Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/WGU6K2u516eDONgVjWmwe6k_xm0.roa
File:                     WGU6K2u516eDONgVjWmwe6k_xm0.roa (raw, json)
Hash identifier:          6fLur1V2fYE25IQ8/FN7pJsecdyAUNmkr3Yz5s9PIMI=
Subject key identifier:   58:65:3A:2B:6B:B9:D7:A7:83:38:D8:15:8D:69:B0:7B:A9:3F:C6:6D
Certificate issuer:       /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial:       018E9C2306C63EC84C9817DEC6F68E4BE065
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/WGU6K2u516eDONgVjWmwe6k_xm0.roa
Signing time:             Tue 02 Apr 2024 00:08:44 +0000
ROA not before:           Tue 02 Apr 2024 00:08:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     64289
IP address blocks:        185.225.24.0/24 maxlen: 24
                          185.225.26.0/24 maxlen: 24
                          192.189.157.0/24 maxlen: 24
                          2a14:3f80:8::/45 maxlen: 45
                          2a14:3f80:10::/45 maxlen: 45
                          2a14:3f80:18::/45 maxlen: 45
                          2a14:3f80:20::/45 maxlen: 45
                          2a14:3f80:28::/45 maxlen: 45
                          2a14:3f80:80::/45 maxlen: 45
                          2a14:3f80:88::/45 maxlen: 45
                          2a14:3f80:100::/45 maxlen: 45
                          2a14:3f80:108::/45 maxlen: 45
                          2a14:3f80:800::/38 maxlen: 38
                          2a14:3f80:c00::/38 maxlen: 38
                          2a14:3f80:1000::/38 maxlen: 38
                          2a14:3f80:1400::/38 maxlen: 38
                          2a14:3f80:1800::/38 maxlen: 38
                          2a14:3f80:2000::/38 maxlen: 38
                          2a14:3f80:2400::/38 maxlen: 38
                          2a14:3f80:2800::/38 maxlen: 38

Validation:               Failed, certificate revoked on Thu 18 Apr 2024 03:27:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9c:23:06:c6:3e:c8:4c:98:17:de:c6:f6:8e:4b:e0:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
        Validity
            Not Before: Apr  2 00:08:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=58653a2b6bb9d7a78338d8158d69b07ba93fc66d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:bf:28:ea:ad:ca:cc:15:c7:fc:74:68:40:92:
                    33:96:7a:cb:d5:c5:fd:0a:b1:f0:73:6f:e6:51:fc:
                    ba:1a:84:f0:b0:48:01:92:d7:bb:92:44:21:e1:d6:
                    c3:0f:b8:31:80:79:6e:1e:24:9e:bd:0a:f1:83:b8:
                    e1:20:32:9d:2e:66:f0:de:a6:79:be:61:17:ee:14:
                    ed:62:7c:0d:aa:f3:f7:a5:bf:86:9d:dc:e7:cb:3b:
                    01:cf:09:41:02:dd:d6:dd:db:b0:94:68:a8:36:d5:
                    e7:9b:f4:7f:55:67:24:9a:bc:ba:b2:08:94:2d:1c:
                    8b:58:41:fc:db:17:3f:97:4e:e6:9a:17:bf:1e:9a:
                    b6:2a:5c:c9:28:6f:5f:53:5f:5f:d9:bf:77:02:ec:
                    38:cc:da:e5:2f:3d:fe:62:e8:c3:92:3a:2a:4f:92:
                    8a:9c:bf:48:c3:a8:a6:12:bc:b7:5d:75:5c:b0:9c:
                    f0:5e:4b:2a:01:a9:41:64:fe:48:e4:22:f7:2d:b9:
                    09:a3:b3:f0:8b:2e:5b:cf:d8:d7:0f:7e:7c:01:f7:
                    f6:7f:8d:8f:da:2d:af:d3:c6:2c:17:45:72:71:75:
