:e9:17:
                    14:6e:42:64:aa:e4:49:16:ca:36:a6:c6:12:c0:c0:
                    26:86:bf:70:a6:83:0e:9b:4d:85:2a:02:8f:bf:6d:
                    21:d0:27:64:1f:2c:95:96:57:a3:d4:5e:7e:02:62:
                    e1:98:54:72:41:c9:8c:e0:bc:c0:45:d7:6f:56:00:
                    a7:14:80:7f:52:59:4f:07:58:7a:93:8b:03:d9:9c:
                    e0:a2:e5:33:ab:78:60:32:0c:b6:b6:e7:0e:ff:c8:
                    48:0e:10:d4:f1:7d:c2:20:2c:fa:d4:dc:26:b4:44:
                    9a:a8:7d:85:07:d9:28:3f:be:b6:d9:78:4d:0b:c2:
                    60:a2:4f:a6:be:b7:d2:75:f6:82:36:a8:da:4a:82:
                    09:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:8A:DA:5C:CD:AF:1C:7B:3B:F8:00:F2:B1:26:BD:2D:F5:7B:5F:14
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WIraXM2vHHs7-ADysSa9LfV7XxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.90.248.0/21
                  95.111.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:02:7f:66:73:0a:df:10:24:70:26:c1:32:a8:2c:f0:6f:93:
         6c:92:e6:58:16:14:95:d3:97:40:d5:17:3e:15:e5:c0:c7:39:
         f7:fd:52:b8:db:38:45:17:d0:7a:06:ee:7a:e3:a8:16:f5:bd:
         c0:0a:06:44:a3:47:ca:cf:68:8f:0a:60:a7:9c:1e:50:82:f3:
         1e:52:96:70:a1:b1:95:a4:18:24:43:0f:2a:d2:b3:3a:d1:d0:
         41:91:fc:bf:f2:0f:39:f7:32:5b:94:a4:0d:d5:4d:da:81:1f:
         e2:4d:dd:6e:0b:69:3b:8b:e7:e4:6c:8c:ab:cc:2f:9e:7e:55:
         ea:38:24:bd:05:a7:3b:d0:de:b7:9f:37:3e:9f:69:4e:74:0a:
         28:61:f0:b1:e1:7d:44:b2:dc:72:5a:19:f1:84:ea:6d:29:1c:
         b9:08:86:06:c1:50:25:77:e7:ba:2f:e8:8b:25:3b:4a:b9:2a:
         ac:a3:8c:da:29:e2:67:c2:71:5e:1e:cf:70:4f:1a:60:8c:2e:
         45:b2:5f:98:e4:df:5b:12:b4:a8:81:80:2c:ad:bf:52:66:4d:
         92:bd:09:1c:17:4d:74:27:c5:0d:e9:c3:12:1a:ab:ba:e9:3f:
         33:9f:95:72:7a:e1:6a:6f:ff:ad:f7:f3:be:ec:2f:97:a2:4e:
         87:f0:bf:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+WcmwwORWOjilSAIDqk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODhhZGE1Y2NkYWYxYzdiM2JmODAwZjJiMTI2YmQyZGY1N2I1ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/5mM4u5KXf23iUWLwbpSX3qj/Mw
bYerrcr2F/o98rfZKaPXKjEulJUsI7FGEREpDlLQO5YOgYnESV8BeEUdg6OUsS3h
ZN/ddNzOEtGBV7ruzkcGPqlsjMKnUtxAgZ/8fkjG7quzlwTQ5M2dbAR0SE5dVwQO
6RcUbkJkquRJFso2psYSwMAmhr9wpoMOm02FKgKPv20h0CdkHyyVllej1F5+AmLh
mFRyQcmM4LzARddvVgCnFIB/UllPB1h6k4sD2ZzgouUzq3hgMgy2tucO/8hIDhDU
8X3CICz61NwmtESaqH2FB9koP7622XhNC8Jgok+mvrfSdfaCNqjaSoIJuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFiK2lzNrxx7O/gA8rEmvS31e18UMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvV0lyYVhNMnZISHM3LUFEeXNTYTlMZlY3WHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTlr4AwQD
X294MA0GCSqGSIb3DQEBCwUAA4IBAQA0An9mcwrfECRwJsEyqCzwb5NskuZYFhSV
05dA1Rc+FeXAxzn3/VK42zhFF9B6Bu5646gW9b3ACgZEo0fKz2iPCmCnnB5QgvMe
UpZwobGVpBgkQw8q0rM60dBBkfy/8g859zJblKQN1U3agR/iTd1uC2k7i+fkbIyr
zC+eflXqOCS9Bac70N63nzc+n2lOdAooYfCx4X1EstxyWhnxhOptKRy5CIYGwVAl
d+e6L+iLJTtKuSqso4zaKeJnwnFeHs9wTxpgjC5Fsl+Y5N9bErSogYAsrb9SZk2S
vQkcF010J8UN6cMSGqu66T8zn5VyeuFqb/+t9/O+7C+Xok6H8L+5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org