Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/W1HwZ4MrUMU5ZOqHjFGRQAZXcDo.roa
File:                     W1HwZ4MrUMU5ZOqHjFGRQAZXcDo.roa (raw, json)
Hash identifier:          oO+ufPUzAh1N812t0uw23Eg0z03+JE698pnvMT8Wbuw=
Subject key identifier:   5B:51:F0:67:83:2B:50:C5:39:64:EA:87:8C:51:91:40:06:57:70:3A
Certificate issuer:       /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial:       018572BA77F1B59322B7F71A9DB9AFC08689
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/W1HwZ4MrUMU5ZOqHjFGRQAZXcDo.roa
Signing time:             Mon 02 Jan 2023 13:45:01 +0000
ROA not before:           Mon 02 Jan 2023 13:45:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29272
IP address blocks:        85.232.255.128/25 maxlen: 25
                          2001:1a68:2b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:77:f1:b5:93:22:b7:f7:1a:9d:b9:af:c0:86:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
        Validity
            Not Before: Jan  2 13:45:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5b51f067832b50c53964ea878c5191400657703a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:dd:e6:50:50:4b:fc:4d:3a:85:96:b8:5b:04:
                    84:59:6b:6a:12:d8:6f:eb:51:a1:39:1c:a3:17:42:
                    13:36:63:db:c8:f0:27:26:50:6e:20:d8:b9:43:9e:
                    e7:12:1b:01:a2:cd:ed:b2:09:b8:73:71:a0:94:2f:
                    b3:07:85:cf:ab:09:0f:9d:ed:3d:c8:ee:38:ae:ef:
                    4f:6d:18:e0:71:73:9d:0f:dc:6c:07:bb:b9:94:4a:
                    14:44:63:c7:5b:f9:04:2d:86:90:13:3c:b1:ca:c8:
                    1a:5b:da:75:89:8b:39:f9:39:03:b2:e6:b8:07:ab:
                    38:07:6d:eb:e2:40:8c:58:93:14:8a:0c:29:f9:e8:
                    55:ad:08:92:d0:0d:79:85:3d:30:50:64:c7:75:98:
                    3e:24:be:7a:65:9f:a7:e5:72:e5:d2:8e:1c:0b:a4:
                    08:7f:38:95:1c:69:05:97:24:82:b2:c2:99:cf:90:
                    b5:36:d7:c8:b9:c3:fd:12:f2:4d:d3:5a:c5:97:51:
                    4b:3e:bd:32:a4:b1:63:95:d6:7d:c1:d1:bc:ff:e9:
                    52:7e:b9:cd:79:a8:61:bc:4c:80:60:72:f8:04:dd:
                    91:d6:10:18:ca:1e:c3:7f:b3:f1:73:a6:80:8c:84:
                    6e:d5:8a:13:5e:91:62:43:1c:35:b9:53:42:a5:fd:
                    22:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:51:F0:67:83:2B:50:C5:39:64:EA:87:8C:51:91:40:06:57:70:3A
            X509v3 Authority Key Identifier:
                keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/W1HwZ4MrUMU5ZOqHjFGRQAZXcDo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.232.255.128/25
                IPv6:
                  2001:1a68:2b::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:96:12:6e:dd:d4:e4:d4:76:9e:ef:42:ae:0a:ee:2f:c7:f4:
         f3:76:94:69:82:24:1f:45:51:f2:c0:7d:76:fd:74:a9:6d:87:
         2c:c0:0a:cf:35:f8:bb:f8:a8:62:de:cf:96:82:e0:4f:35:a4:
         ee:cc:c1:74:31:6d:3e:a4:a3:fb:bb:8b:ff:7b:55:25:6a:3a:
         72:88:59:df:4a:05:fe:6d:1b:aa:53:78:b1:01:cb:60:9d:3c:
         6a:40:88:72:33:06:78:2a:3d:b9:27:bb:f7:c6:af:d9:39:80:
         4a:b1:0c:37:a1:45:3d:37:de:7c:e2:64:b9:63:ef:c0:4f:4d:
         be:b8:40:56:00:d7:47:14:b2:7f:31:a1:c6:f7:9a:b8:59:91:
         2c:80:d7:92:49:eb:18:3e:a8:60:1d:2e:77:70:fe:73:77:b3:
         41:6d:a5:2f:14:16:e4:ef:35:2c:42:19:6c:f1:96:ca:27:76:
         fa:4e:07:7d:0b:5b:44:cd:1f:33:90:ff:64:9c:f5:25:6e:c9:
         67:6c:fe:fa:d8:0e:13:43:05:3f:69:db:b8:9a:32:f7:60:0a:
         3c:b8:e5:c1:79:24:57:dd:76:2b:5d:a2:07:d6:da:8c:e0:74:
         20:8a:3e:05:8b:35:a0:fd:e9:5f:ba:22:e7:65:56:5d:e6:e6:
         ba:9f:78:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyunfxtZMit/canbmvwIaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUxZjA2NzgzMmI1MGM1Mzk2NGVhODc4YzUxOTE0MDA2NTc3MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd3mUFBL/E06hZa4WwSEWWtqEthv
61GhORyjF0ITNmPbyPAnJlBuINi5Q57nEhsBos3tsgm4c3GglC+zB4XPqwkPne09
yO44ru9PbRjgcXOdD9xsB7u5lEoURGPHW/kELYaQEzyxysgaW9p1iYs5+TkDsua4
B6s4B23r4kCMWJMUigwp+ehVrQiS0A15hT0wUGTHdZg+JL56ZZ+n5XLl0o4cC6QI
fziVHGkFlySCssKZz5C1NtfIucP9EvJN01rFl1FLPr0ypLFjldZ9wdG8/+lSfrnN
eahhvEyAYHL4BN2R1hAYyh7Df7Pxc6aAjIRu1YoTXpFiQxw1uVNCpf0igwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFtR8GeDK1DFOWTqh4xRkUAGV3A6MB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvVzFId1o0TXJVTVU1Wk9xSGpGR1JRQVpYY0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDANBAIAATAHAwUHVej/gDAP
BAIAAjAJAwcAIAEaaAArMA0GCSqGSIb3DQEBCwUAA4IBAQCOlhJu3dTk1Hae70Ku
Cu4vx/TzdpRpgiQfRVHywH12/XSpbYcswArPNfi7+Khi3s+WguBPNaTuzMF0MW0+
pKP7u4v/e1UlajpyiFnfSgX+bRuqU3ixActgnTxqQIhyMwZ4Kj25J7v3xq/ZOYBK
sQw3oUU9N9584mS5Y+/AT02+uEBWANdHFLJ/MaHG95q4WZEsgNeSSesYPqhgHS53
cP5zd7NBbaUvFBbk7zUsQhls8ZbKJ3b6Tgd9C1tEzR8zkP9knPUlbslnbP762A4T
QwU/adu4mjL3YAo8uOXBeSRX3XYrXaIH1tqM4HQgij4FizWg/elfuiLnZVZd5ua6
n3jS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:52 2024 by rpki-client on console-ams.rpki-client.org