Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CWBWvEaltc5P41O91weClTDZJCs.roa
File:                     CWBWvEaltc5P41O91weClTDZJCs.roa (raw, json)
Hash identifier:          vfN+sgvJctPv7X5Jnqif5QFOqIPZEWIg0AQtQT4eYGg=
Subject key identifier:   09:60:56:BC:46:A5:B5:CE:4F:E3:53:BD:D7:07:82:95:30:D9:24:2B
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       018CF398B61B7901A8072CE5ABE2A465157B
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CWBWvEaltc5P41O91weClTDZJCs.roa
Signing time:             Wed 10 Jan 2024 13:38:40 +0000
ROA not before:           Wed 10 Jan 2024 13:38:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48806
IP address blocks:        157.97.123.0/24 maxlen: 24
                          62.100.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 11:18:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f3:98:b6:1b:79:01:a8:07:2c:e5:ab:e2:a4:65:15:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jan 10 13:38:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=096056bc46a5b5ce4fe353bdd707829530d9242b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:86:ba:99:60:d9:14:d0:0b:32:6f:42:6d:a2:
                    37:d6:20:37:24:23:e3:f1:23:58:05:7f:d7:e9:ff:
                    6a:72:73:50:55:90:a8:a8:49:ce:1e:ae:b7:18:fb:
                    2d:84:f3:ea:d6:65:02:29:d8:5a:88:a7:1a:f7:be:
                    ba:26:b5:df:1d:31:35:ab:eb:52:9d:a5:0f:64:c1:
                    5b:a8:d7:80:72:1c:94:00:ab:7f:68:80:0e:22:9c:
                    3b:bc:ee:bc:9f:83:4a:eb:a4:93:1f:98:b5:42:ad:
                    a3:3a:79:69:21:bf:fb:7e:1e:23:dd:f2:dc:b2:fd:
                    8b:a6:29:db:1c:bd:27:d4:67:a6:ef:29:0a:e9:83:
                    e4:f7:8d:78:6b:fc:8b:4d:94:bb:94:c5:04:e8:30:
                    6a:a8:32:00:68:97:c0:70:12:a8:86:ad:b6:13:b3:
                    64:5d:a2:ae:bd:88:05:de:51:59:8a:3a:14:92:a7:
                    d6:fe:7c:fa:da:e9:9e:ec:1d:5d:40:0b:d2:01:e4:
                    af:4f:58:7d:c2:09:20:90:12:d8:d0:56:14:16:f5:
                    6b:b3:22:65:34:85:04:51:6e:20:55:8d:27:0b:2a:
                    23:45:b9:a4:9f:3f:71:01:c6:c5:dd:61:f5:7c:7c:
                    73:23:92:f1:69:c9:b9:2e:bb:ee:e8:6b:ad:24:14:
                    ec:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:60:56:BC:46:A5:B5:CE:4F:E3:53:BD:D7:07:82:95:30:D9:24:2B
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CWBWvEaltc5P41O91weClTDZJCs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.100.210.0/24
                  157.97.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:d8:22:9f:72:df:9d:03:ba:06:83:76:a8:6c:51:1b:56:d9:
         3a:e6:e5:f7:27:74:88:67:9b:be:81:eb:d5:1e:3b:09:2c:da:
         f7:e9:48:2f:4f:97:5d:aa:06:27:5e:72:90:c6:e2:13:f9:cf:
         eb:c4:09:d8:51:4c:a8:76:8b:c5:d2:e4:06:88:5c:56:d6:d6:
         e1:9b:88:d2:72:77:fa:c8:7e:4d:25:cf:27:3b:e5:96:ea:62:
         97:74:7c:98:46:1b:2f:e7:78:35:cf:ca:1f:0d:28:f0:b4:58:
         17:24:e0:fd:d0:9a:20:ea:47:84:81:79:c0:38:60:0a:7b:dc:
         eb:ef:ec:13:88:ee:c9:54:6c:19:1d:b5:ec:d5:65:bb:58:87:
         2a:b1:8c:f8:17:19:5f:a5:88:9f:39:82:f1:d6:f2:57:ae:fd:
         1c:cc:93:a8:ac:a8:b5:93:cd:7f:7f:f0:1f:0c:f2:f8:48:9f:
         09:56:43:0b:99:ff:6f:b6:93:c8:c0:58:11:aa:20:57:71:29:
         a5:a7:09:64:25:56:1c:8a:b3:74:47:72:08:88:28:8b:98:2b:
         5c:46:87:72:ab:30:7c:52:8c:04:fc:a9:c6:df:61:96:ca:ee:
         87:bf:e6:ea:f5:63:1f:ee:ba:12:6f:9c:b8:91:32:af:fa:95:
         71:74:62:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzzmLYbeQGoByzlq+KkZRV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwMTEwMTMzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYwNTZiYzQ2YTViNWNlNGZlMzUzYmRkNzA3ODI5NTMwZDkyNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoa6mWDZFNALMm9CbaI31iA3JCPj
8SNYBX/X6f9qcnNQVZCoqEnOHq63GPsthPPq1mUCKdhaiKca9766JrXfHTE1q+tS
naUPZMFbqNeAchyUAKt/aIAOIpw7vO68n4NK66STH5i1Qq2jOnlpIb/7fh4j3fLc
sv2LpinbHL0n1Gem7ykK6YPk9414a/yLTZS7lMUE6DBqqDIAaJfAcBKohq22E7Nk
XaKuvYgF3lFZijoUkqfW/nz62ume7B1dQAvSAeSvT1h9wgkgkBLY0FYUFvVrsyJl
NIUEUW4gVY0nCyojRbmknz9xAcbF3WH1fHxzI5Lxacm5Lrvu6GutJBTsswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAlgVrxGpbXOT+NTvdcHgpUw2SQrMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvQ1dCV3ZFYWx0YzVQNDFPOTF3ZUNsVERaSkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPmTSAwQA
nWF7MA0GCSqGSIb3DQEBCwUAA4IBAQAr2CKfct+dA7oGg3aobFEbVtk65uX3J3SI
Z5u+gevVHjsJLNr36UgvT5ddqgYnXnKQxuIT+c/rxAnYUUyodovF0uQGiFxW1tbh
m4jScnf6yH5NJc8nO+WW6mKXdHyYRhsv53g1z8ofDSjwtFgXJOD90Jog6keEgXnA
OGAKe9zr7+wTiO7JVGwZHbXs1WW7WIcqsYz4FxlfpYifOYLx1vJXrv0czJOorKi1
k81/f/AfDPL4SJ8JVkMLmf9vtpPIwFgRqiBXcSmlpwlkJVYcirN0R3IIiCiLmCtc
RodyqzB8UowE/KnG32GWyu6Hv+bq9WMf7roSb5y4kTKv+pVxdGLB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:19 2024 by rpki-client on console-fra.rpki-client.org