Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/cDWL4Hd3BWfneZZa72558o6jGPM.roa
File:                     cDWL4Hd3BWfneZZa72558o6jGPM.roa (raw, json)
Hash identifier:          fI/8XYdq4EC95z8waqUk7Jbw4N62CMtNc/3Bl4iVGO8=
Subject key identifier:   70:35:8B:E0:77:77:05:67:E7:79:96:5A:EF:6E:79:F2:8E:A3:18:F3
Certificate issuer:       /CN=ebe4fdd172df859756ca851ddde13670f4817ee0
Certificate serial:       01856EE68FFE6C345BC0C76679555D5B0AB2
Authority key identifier: EB:E4:FD:D1:72:DF:85:97:56:CA:85:1D:DD:E1:36:70:F4:81:7E:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-T90XLfhZdWyoUd3eE2cPSBfuA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/cDWL4Hd3BWfneZZa72558o6jGPM.roa
Signing time:             Sun 01 Jan 2023 19:54:42 +0000
ROA not before:           Sun 01 Jan 2023 19:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29691
IP address blocks:        217.150.240.0/20 maxlen: 20
                          178.209.32.0/19 maxlen: 19
                          5.148.160.0/19 maxlen: 19
                          193.17.85.0/24 maxlen: 24
                          185.88.236.0/22 maxlen: 22
                          94.230.208.0/20 maxlen: 20
                          92.42.184.0/21 maxlen: 21
                          2001:67c:2f98::/48 maxlen: 48
                          2a02:418::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:e6:8f:fe:6c:34:5b:c0:c7:66:79:55:5d:5b:0a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebe4fdd172df859756ca851ddde13670f4817ee0
        Validity
            Not Before: Jan  1 19:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70358be077770567e779965aef6e79f28ea318f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:28:d9:67:c3:a9:0e:d4:61:5f:de:6a:06:c9:
                    fd:69:57:29:86:5f:b8:46:c7:f7:c1:ca:aa:e9:3b:
                    f4:a9:68:d9:3d:76:83:74:ef:fb:67:ee:e5:2d:b4:
                    36:9c:31:23:8f:4e:d2:ab:47:c1:7f:9a:41:9a:e3:
                    23:9f:c2:3a:1d:57:cb:48:5a:da:02:ed:f8:86:06:
                    49:39:9b:4a:d3:cd:06:db:a8:b1:0e:7e:a5:15:32:
                    ed:4e:c4:8c:64:56:56:a5:04:c5:17:67:ca:b3:0f:
                    6e:3e:60:59:b8:32:fc:31:0a:15:f4:b9:5f:19:53:
                    f2:d2:8f:cc:22:e9:f9:bf:34:b5:c9:30:15:15:ef:
                    02:57:d7:64:2c:b4:0f:4c:c6:2d:30:94:bb:c1:4f:
                    b9:06:c5:60:c0:6d:1a:98:fe:96:a9:e0:30:54:e2:
                    12:1d:6f:0e:b2:f7:67:1a:7e:52:ba:a4:ed:38:db:
                    c0:02:82:15:ab:f1:df:8b:26:cf:38:a1:c5:c0:74:
                    5b:9e:4e:8c:95:30:fe:a8:2d:7d:e4:09:76:d4:e5:
                    f4:b0:95:f8:f1:d2:a9:8e:f7:2e:a9:c7:ab:67:98:
                    51:b5:74:69:1d:f2:1a:08:91:e6:08:07:6d:61:80:
                    f1:cc:5d:bb:f7:a4:8a:55:53:c3:ce:25:5c:04:b5:
                    d1:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:35:8B:E0:77:77:05:67:E7:79:96:5A:EF:6E:79:F2:8E:A3:18:F3
            X509v3 Authority Key Identifier:
                keyid:EB:E4:FD:D1:72:DF:85:97:56:CA:85:1D:DD:E1:36:70:F4:81:7E:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-T90XLfhZdWyoUd3eE2cPSBfuA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/cDWL4Hd3BWfneZZa72558o6jGPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/6-T90XLfhZdWyoUd3eE2cPSBfuA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.148.160.0/19
