Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/WJD1Dh-ZODjTEUUCfivoJGKTgck.roa
File:                     WJD1Dh-ZODjTEUUCfivoJGKTgck.roa (raw, json)
Hash identifier:          yRq5h0xeefInZXOG8shXxVAKbEo6QhgH8eyEq769tYM=
Subject key identifier:   58:90:F5:0E:1F:99:38:38:D3:11:45:02:7E:2B:E8:24:62:93:81:C9
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018D84C456655EC1C0C07E6DE3DEBA6DE8A7
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/WJD1Dh-ZODjTEUUCfivoJGKTgck.roa
Signing time:             Wed 07 Feb 2024 18:11:16 +0000
ROA not before:           Wed 07 Feb 2024 18:11:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34665
IP address blocks:        5.183.129.0/24 maxlen: 24
                          45.11.23.0/24 maxlen: 24
                          45.14.222.0/24 maxlen: 24
                          45.84.178.0/24 maxlen: 24
                          45.129.1.0/24 maxlen: 24
                          88.218.72.0/22 maxlen: 22
                          91.188.212.0/22 maxlen: 22
                          94.158.189.0/24 maxlen: 24
                          194.32.238.0/24 maxlen: 24
                          194.32.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 15:59:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:84:c4:56:65:5e:c1:c0:c0:7e:6d:e3:de:ba:6d:e8:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb  7 18:11:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5890f50e1f993838d31145027e2be824629381c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:84:52:33:98:92:e5:d4:6c:3f:74:76:12:8e:
                    f5:b1:fe:36:6d:96:22:a8:62:b7:40:d1:4b:53:c7:
                    f0:10:23:68:e4:b9:e7:70:cd:51:4f:48:03:1d:2f:
                    a7:06:a5:56:15:5a:ff:cb:20:2a:3a:3c:c9:4c:16:
                    67:90:78:27:5f:ea:8e:b0:72:fa:97:39:aa:0e:b7:
                    ed:1a:a4:3f:97:e6:be:ef:e7:97:ce:d7:be:01:b9:
                    4e:f9:c9:f9:15:88:f1:e7:68:9e:f3:81:eb:35:88:
                    3f:11:a1:39:39:1d:d6:1a:6c:bf:48:91:91:5e:ab:
                    86:6e:9f:af:a4:6b:1d:ae:c9:9f:58:38:a8:89:ca:
                    ea:cc:62:98:53:21:e7:d2:1f:a3:b3:9c:2b:aa:3e:
                    75:e2:90:e3:84:90:ba:a0:2b:a6:2d:6b:18:05:cd:
                    70:64:ab:ed:3f:e2:9a:d2:e0:2d:17:27:d6:62:5f:
                    f0:8b:85:bd:81:0d:e6:fe:2c:b6:22:9b:15:3d:fe:
                    bd:1e:3a:c2:0f:4f:e5:60:29:51:2e:7a:bc:8e:28:
                    d4:ed:da:a3:81:cc:91:0b:03:91:94:c1:ca:8f:59:
                    71:16:55:7a:5c:92:07:49:64:f1:7f:a5:03:5b:b0:
                    bf:9e:da:3c:85:9a:a1:01:d4:4c:9a:6d:c0:5a:4d:
                    0c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:90:F5:0E:1F:99:38:38:D3:11:45:02:7E:2B:E8:24:62:93:81:C9
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/WJD1Dh-ZODjTEUUCfivoJGKTgck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.129.0/24
                  45.11.23.0/24
                  45.14.222.0/24
                  45.84.178.0/24
                  45.129.1.0/24
                  88.218.72.0/22
                  91.188.212.0/22
                  94.158.189.0/24
                  194.32.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:c3:24:f4:c1:36:1b:fd:5c:8f:43:9f:52:e1:ca:d4:74:f4:
         20:34:a9:1c:ce:92:0b:47:9e:8b:29:3f:2d:7c:55:7a:c6:c8:
         7f:8e:77:21:4e:08:1c:63:57:32:8b:6a:f8:37:f2:a6:4f:48:
         7f:d1:dd:7f:2d:9c:05:90:36:6d:7a:3a:17:b7:59:fd:77:12:
         20:b3:78:a0:3a:d3:2d:5b:41:a6:57:52:29:96:ad:55:d2:b6:
         31:47:d1:b5:21:11:be:f9:b2:a5:e6:bd:12:b4:d3:8b:d7:49:
         74:75:76:db:05:be:6b:94:57:ef:67:b2:a4:c0:eb:96:0c:c3:
         b1:49:98:e0:b1:f4:d5:e3:5a:36:81:dc:4b:87:8f:e2:1b:16:
         d4:4a:1b:26:52:3a:c4:88:5e:a9:8c:08:3a:78:ba:50:b3:16:
         a5:57:7c:8a:6c:fb:e2:7b:99:77:ec:77:42:dd:9e:94:ba:9e:
         90:4a:dd:3d:3b:60:0c:f9:40:2a:af:ee:bf:c5:5d:50:44:8c:
         fb:fc:14:f6:3b:34:d1:7a:9f:c7:e1:2d:c9:ca:26:f4:6e:48:
         96:47:82:a8:db:0a:97:08:bd:29:56:7e:67:3b:43:54:8e:fc:
         f9:d8:1b:18:34:7e:5b:a8:8a:52:b2:bd:d3:05:7e:ce:5c:88:
         95:55:47:3d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY2ExFZlXsHAwH5t4966beinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA3MTgxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODkwZjUwZTFmOTkzODM4ZDMxMTQ1MDI3ZTJiZTgyNDYyOTM4MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4RSM5iS5dRsP3R2Eo71sf42bZYi
qGK3QNFLU8fwECNo5LnncM1RT0gDHS+nBqVWFVr/yyAqOjzJTBZnkHgnX+qOsHL6
lzmqDrftGqQ/l+a+7+eXzte+AblO+cn5FYjx52ie84HrNYg/EaE5OR3WGmy/SJGR
XquGbp+vpGsdrsmfWDioicrqzGKYUyHn0h+js5wrqj514pDjhJC6oCumLWsYBc1w
ZKvtP+Ka0uAtFyfWYl/wi4W9gQ3m/iy2IpsVPf69HjrCD0/lYClRLnq8jijU7dqj
gcyRCwORlMHKj1lxFlV6XJIHSWTxf6UDW7C/nto8hZqhAdRMmm3AWk0MEQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFiQ9Q4fmTg40xFFAn4r6CRik4HJMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvV0pEMURoLVpPRGpURVVVQ2Zpdm9KR0tUZ2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABbeBAwQA
LQsXAwQALQ7eAwQALVSyAwQALYEBAwQCWNpIAwQCW7zUAwQAXp69AwQBwiDuMA0G
CSqGSIb3DQEBCwUAA4IBAQAXwyT0wTYb/VyPQ59S4crUdPQgNKkczpILR56LKT8t
fFV6xsh/jnchTggcY1cyi2r4N/KmT0h/0d1/LZwFkDZtejoXt1n9dxIgs3igOtMt
W0GmV1Iplq1V0rYxR9G1IRG++bKl5r0StNOL10l0dXbbBb5rlFfvZ7KkwOuWDMOx
SZjgsfTV41o2gdxLh4/iGxbUShsmUjrEiF6pjAg6eLpQsxalV3yKbPvie5l37HdC
3Z6Uup6QSt09O2AM+UAqr+6/xV1QRIz7/BT2OzTRep/H4S3Jyib0bkiWR4Ko2wqX
CL0pVn5nO0NUjvz52BsYNH5bqIpSsr3TBX7OXIiVVUc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org