Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/WEL9yKzjqGObQQN7wBH2uu5FGlw.roa
File:                     WEL9yKzjqGObQQN7wBH2uu5FGlw.roa (raw, json)
Hash identifier:          kkE8LbzOobqM3Oj/13WnqHSuwYVKHoUPl6svkNEpsqs=
Subject key identifier:   58:42:FD:C8:AC:E3:A8:63:9B:41:03:7B:C0:11:F6:BA:EE:45:1A:5C
Certificate issuer:       /CN=68bd10f1b14bbb2767ffdcaec4b4172880ba461a
Certificate serial:       0185703037474316DE45FD62EE681998F013
Authority key identifier: 68:BD:10:F1:B1:4B:BB:27:67:FF:DC:AE:C4:B4:17:28:80:BA:46:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/WEL9yKzjqGObQQN7wBH2uu5FGlw.roa
Signing time:             Mon 02 Jan 2023 01:54:46 +0000
ROA not before:           Mon 02 Jan 2023 01:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        193.107.40.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:37:47:43:16:de:45:fd:62:ee:68:19:98:f0:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68bd10f1b14bbb2767ffdcaec4b4172880ba461a
        Validity
            Not Before: Jan  2 01:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5842fdc8ace3a8639b41037bc011f6baee451a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:92:cd:98:6d:19:55:17:3c:e1:cb:9f:d5:07:
                    0f:ed:79:da:91:db:36:56:87:06:77:e0:f0:a9:7e:
                    6d:e2:5a:05:41:08:0e:7f:07:8a:af:5e:e3:9e:a0:
                    a4:9a:49:ef:89:49:24:db:5f:98:07:3d:38:f3:4c:
                    ef:a4:f7:c2:eb:83:2d:ea:d4:7c:64:dd:dd:61:06:
                    86:d3:d5:10:e2:02:b4:fc:24:79:12:c8:b4:cd:64:
                    e4:25:be:2f:0d:35:b8:e5:2b:36:d4:88:d2:d8:c9:
                    df:f3:d3:19:ea:5c:e3:06:21:02:97:ab:1b:8b:75:
                    54:fe:95:18:79:24:b7:dd:13:8f:26:90:fb:4e:98:
                    df:c9:7d:7a:66:79:c8:f0:ad:1f:69:f7:9c:31:95:
                    6d:6e:b2:41:34:71:ed:b8:38:30:10:50:36:45:f6:
                    16:69:0f:da:6b:5e:37:95:7b:5b:a2:42:6a:b7:bf:
                    45:2e:9b:02:07:08:4b:1c:e7:46:39:9d:42:8a:4e:
                    94:cc:d7:43:46:29:5c:ca:a3:b3:08:4a:0e:eb:1d:
                    6d:f7:be:9a:59:81:f5:fd:68:a0:8b:a8:57:67:da:
                    ca:b5:d2:75:0c:30:e4:85:a9:e5:03:30:61:6c:be:
                    92:28:0d:b8:03:fd:f9:bb:c4:6c:d4:da:85:e4:a0:
                    24:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:42:FD:C8:AC:E3:A8:63:9B:41:03:7B:C0:11:F6:BA:EE:45:1A:5C
            X509v3 Authority Key Identifier:
                keyid:68:BD:10:F1:B1:4B:BB:27:67:FF:DC:AE:C4:B4:17:28:80:BA:46:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/WEL9yKzjqGObQQN7wBH2uu5FGlw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aL0Q8bFLuydn_9yuxLQXKIC6Rho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:26:34:c4:59:2b:97:1e:a6:08:4d:4f:b4:6c:31:e1:cb:3f:
