Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa
File:                     WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa (raw, json)
Hash identifier:          9iZavNTYfj4xHs3rWUe9mG5k/h4anS9fqfoTiD5IscI=
Subject key identifier:   59:57:C5:63:08:71:41:D3:C4:06:99:CB:2F:83:95:CC:05:B8:9A:49
Certificate issuer:       /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial:       018CC86FFFED460A87D0A432723AA52D98FE
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa
Signing time:             Tue 02 Jan 2024 04:30:32 +0000
ROA not before:           Tue 02 Jan 2024 04:30:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137427
IP address blocks:        2.59.153.0/24 maxlen: 24
                          91.204.224.0/24 maxlen: 24
                          91.204.225.0/24 maxlen: 24
                          91.204.226.0/24 maxlen: 24
                          91.204.227.0/24 maxlen: 24
                          185.202.101.0/24 maxlen: 24
                          193.239.151.0/24 maxlen: 24
                          45.91.225.0/24 maxlen: 24
                          194.126.215.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jun 2024 15:44:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:ff:ed:46:0a:87:d0:a4:32:72:3a:a5:2d:98:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
        Validity
            Not Before: Jan  2 04:30:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5957c563087141d3c40699cb2f8395cc05b89a49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:de:da:73:82:a5:3b:b5:3f:6a:6c:be:1e:ec:
                    20:6c:16:8b:10:f5:d4:3e:e1:d9:1f:98:8b:b8:81:
                    d5:c1:4b:f9:fa:30:06:79:47:66:4b:95:c3:ce:93:
                    7d:ff:a0:59:ea:72:2e:6e:85:ef:37:b1:ef:73:99:
                    48:f4:ae:a6:a7:6e:06:06:a4:61:7c:fe:af:17:2d:
                    72:da:27:e0:5e:f7:39:5b:8c:4a:75:be:a7:3e:06:
                    f6:1d:d6:ad:13:b7:c6:29:dc:fc:61:f5:a2:f5:91:
                    5c:05:b3:e6:20:1e:12:ac:01:31:5c:5a:3e:45:a3:
                    00:4b:47:a9:23:ab:bf:5f:92:c3:c1:71:e4:ba:99:
                    97:77:11:05:30:e4:42:66:83:d3:f5:f7:44:75:d7:
                    03:cb:68:cb:18:8f:d4:11:07:4a:54:1b:f0:a6:cb:
                    5d:9c:5b:06:0d:12:e8:11:81:a1:bb:f1:4c:d7:38:
                    ab:ef:16:97:dc:a7:6a:5e:4d:e8:35:88:eb:60:9b:
                    1f:e5:a8:d1:9f:f5:cf:a6:da:1c:f2:d5:12:94:f9:
                    30:ac:12:38:9e:27:23:1f:2f:bd:9e:e1:cc:8f:b2:
                    b4:91:a0:00:bf:fe:d4:25:57:a2:87:fe:af:e0:27:
                    19:be:7d:e3:7b:da:13:56:7d:e7:a4:e8:6a:8b:19:
                    8c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:57:C5:63:08:71:41:D3:C4:06:99:CB:2F:83:95:CC:05:B8:9A:49
            X509v3 Authority Key Identifier:
                keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/WVfFYwhxQdPEBpnLL4OVzAW4mkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.153.0/24
                  45.91.225.0/24
                  91.204.224.0/22
                  185.202.101.0/24
                  193.239.151.0/24
                  194.126.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:3a:8a:0f:26:a0:e2:83:c2:0c:45:b9:1d:3e:c2:3c:40:ef:
         0f:ae:f5:f5:69:6b:7e:93:0e:09:df:1d:7e:ee:43:a6:98:25:
         3d:9b:72:9a:ca:78:4a:c1:c9:78:62:b7:a8:07:49:55:2f:f4:
         90:8c:0c:19:30:47:8c:1d:39:1f:cb:7c:d8:64:9a:93:da:40:
         90:0a:79:cd:56:27:bf:ea:b5:74:b2:35:c7:64:1c:f3:8f:88:
         3e:11:c9:dd:ac:4a:ac:7d:7a:fe:9e:44:97:01:47:68:c4:4f:
         b7:bc:e7:57:03:0b:73:34:1d:8e:32:16:f9:70:34:90:34:d8:
         94:21:48:03:8b:81:68:cc:4f:de:dd:25:dd:c6:49:70:dd:07:
         f5:37:f6:dd:97:42:34:b0:b9:50:a2:80:e7:f0:b8:04:33:ab:
         32:48:64:1f:25:ea:05:2e:25:72:44:30:00:c2:54:a3:68:85:
         7f:69:0f:2b:66:8d:ab:e5:31:b3:c9:f7:81:14:52:e8:2b:f7:
         e8:14:c7:d8:82:e2:bb:0d:1f:91:62:8a:46:84:b7:a7:91:84:
         11:6b:11:09:04:da:f1:38:e5:57:ba:49:2f:ac:b7:c0:2d:8a:
         4d:c3:8d:71:18:b4:66:68:1c:04:64:88:d7:36:33:98:87:8c:
         8c:bc:61:1a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIb//tRgqH0KQycjqlLZj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMTAyMDQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTU3YzU2MzA4NzE0MWQzYzQwNjk5Y2IyZjgzOTVjYzA1Yjg5YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd7ac4KlO7U/amy+HuwgbBaLEPXU
PuHZH5iLuIHVwUv5+jAGeUdmS5XDzpN9/6BZ6nIuboXvN7Hvc5lI9K6mp24GBqRh
fP6vFy1y2ifgXvc5W4xKdb6nPgb2HdatE7fGKdz8YfWi9ZFcBbPmIB4SrAExXFo+
RaMAS0epI6u/X5LDwXHkupmXdxEFMORCZoPT9fdEddcDy2jLGI/UEQdKVBvwpstd
nFsGDRLoEYGhu/FM1zir7xaX3KdqXk3oNYjrYJsf5ajRn/XPptoc8tUSlPkwrBI4
nicjHy+9nuHMj7K0kaAAv/7UJVeih/6v4CcZvn3je9oTVn3npOhqixmMgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFlXxWMIcUHTxAaZyy+DlcwFuJpJMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvV1ZmRll3aHhRZFBFQnBuTEw0T1Z6QVc0bWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwe+XAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQBU
OooPJqDig8IMRbkdPsI8QO8PrvX1aWt+kw4J3x1+7kOmmCU9m3KaynhKwcl4Yreo
B0lVL/SQjAwZMEeMHTkfy3zYZJqT2kCQCnnNVie/6rV0sjXHZBzzj4g+EcndrEqs
fXr+nkSXAUdoxE+3vOdXAwtzNB2OMhb5cDSQNNiUIUgDi4FozE/e3SXdxklw3Qf1
N/bdl0I0sLlQooDn8LgEM6sySGQfJeoFLiVyRDAAwlSjaIV/aQ8rZo2r5TGzyfeB
FFLoK/foFMfYguK7DR+RYopGhLenkYQRaxEJBNrxOOVXukkvrLfALYpNw41xGLRm
aBwEZIjXNjOYh4yMvGEa
-----END CERTIFICATE-----
Generated at Sat Jun 22 19:17:45 2024 by rpki-client on console-ams.rpki-client.org