Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa
File:                     W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa (raw, json)
Hash identifier:          MGz6YfqcGU+Ruz7Ie/RFbdT9aqa/d11QG1K8sfFOvqA=
Subject key identifier:   5B:D3:F3:2A:01:97:F0:3C:F8:6E:22:83:15:31:60:1F:20:34:33:16
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0189B2575DDD95B3EAF793D755755CC81122
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa
Signing time:             Tue 01 Aug 2023 18:23:37 +0000
ROA not before:           Tue 01 Aug 2023 18:23:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.255.206.0/24 maxlen: 24
                          109.121.35.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          212.69.0.0/24 maxlen: 24
                          188.255.134.0/24 maxlen: 24
                          93.186.69.0/24 maxlen: 24
                          77.105.8.0/24 maxlen: 24
                          185.47.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 13:19:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b2:57:5d:dd:95:b3:ea:f7:93:d7:55:75:5c:c8:11:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Aug  1 18:23:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5bd3f32a0197f03cf86e22831531601f20343316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c1:28:c9:a7:be:7f:71:42:4e:57:2f:04:96:
                    7e:4e:f1:bc:c5:20:75:ce:2d:e5:6c:05:a4:c6:8a:
                    e1:60:3b:69:fb:4b:e0:14:a3:ca:d4:49:14:61:b0:
                    90:9d:1f:b0:e4:ca:00:7a:af:84:2c:05:ab:6a:b4:
                    93:a7:3d:db:98:1d:17:39:65:35:01:ca:6c:66:e8:
                    84:86:fb:b1:71:83:4c:31:7e:4a:32:49:82:64:87:
                    49:b7:d1:dc:67:50:73:1c:eb:c8:bc:6f:a5:49:d3:
                    45:b5:d9:fa:fd:7f:ed:f3:8d:21:c4:80:e2:68:16:
                    17:37:b8:8a:02:c2:54:74:e6:8f:9e:5d:78:b7:34:
                    dd:35:72:05:20:4c:65:60:f5:1f:5f:c9:00:79:bc:
                    60:b7:17:50:a8:36:37:85:a1:20:83:ee:2e:fe:64:
                    74:b5:b0:81:95:27:93:29:e3:ca:40:03:42:0d:af:
                    b0:c8:51:0d:47:f1:c1:63:05:6f:bc:13:1c:a9:84:
                    61:c1:04:73:e5:17:9f:89:5c:73:d9:9c:89:11:50:
                    de:18:4a:ad:3c:15:6c:cc:51:0a:4d:e9:60:6f:68:
                    3f:95:a9:78:6c:c6:da:80:07:e5:3c:8a:e1:8c:cd:
                    9f:c8:f5:05:d6:da:cf:f9:46:09:ac:11:2e:57:7a:
                    ce:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:D3:F3:2A:01:97:F0:3C:F8:6E:22:83:15:31:60:1F:20:34:33:16
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.8.0/24
                  93.186.69.0/24
                  109.121.35.0/24
                  109.121.43.0/24
                  185.47.91.0/24
                  188.255.134.0/24
                  188.255.206.0/24
                  212.69.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:22:ea:ee:30:6f:19:aa:33:16:8b:e1:61:49:42:03:f2:8a:
         63:ff:3f:2c:69:96:d9:9b:59:f7:d7:d4:35:2d:10:06:5c:5e:
         c3:b8:f4:f4:6c:d7:bd:ef:27:06:70:6e:1d:ed:ea:9a:22:da:
         2e:88:93:19:f8:71:40:74:3b:64:74:63:9a:60:01:69:00:47:
         14:6a:f1:89:2f:f2:14:eb:a0:d2:72:db:9a:d4:3f:fd:14:82:
         c6:c7:0b:d9:01:a2:2c:3f:e6:6f:80:f4:20:32:e3:b4:44:63:
         6f:85:75:f7:cc:59:51:aa:28:27:46:c4:6c:a5:f9:9d:da:ee:
         73:b7:81:01:e3:98:a4:08:b8:ea:d3:a8:bf:3d:cd:44:c9:9b:
         fb:27:f9:41:10:b5:53:33:3b:7f:a0:4e:9a:f9:0d:85:4a:44:
         90:68:79:5e:63:49:59:8e:41:9f:59:67:ec:07:0e:f9:ed:4e:
         6e:69:65:29:f2:16:db:55:74:df:2a:ff:ff:01:89:b5:4f:f3:
         ca:f4:16:ec:ed:20:d5:53:11:26:2a:9e:a5:74:f0:0d:4c:f7:
         3e:39:21:0f:8d:79:21:eb:b1:29:1e:e0:4a:4c:3e:9d:39:9f:
         2b:a8:45:20:d5:f6:4c:13:b7:bb:54:5f:85:80:cd:f4:39:19:
         f4:87:64:96
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYmyV13dlbPq95PXVXVcyBEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODAxMTgyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQzZjMyYTAxOTdmMDNjZjg2ZTIyODMxNTMxNjAxZjIwMzQzMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8Eoyae+f3FCTlcvBJZ+TvG8xSB1
zi3lbAWkxorhYDtp+0vgFKPK1EkUYbCQnR+w5MoAeq+ELAWrarSTpz3bmB0XOWU1
AcpsZuiEhvuxcYNMMX5KMkmCZIdJt9HcZ1BzHOvIvG+lSdNFtdn6/X/t840hxIDi
aBYXN7iKAsJUdOaPnl14tzTdNXIFIExlYPUfX8kAebxgtxdQqDY3haEgg+4u/mR0
tbCBlSeTKePKQANCDa+wyFENR/HBYwVvvBMcqYRhwQRz5RefiVxz2ZyJEVDeGEqt
PBVszFEKTelgb2g/lal4bMbagAflPIrhjM2fyPUF1trP+UYJrBEuV3rOgQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFvT8yoBl/A8+G4igxUxYB8gNDMWMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvVzlQektnR1g4RHo0YmlLREZURmdIeUEwTXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
XbpFAwQAbXkjAwQAbXkrAwQAuS9bAwQAvP+GAwQAvP/OAwQA1EUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBJIuruMG8ZqjMWi+FhSUID8opj/z8saZbZm1n319Q1LRAGXF7D
uPT0bNe97ycGcG4d7eqaItouiJMZ+HFAdDtkdGOaYAFpAEcUavGJL/IU66DSctua
1D/9FILGxwvZAaIsP+ZvgPQgMuO0RGNvhXX3zFlRqignRsRspfmd2u5zt4EB45ik
CLjq06i/Pc1EyZv7J/lBELVTMzt/oE6a+Q2FSkSQaHleY0lZjkGfWWfsBw757U5u
aWUp8hbbVXTfKv//AYm1T/PK9Bbs7SDVUxEmKp6ldPANTPc+OSEPjXkh67EpHuBK
TD6dOZ8rqEUg1fZME7e7VF+FgM30ORn0h2SW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org