                  92.42.184.0/21
                  94.230.208.0/20
                  178.209.32.0/19
                  185.88.236.0/22
                  193.17.85.0/24
                  217.150.240.0/20
                IPv6:
                  2001:67c:2f98::/48
                  2a02:418::/29

    Signature Algorithm: sha256WithRSAEncryption
         ac:17:4f:4b:3a:4c:27:a5:50:14:e6:a2:ea:97:7b:32:a1:d7:
         11:25:bd:36:e1:73:41:b9:23:8c:38:c6:af:72:bd:93:7f:b1:
         bc:bb:6d:7d:25:1c:8a:20:49:af:82:85:ba:1f:2f:1b:1f:ad:
         65:60:7c:7c:83:3a:6b:1f:0f:33:26:d5:ec:9f:80:39:95:29:
         7e:99:cc:83:67:81:b0:31:12:d6:b4:d4:f2:7a:7a:99:63:47:
         9c:3f:c3:68:50:a6:17:c9:74:d0:ce:f9:6b:f9:78:fe:7d:8c:
         9b:98:d7:df:fe:b6:52:b6:84:35:ac:34:5c:1b:b1:9d:97:e1:
         a2:c4:fd:db:c7:29:76:3a:14:3b:b0:9f:8d:46:0f:35:d4:2c:
         bc:ad:95:2e:ab:95:6c:17:1d:2a:07:4e:ab:fb:25:65:35:2f:
         21:67:4d:39:2e:de:ac:e2:c8:cd:31:27:5f:7c:a8:76:f4:65:
         4d:91:d8:37:d0:4c:03:a3:31:a9:18:e7:e2:84:1e:0f:27:2a:
         b3:0b:31:f9:69:c4:db:e9:18:bc:fc:5d:7e:35:5b:24:9a:f0:
         57:77:3f:6a:c1:23:c3:3d:e4:3d:2e:f5:d4:84:05:5d:88:31:
         56:24:9a:b6:48:6d:65:cb:ba:7d:74:de:d9:0c:8b:11:f7:d2:
         72:c3:07:83
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVu5o/+bDRbwMdmeVVdWwqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZTRmZGQxNzJkZjg1OTc1NmNhODUxZGRkZTEzNjcwZjQ4
MTdlZTAwHhcNMjMwMTAxMTk1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM1OGJlMDc3NzcwNTY3ZTc3OTk2NWFlZjZlNzlmMjhlYTMxOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryjZZ8OpDtRhX95qBsn9aVcphl+4
Rsf3wcqq6Tv0qWjZPXaDdO/7Z+7lLbQ2nDEjj07Sq0fBf5pBmuMjn8I6HVfLSFra
Au34hgZJOZtK080G26ixDn6lFTLtTsSMZFZWpQTFF2fKsw9uPmBZuDL8MQoV9Llf
GVPy0o/MIun5vzS1yTAVFe8CV9dkLLQPTMYtMJS7wU+5BsVgwG0amP6WqeAwVOIS
HW8OsvdnGn5SuqTtONvAAoIVq/HfiybPOKHFwHRbnk6MlTD+qC195Al21OX0sJX4
8dKpjvcuqcerZ5hRtXRpHfIaCJHmCAdtYYDxzF2796SKVVPDziVcBLXRuQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHA1i+B3dwVn53mWWu9uefKOoxjzMB8GA1UdIwQY
MBaAFOvk/dFy34WXVsqFHd3hNnD0gX7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi1UOTBYTGZoWmRXeW9VZDNlRTJjUFNCZnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hNTk2OWYtYzAxNi00NTMzLTljYmEt
Njk2NzAzNzM2NjIxLzEvY0RXTDRIZDNCV2ZuZVpaYTcyNTU4bzZqR1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hNTk2OWYtYzAxNi00NTMzLTljYmEtNjk2NzAzNzM2NjIx
LzEvNi1UOTBYTGZoWmRXeW9VZDNlRTJjUFNCZnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQFBZSgAwQD
XCq4AwQEXubQAwQFstEgAwQCuVjsAwQAwRFVAwQE2ZbwMBYEAgACMBADBwAgAQZ8
L5gDBQMqAgQYMA0GCSqGSIb3DQEBCwUAA4IBAQCsF09LOkwnpVAU5qLql3syodcR
Jb024XNBuSOMOMavcr2Tf7G8u219JRyKIEmvgoW6Hy8bH61lYHx8gzprHw8zJtXs
n4A5lSl+mcyDZ4GwMRLWtNTyenqZY0ecP8NoUKYXyXTQzvlr+Xj+fYybmNff/rZS
toQ1rDRcG7Gdl+GixP3bxyl2OhQ7sJ+NRg811Cy8rZUuq5VsFx0qB06r+yVlNS8h
Z005Lt6s4sjNMSdffKh29GVNkdg30EwDozGpGOfihB4PJyqzCzH5acTb6Ri8/F1+
NVskmvBXdz9qwSPDPeQ9LvXUhAVdiDFWJJq2SG1ly7p9dN7ZDIsR99JywweD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:15 2024 by rpki-client on console-ams.rpki-client.org