Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/WXv82Fp082XyH_w25ZFWxOggRuc.roa
File:                     WXv82Fp082XyH_w25ZFWxOggRuc.roa (raw, json)
Hash identifier:          CmYY2C6w1OZ2nfNVG1JkeQ8eDdBYflO5e7ghzxjGQsM=
Subject key identifier:   59:7B:FC:D8:5A:74:F3:65:F2:1F:FC:36:E5:91:56:C4:E8:20:46:E7
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0188C82F9ECB9960249D8669217FDDA36EFA
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/WXv82Fp082XyH_w25ZFWxOggRuc.roa
Signing time:             Sat 17 Jun 2023 07:09:04 +0000
ROA not before:           Sat 17 Jun 2023 07:09:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          86.106.104.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.114.171.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          188.215.72.0/24 maxlen: 24
                          188.215.73.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 13 Jul 2023 07:18:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c8:2f:9e:cb:99:60:24:9d:86:69:21:7f:dd:a3:6e:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jun 17 07:09:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=597bfcd85a74f365f21ffc36e59156c4e82046e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f2:8f:40:d8:2a:00:70:e4:70:97:f4:05:f5:
                    e4:d5:90:15:a5:a5:1f:6c:ef:a5:62:34:70:69:71:
                    98:0d:cb:a6:96:94:2d:f8:45:bf:aa:8b:0e:1f:c6:
                    2d:12:8d:bf:02:49:b4:0a:af:00:85:b5:f9:e3:9d:
                    a2:f5:e5:2a:0d:8a:b3:34:fb:b2:c9:f3:3d:74:62:
                    f2:38:a5:bb:a1:7b:1c:90:04:d0:7c:13:6e:79:03:
                    6a:58:d9:0f:69:ff:ec:b2:d7:0f:41:da:ef:77:4f:
                    20:64:da:75:ae:ff:f0:c6:28:7c:3d:4a:e1:d7:82:
                    13:b9:f0:d5:64:14:7e:04:8d:80:5b:97:3e:61:d3:
                    3f:01:1c:58:e6:ae:84:63:04:71:10:d8:cd:ac:0d:
                    cb:b3:ff:89:32:79:d5:48:37:f8:f7:fe:fe:e3:6f:
                    3b:59:14:bb:9f:e6:82:c4:b0:41:27:30:b9:c0:b1:
                    c7:8d:df:3c:ff:58:03:5e:a7:9d:21:c6:78:4c:7f:
                    cf:9e:7e:a3:dd:e0:e2:06:bb:e5:04:a7:5b:8e:8a:
                    ae:48:d1:45:6c:4a:de:07:00:b5:e9:67:e3:e2:2f:
                    df:7a:75:ac:4e:47:31:80:d1:64:f8:98:d3:90:5d:
                    e3:7d:75:b3:7c:b3:eb:59:4d:b8:6c:e0:af:cd:03:
                    1e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:7B:FC:D8:5A:74:F3:65:F2:1F:FC:36:E5:91:56:C4:E8:20:46:E7
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/WXv82Fp082XyH_w25ZFWxOggRuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  86.106.104.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/24
                  89.43.42.0/24
                  89.43.44.0/24
                  89.43.46.0/24
                  89.43.73.0/24
                  93.113.158.0/24
                  93.114.55.0/24
                  93.114.171.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:09:99:d1:f1:32:c2:6b:32:fd:3d:bf:15:17:84:24:e9:54:
         ed:a7:40:77:39:19:3e:cb:5f:28:6d:ce:3a:b2:f1:71:94:9f:
         35:c0:d4:7e:14:2f:09:cb:9e:16:88:c2:ad:a2:62:8f:05:fd:
         57:be:56:0d:2c:ca:1e:27:3e:e8:8e:f0:c7:89:3c:d8:c9:3f:
         b0:3c:23:a3:b5:21:cb:e2:d6:aa:61:2f:87:ad:ed:19:07:bb:
         7f:1d:b3:7f:ae:f0:c5:77:57:12:8c:8a:44:4b:96:21:00:24:
         7e:3f:46:dc:db:98:29:c9:10:9e:ce:12:11:ee:f0:4d:5d:3f:
         ab:00:1d:a7:e2:5d:7d:a3:ef:38:52:ce:f1:da:52:42:fd:d0:
         be:a6:d1:17:5a:99:26:af:1a:71:a0:b9:50:c1:db:fc:de:a2:
         20:33:94:49:79:96:24:fc:09:d7:ce:69:8a:06:5d:c3:51:35:
         b0:a0:9c:2f:d9:9c:a9:50:42:23:c6:6d:36:32:b2:8f:dc:60:
         47:c8:61:bd:97:d8:f9:7e:b6:ff:54:b8:f5:05:a2:14:0e:22:
         6e:d7:a9:d7:1b:28:ee:89:df:2b:94:67:27:e9:c8:b7:73:8d:
         bd:43:18:f3:2c:06:20:2b:dd:0d:53:2c:67:1f:0c:c8:54:8f:
         8b:1d:5a:1c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYjIL57LmWAknYZpIX/do276MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNjE3MDcwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTdiZmNkODVhNzRmMzY1ZjIxZmZjMzZlNTkxNTZjNGU4MjA0NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPKPQNgqAHDkcJf0BfXk1ZAVpaUf
bO+lYjRwaXGYDcumlpQt+EW/qosOH8YtEo2/Akm0Cq8AhbX5452i9eUqDYqzNPuy
yfM9dGLyOKW7oXsckATQfBNueQNqWNkPaf/sstcPQdrvd08gZNp1rv/wxih8PUrh
14ITufDVZBR+BI2AW5c+YdM/ARxY5q6EYwRxENjNrA3Ls/+JMnnVSDf49/7+4287
WRS7n+aCxLBBJzC5wLHHjd88/1gDXqedIcZ4TH/Pnn6j3eDiBrvlBKdbjoquSNFF
bEreBwC16Wfj4i/fenWsTkcxgNFk+JjTkF3jfXWzfLPrWU24bOCvzQMemQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFFl7/NhadPNl8h/8NuWRVsToIEbnMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvV1h2ODJGcDA4Mlh5SF93MjVaRld4T2dnUnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQAVcx9
AwQAVcx/AwQAVmpQAwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQAWSso
AwQAWSsqAwQAWSssAwQAWSsuAwQAWStJAwQAXXGeAwQAXXI3AwQAXXKrAwQAXXK7
AwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcNAQEL
BQADggEBAHwJmdHxMsJrMv09vxUXhCTpVO2nQHc5GT7LXyhtzjqy8XGUnzXA1H4U
LwnLnhaIwq2iYo8F/Ve+Vg0syh4nPuiO8MeJPNjJP7A8I6O1Icvi1qphL4et7RkH
u38ds3+u8MV3VxKMikRLliEAJH4/RtzbmCnJEJ7OEhHu8E1dP6sAHafiXX2j7zhS
zvHaUkL90L6m0RdamSavGnGguVDB2/zeoiAzlEl5liT8CdfOaYoGXcNRNbCgnC/Z
nKlQQiPGbTYyso/cYEfIYb2X2Pl+tv9UuPUFohQOIm7XqdcbKO6J3yuUZyfpyLdz
jb1DGPMsBiAr3Q1TLGcfDMhUj4sdWhw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org