Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa
File:                     wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa (raw, json)
Hash identifier:          lAiJhWx0wurckxT2qRPZ3VnuL/y7ExpbY0azLy30Nd0=
Subject key identifier:   C0:B5:D8:C1:C6:82:0C:88:DE:42:EF:69:15:70:FE:F4:F1:3F:C4:5E
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018CC7951F6EB53FF9EBB9B92830AB378514
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa
Signing time:             Tue 02 Jan 2024 00:31:28 +0000
ROA not before:           Tue 02 Jan 2024 00:31:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2895
IP address blocks:        147.45.194.0/23 maxlen: 23
                          147.45.0.0/19 maxlen: 19
                          147.45.32.0/23 maxlen: 23
                          193.233.0.0/22 maxlen: 22
                          193.233.4.0/24 maxlen: 24
                          193.233.10.0/23 maxlen: 23
                          147.45.64.0/24 maxlen: 24
                          193.233.8.0/24 maxlen: 24
                          2001:640::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 23 Oct 2024 19:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:1f:6e:b5:3f:f9:eb:b9:b9:28:30:ab:37:85:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  2 00:31:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0b5d8c1c6820c88de42ef691570fef4f13fc45e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:39:1b:40:0c:a3:44:3a:b3:98:28:fe:1b:d8:
                    b8:74:fb:20:2c:88:b3:80:73:9b:a4:83:0a:17:7c:
                    61:e9:80:2d:d7:f0:25:75:2e:03:3a:2d:9c:63:de:
                    61:94:22:16:19:79:67:0c:2a:30:a4:29:79:0d:79:
                    9e:30:0a:e8:60:16:1b:e9:84:fe:a4:c5:82:1a:4b:
                    9f:c8:17:cb:83:c8:06:36:b7:26:4c:71:d2:63:85:
                    e9:98:da:a3:7e:42:b1:f2:bf:c6:9d:4b:67:7d:b1:
                    3f:1b:9a:f2:19:88:f8:3e:8b:83:1e:5e:b2:f2:03:
                    23:28:d7:8c:79:26:c3:b7:00:6b:cd:8d:bf:8c:4e:
                    98:a8:6b:34:d9:e4:f1:c4:93:4e:18:4e:b1:56:d0:
                    bb:ff:47:df:77:89:34:c3:4e:f8:d2:da:84:07:82:
                    08:45:d8:1c:85:d1:87:9b:54:70:fc:96:81:4a:2b:
                    de:dc:ac:8e:d0:99:99:38:aa:38:83:86:d8:a3:cd:
                    50:f5:96:a6:a1:bc:14:39:54:70:a4:f3:a9:66:bb:
                    90:2e:e0:b3:72:7e:f6:61:38:08:30:8a:ba:15:4e:
                    fb:49:ae:ff:e9:7c:49:c4:3c:b9:ef:4a:6f:2a:69:
                    89:80:86:ce:91:8b:73:59:54:02:be:e9:97:ff:f0:
                    24:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B5:D8:C1:C6:82:0C:88:DE:42:EF:69:15:70:FE:F4:F1:3F:C4:5E
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLXYwcaCDIjeQu9pFXD-9PE_xF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.0.0-147.45.33.255
                  147.45.64.0/24
                  147.45.194.0/23
                  193.233.0.0-193.233.4.255
                  193.233.8.0/24
                  193.233.10.0/23
                IPv6:
                  2001:640::/32

    Signature Algorithm: sha256WithRSAEncryption
         6d:30:68:d0:ea:86:8f:a2:be:20:68:be:2b:d0:51:e3:18:35:
         f7:a4:2c:bb:a7:c2:b7:d0:eb:7f:86:32:31:40:68:bd:b2:f1:
         f1:d4:65:cf:a7:af:dd:7d:9e:80:b3:57:4a:65:e5:01:4c:0d:
         90:f0:3e:ee:ba:4d:9c:10:3e:c4:f7:b6:7e:b7:f0:57:06:db:
         54:79:e5:02:a1:96:0e:63:6d:c0:85:10:a1:92:a4:3c:b8:70:
         66:b7:16:a6:93:b0:b1:07:c7:6e:7a:a4:a6:a8:54:0a:e1:d8:
         7f:23:c9:d4:5e:3a:52:52:11:0e:86:52:c2:12:5b:e1:e3:b9:
         70:6d:26:5f:11:77:cd:76:df:dc:f7:a2:b7:d9:41:27:1e:84:
         ce:01:80:9b:1a:65:2c:b9:10:52:23:2d:3e:bc:9b:9a:0f:61:
         13:f7:94:b1:10:da:27:54:be:d0:d3:d7:37:24:44:f3:2f:d9:
         bb:e8:76:e5:b6:3c:a4:c0:3e:cf:63:e4:dc:df:a5:a1:9c:ee:
         e9:6b:31:28:8e:22:03:ea:8e:3f:4c:51:70:29:f8:84:58:a6:
         de:82:60:38:7b:1d:d7:db:ee:eb:72:1d:c0:e1:1a:c2:be:9b:
         34:cb:5f:cc:5a:38:54:8e:44:ce:40:be:c7:b2:74:41:51:11:
         59:98:7a:97
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzHlR9utT/567m5KDCrN4UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGI1ZDhjMWM2ODIwYzg4ZGU0MmVmNjkxNTcwZmVmNGYxM2ZjNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozkbQAyjRDqzmCj+G9i4dPsgLIiz
gHObpIMKF3xh6YAt1/AldS4DOi2cY95hlCIWGXlnDCowpCl5DXmeMAroYBYb6YT+
pMWCGkufyBfLg8gGNrcmTHHSY4XpmNqjfkKx8r/GnUtnfbE/G5ryGYj4PouDHl6y
8gMjKNeMeSbDtwBrzY2/jE6YqGs02eTxxJNOGE6xVtC7/0ffd4k0w0740tqEB4II
RdgchdGHm1Rw/JaBSive3KyO0JmZOKo4g4bYo81Q9ZamobwUOVRwpPOpZruQLuCz
cn72YTgIMIq6FU77Sa7/6XxJxDy570pvKmmJgIbOkYtzWVQCvumX//AkvwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMC12MHGggyI3kLvaRVw/vTxP8ReMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvd0xYWXdjYUNESWplUXU5cEZYRC05UEVfeEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAsDAwCTLQME
AZMtIAMEAJMtQAMEAZMtwjALAwMAwekDBADB6QQDBADB6QgDBAHB6QowDQQCAAIw
BwMFACABBkAwDQYJKoZIhvcNAQELBQADggEBAG0waNDqho+iviBovivQUeMYNfek
LLunwrfQ63+GMjFAaL2y8fHUZc+nr919noCzV0pl5QFMDZDwPu66TZwQPsT3tn63
8FcG21R55QKhlg5jbcCFEKGSpDy4cGa3FqaTsLEHx256pKaoVArh2H8jydReOlJS
EQ6GUsISW+HjuXBtJl8Rd81239z3orfZQScehM4BgJsaZSy5EFIjLT68m5oPYRP3
lLEQ2idUvtDT1zckRPMv2bvoduW2PKTAPs9j5NzfpaGc7ulrMSiOIgPqjj9MUXAp
+IRYpt6CYDh7Hdfb7utyHcDhGsK+mzTLX8xaOFSORM5AvseydEFREVmYepc=
-----END CERTIFICATE-----
Generated at Thu Oct 24 00:20:30 2024 by rpki-client on console-ams.rpki-client.org