         28:15:96:8d:47:26:a9:81:9d:29:d9:67:79:40:8d:fe:dc:8b:
         65:c4:07:7b:d8:40:f6:16:a8:c1:22:57:79:c4:33:5e:cc:a2:
         4d:d9:32:31:d2:66:a1:f0:bc:6c:0f:78:02:35:e7:ab:e6:ec:
         57:d1:f8:75:5e:fe:6e:ef:47:a1:db:90:5e:2c:f0:e4:51:b5:
         5c:d3:b7:ed:99:73:e6:b3:23:56:75:ee:3d:77:da:42:96:0e:
         59:76:0e:f0:ba:32:b5:f2:09:b7:15:36:87:61:36:f7:7b:60:
         f6:d2:44:9d:78:aa:6a:ed:2c:5d:75:1c:17:d9:ff:e6:ad:71:
         16:7a:9d:e7:6c:b3:ff:4a:84:ca:4d:b9:cb:b1:40:a6:28:0b:
         4a:80:f3:d8:29:6d:59:7d:a5:39:3b:d4:fe:39:e8:0e:33:b1:
         02:07:0c:f0:37:58:87:4e:81:f5:eb:65:7d:b8:44:7f:b3:55:
         1e:28:ec:f1:98:2f:02:d8:ad:ac:5e:ff:e8:9b:8b:eb:3d:4b:
         0f:83:e1:ce:1e:35:fb:01:8f:43:80:1c:13:28:ff:d9:ad:0a:
         63:cc:05:8a:ae:94:94:b3:e0:49:e5:2b:54:3d:6d:ab:56:25:
         fa:37:e0:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMDdHQxbeRf1i7mgZmPATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmQxMGYxYjE0YmJiMjc2N2ZmZGNhZWM0YjQxNzI4ODBi
YTQ2MWEwHhcNMjMwMTAyMDE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQyZmRjOGFjZTNhODYzOWI0MTAzN2JjMDExZjZiYWVlNDUxYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJLNmG0ZVRc84cuf1QcP7Xnakds2
VocGd+DwqX5t4loFQQgOfweKr17jnqCkmknviUkk21+YBz0480zvpPfC64Mt6tR8
ZN3dYQaG09UQ4gK0/CR5Esi0zWTkJb4vDTW45Ss21IjS2Mnf89MZ6lzjBiECl6sb
i3VU/pUYeSS33ROPJpD7TpjfyX16ZnnI8K0fafecMZVtbrJBNHHtuDgwEFA2RfYW
aQ/aa143lXtbokJqt79FLpsCBwhLHOdGOZ1Cik6UzNdDRilcyqOzCEoO6x1t976a
WYH1/Wigi6hXZ9rKtdJ1DDDkhanlAzBhbL6SKA24A/35u8Rs1NqF5KAk+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFhC/cis46hjm0EDe8AR9rruRRpcMB8GA1UdIwQY
MBaAFGi9EPGxS7snZ//crsS0FyiAukYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUwwUThiRkx1eWRuXzl5dXhMUVhLSUM2UmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hZGU4NTYtODk2MC00YTI5LTg5NTYt
OWZlN2Q5MjhkOWJlLzEvV0VMOXlLempxR09iUVFON3dCSDJ1dTVGR2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hZGU4NTYtODk2MC00YTI5LTg5NTYtOWZlN2Q5MjhkOWJl
LzEvYUwwUThiRkx1eWRuXzl5dXhMUVhLSUM2UmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWsoMA0G
CSqGSIb3DQEBCwUAA4IBAQCcJjTEWSuXHqYITU+0bDHhyz8oFZaNRyapgZ0p2Wd5
QI3+3ItlxAd72ED2FqjBIld5xDNezKJN2TIx0mah8LxsD3gCNeer5uxX0fh1Xv5u
70eh25BeLPDkUbVc07ftmXPmsyNWde49d9pClg5Zdg7wujK18gm3FTaHYTb3e2D2
0kSdeKpq7SxddRwX2f/mrXEWep3nbLP/SoTKTbnLsUCmKAtKgPPYKW1ZfaU5O9T+
OegOM7ECBwzwN1iHToH162V9uER/s1UeKOzxmC8C2K2sXv/om4vrPUsPg+HOHjX7
AY9DgBwTKP/ZrQpjzAWKrpSUs+BJ5StUPW2rViX6N+B6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:04 2024 by rpki-client on console-fra.rpki-client.org