                    ea:b4:0f:10:92:28:7c:eb:14:b9:de:10:91:ed:6a:
                    8e:2e:4f:e7:4c:2b:21:d2:00:58:74:a2:a7:73:18:
                    d1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:65:3A:2B:6B:B9:D7:A7:83:38:D8:15:8D:69:B0:7B:A9:3F:C6:6D
            X509v3 Authority Key Identifier:
                keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/WGU6K2u516eDONgVjWmwe6k_xm0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.24.0/24
                  185.225.26.0/24
                  192.189.157.0/24
                IPv6:
                  2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
                  2a14:3f80:80::/44
                  2a14:3f80:100::/44
                  2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
                  2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         35:7b:6d:3e:11:f0:21:5a:2a:86:06:29:cc:d4:69:5f:bb:16:
         41:e5:97:59:1d:2d:c2:2b:9c:c5:0c:94:c3:b8:4f:bf:34:41:
         13:c2:ba:8b:75:a7:d3:5c:02:35:9d:44:c3:9f:b0:17:bc:ad:
         1d:9c:e5:91:cf:f8:46:b4:c3:07:6a:ff:8c:11:16:ac:2f:24:
         d1:ef:dd:77:7e:e9:f4:73:ea:1f:24:ea:31:78:b5:7b:4f:25:
         5b:06:03:fe:88:69:b9:5a:35:a6:f4:92:cf:9a:d0:99:1d:92:
         bf:84:b4:41:a9:65:93:a6:21:d5:91:4e:53:70:79:c8:1a:d6:
         40:10:ed:92:d9:f2:fc:e7:c8:3e:c8:7f:c8:1d:9d:36:66:6f:
         2c:14:51:d3:76:4b:64:b4:ed:4d:78:25:4c:2f:df:0e:df:d5:
         20:7f:2f:ab:36:0c:3e:86:67:80:9b:63:75:85:4b:40:7b:6d:
         67:a7:7b:8f:38:ce:39:2e:7c:46:6d:af:54:c7:78:66:da:83:
         1f:08:63:c4:55:db:49:79:5a:9c:48:8d:36:6e:ae:2b:b8:a1:
         b0:06:e3:a9:14:4b:c0:3c:44:07:fd:ed:09:d8:27:04:9e:ce:
         c8:58:09:f4:67:93:0e:1b:b1:38:3d:2f:29:bb:46:54:c3:5a:
         a2:fd:89:6e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY6cIwbGPshMmBfexvaOS+BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwNDAyMDAwODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODY1M2EyYjZiYjlkN2E3ODMzOGQ4MTU4ZDY5YjA3YmE5M2ZjNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgr8o6q3KzBXH/HRoQJIzlnrL1cX9
CrHwc2/mUfy6GoTwsEgBkte7kkQh4dbDD7gxgHluHiSevQrxg7jhIDKdLmbw3qZ5
vmEX7hTtYnwNqvP3pb+GndznyzsBzwlBAt3W3duwlGioNtXnm/R/VWckmry6sgiU
LRyLWEH82xc/l07mmhe/Hpq2KlzJKG9fU19f2b93Auw4zNrlLz3+YujDkjoqT5KK
nL9Iw6imEry3XXVcsJzwXksqAalBZP5I5CL3LbkJo7Pwiy5bz9jXD358Aff2f42P
2i2v08YsF0VycXXqtA8Qkih86xS53hCR7WqOLk/nTCsh0gBYdKKncxjReQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFFhlOitrudengzjYFY1psHupP8ZtMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvV0dVNksydTUxNmVET05nVmpXbXdlNmtfeG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAYBAIAATASAwQAueEYAwQA
ueEaAwQAwL2dMFAEAgACMEowEgMHAyoUP4AACAMHBCoUP4AAIAMHBCoUP4AAgAMH
BCoUP4ABADAQAwYDKhQ/gAgDBgIqFD+AGDAQAwYFKhQ/gCADBgIqFD+AKDANBgkq
hkiG9w0BAQsFAAOCAQEANXttPhHwIVoqhgYpzNRpX7sWQeWXWR0twiucxQyUw7hP
vzRBE8K6i3Wn01wCNZ1Ew5+wF7ytHZzlkc/4RrTDB2r/jBEWrC8k0e/dd37p9HPq
HyTqMXi1e08lWwYD/ohpuVo1pvSSz5rQmR2Sv4S0Qallk6Yh1ZFOU3B5yBrWQBDt
ktny/OfIPsh/yB2dNmZvLBRR03ZLZLTtTXglTC/fDt/VIH8vqzYMPoZngJtjdYVL
QHttZ6d7jzjOOS58Rm2vVMd4ZtqDHwhjxFXbSXlanEiNNm6uK7ihsAbjqRRLwDxE
B/3tCdgnBJ7OyFgJ9GeTDhuxOD0vKbtGVMNaov2Jbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org