Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wngonscBu50dLrmFjRZCKvB5Fuk.roa
File:                     wngonscBu50dLrmFjRZCKvB5Fuk.roa (raw, json)
Hash identifier:          9cuqBmPvqoYr+xZ2B2giiAzCy+BQ83PtBXjDVPYZTPs=
Subject key identifier:   C2:78:28:9E:C7:01:BB:9D:1D:2E:B9:85:8D:16:42:2A:F0:79:16:E9
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018DB0A5F20B5EE6A118871DCC5BDF7D71DF
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wngonscBu50dLrmFjRZCKvB5Fuk.roa
Signing time:             Fri 16 Feb 2024 06:41:21 +0000
ROA not before:           Fri 16 Feb 2024 06:41:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.136.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 20 Feb 2024 17:42:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:b0:a5:f2:0b:5e:e6:a1:18:87:1d:cc:5b:df:7d:71:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Feb 16 06:41:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c278289ec701bb9d1d2eb9858d16422af07916e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:d5:4c:d0:97:b5:bc:66:9b:ca:47:9e:84:26:
                    ed:e7:cc:3f:37:93:bd:c0:ad:23:5f:6d:40:1a:03:
                    b2:39:f9:b4:bc:ee:88:a9:1a:87:f0:bd:5a:90:51:
                    02:e3:1d:db:12:bc:89:80:27:67:ce:a6:f3:7f:30:
                    1d:eb:3c:d0:ca:1f:a8:f4:0f:64:2c:7c:12:6a:b3:
                    5e:30:e3:e8:d3:9a:bc:42:0a:90:74:b9:9c:d2:de:
                    80:53:04:48:62:7d:71:b3:8b:9b:e7:80:3f:71:15:
                    82:14:14:20:7c:b5:3d:3d:5c:be:09:1e:75:70:40:
                    48:13:24:f4:12:a1:e3:b7:a6:7f:b1:b4:2b:5f:6b:
                    a6:c6:d1:11:5b:6f:0e:6f:fc:17:b9:c4:bc:56:9f:
                    28:8e:9b:b6:ee:03:4e:04:e9:f0:15:a2:7b:ef:f3:
                    77:b3:aa:45:65:c1:3b:cd:5a:4f:03:62:ea:5c:c2:
                    2a:65:c7:05:ef:8e:a6:59:87:2e:e1:99:f0:66:31:
                    f8:13:ff:eb:f9:36:3d:4c:fe:5a:22:42:03:4d:3b:
                    a1:d7:fc:b8:f6:b8:ff:44:12:ec:ac:f9:2b:9d:22:
                    d4:fc:e3:80:e6:fe:ad:c6:35:32:67:c4:b4:94:0f:
                    0a:67:d1:4c:ac:3b:66:5b:94:16:26:e3:ae:ad:47:
                    3f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:78:28:9E:C7:01:BB:9D:1D:2E:B9:85:8D:16:42:2A:F0:79:16:E9
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wngonscBu50dLrmFjRZCKvB5Fuk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:8f:22:33:87:71:cd:a5:a6:f3:ea:3c:f0:76:cf:d8:c1:8c:
         87:e0:8e:26:db:75:01:b6:4f:29:a8:2f:61:bc:12:ed:11:eb:
         34:70:73:63:d6:fe:73:14:f0:e6:da:11:29:98:73:51:e6:40:
         37:5f:2b:24:e5:f2:1f:71:e1:af:b5:18:f7:8e:20:9a:3d:f4:
         04:73:15:1d:62:b0:31:5f:10:ec:ef:b7:90:1e:9a:a7:64:d9:
         37:5f:aa:b7:fe:3e:82:a2:7c:d6:34:ea:34:dc:50:eb:7e:b7:
         de:6a:65:bf:05:bb:5f:26:70:ef:e3:6a:de:e0:46:b2:54:12:
         0f:cc:16:a5:7a:e7:1a:e6:25:a3:b4:6c:0d:21:b5:bf:a8:13:
         bb:a9:8b:b8:68:6f:c3:21:9d:47:2d:46:df:cc:97:6c:29:49:
         5d:cc:3d:72:64:85:90:71:ea:5e:10:83:69:91:5c:38:40:78:
         8c:7c:5a:dd:86:31:ee:3b:b7:aa:2a:60:eb:84:49:52:1a:ba:
         63:9f:ae:7d:3f:6d:4f:c9:03:c0:6c:f3:02:0b:6c:98:d1:55:
         ac:20:e0:35:ff:e9:49:ab:ec:b8:d9:53:5b:60:90:27:7f:74:
         5c:cc:28:e4:08:36:ce:9a:6f:49:ac:f3:59:b5:cd:f2:92:18:
         ce:c6:69:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2wpfILXuahGIcdzFvffXHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjE2MDY0MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc4Mjg5ZWM3MDFiYjlkMWQyZWI5ODU4ZDE2NDIyYWYwNzkxNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9VM0Je1vGabykeehCbt58w/N5O9
wK0jX21AGgOyOfm0vO6IqRqH8L1akFEC4x3bEryJgCdnzqbzfzAd6zzQyh+o9A9k
LHwSarNeMOPo05q8QgqQdLmc0t6AUwRIYn1xs4ub54A/cRWCFBQgfLU9PVy+CR51
cEBIEyT0EqHjt6Z/sbQrX2umxtERW28Ob/wXucS8Vp8ojpu27gNOBOnwFaJ77/N3
s6pFZcE7zVpPA2LqXMIqZccF746mWYcu4ZnwZjH4E//r+TY9TP5aIkIDTTuh1/y4
9rj/RBLsrPkrnSLU/OOA5v6txjUyZ8S0lA8KZ9FMrDtmW5QWJuOurUc/FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJ4KJ7HAbudHS65hY0WQirweRbpMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvd25nb25zY0J1NTBkTHJtRmpSWkNLdkI1RnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGIMA0G
CSqGSIb3DQEBCwUAA4IBAQCIjyIzh3HNpabz6jzwds/YwYyH4I4m23UBtk8pqC9h
vBLtEes0cHNj1v5zFPDm2hEpmHNR5kA3Xysk5fIfceGvtRj3jiCaPfQEcxUdYrAx
XxDs77eQHpqnZNk3X6q3/j6ConzWNOo03FDrfrfeamW/BbtfJnDv42re4EayVBIP
zBaleuca5iWjtGwNIbW/qBO7qYu4aG/DIZ1HLUbfzJdsKUldzD1yZIWQcepeEINp
kVw4QHiMfFrdhjHuO7eqKmDrhElSGrpjn659P21PyQPAbPMCC2yY0VWsIOA1/+lJ
q+y42VNbYJAnf3RczCjkCDbOmm9JrPNZtc3ykhjOxmmV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org