Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/IsWbuASBFg1gdOielP9O1rkxuNc.roa
File:                     IsWbuASBFg1gdOielP9O1rkxuNc.roa (raw, json)
Hash identifier:          8+siXZDZlGMVvT2+YuB+jevkWV5jqvd/qElWWXiCDSI=
Subject key identifier:   22:C5:9B:B8:04:81:16:0D:60:74:E8:9E:94:FF:4E:D6:B9:31:B8:D7
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       01871A9B22F2AE6C4B555D63487E5D8AA38D
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/IsWbuASBFg1gdOielP9O1rkxuNc.roa
Signing time:             Sat 25 Mar 2023 21:09:47 +0000
ROA not before:           Sat 25 Mar 2023 21:09:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14576
IP address blocks:        194.110.150.0/24 maxlen: 24
                          45.159.23.0/24 maxlen: 24
                          193.31.127.0/24 maxlen: 24
                          193.56.20.0/24 maxlen: 24
                          88.218.46.0/24 maxlen: 24
                          194.99.25.0/24 maxlen: 24
                          89.19.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Nov 2023 14:51:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:1a:9b:22:f2:ae:6c:4b:55:5d:63:48:7e:5d:8a:a3:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Mar 25 21:09:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22c59bb80481160d6074e89e94ff4ed6b931b8d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7e:55:f5:a9:82:f0:6e:64:27:09:8c:89:3b:
                    48:05:fa:e9:af:ba:f7:c6:72:f0:23:8a:f2:c2:6e:
                    f4:ac:df:1b:65:bd:d3:97:29:4b:f0:82:d1:46:84:
                    a5:05:43:20:80:b5:00:39:ad:af:e7:27:1f:81:2f:
                    81:2a:5a:ea:a7:cd:a2:d3:2d:bf:48:71:7d:14:8b:
                    fa:e6:f3:15:6e:30:28:02:1d:5c:5b:a3:34:2a:bb:
                    cf:b7:34:b8:42:54:d9:d3:88:10:bb:75:a9:dd:a6:
                    11:94:41:4d:8b:9e:27:dd:44:1a:40:df:d9:fe:2e:
                    62:72:e2:a9:58:fd:ca:97:87:8a:2f:f3:02:17:87:
                    39:10:e8:24:b3:c7:ca:3d:c7:85:c3:6e:5b:c2:66:
                    27:3e:0a:e3:e7:ed:55:15:3a:9f:5b:40:3c:06:9f:
                    51:49:5a:54:bb:58:ed:bd:0e:a3:68:8f:50:72:41:
                    89:e5:5c:5d:a3:fe:3c:a3:31:9a:fe:e0:38:d8:4b:
                    77:ad:d8:34:a8:2a:a9:8f:96:b2:66:f2:0d:d3:cd:
                    c0:eb:d1:85:c1:bf:e9:66:7d:80:26:9c:41:2f:47:
                    bb:05:27:bb:d7:43:a9:40:c4:5f:39:98:4f:7a:0c:
                    d6:24:b1:b9:eb:21:a3:75:69:9e:2e:d8:28:76:46:
                    2a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:C5:9B:B8:04:81:16:0D:60:74:E8:9E:94:FF:4E:D6:B9:31:B8:D7
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/IsWbuASBFg1gdOielP9O1rkxuNc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.23.0/24
                  88.218.46.0/24
                  89.19.34.0/24
                  193.31.127.0/24
                  193.56.20.0/24
                  194.99.25.0/24
                  194.110.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:2a:9e:51:7c:3e:77:f6:e5:94:87:18:37:5d:fd:0c:f4:da:
         17:7c:90:55:45:ea:12:5a:60:75:b7:12:bb:3c:1d:ae:9a:28:
         16:30:81:05:69:b0:d0:f3:2b:c3:fd:83:46:11:2e:6f:93:cc:
         79:f1:4f:81:f5:45:79:13:7f:b8:39:6d:8a:24:e0:b9:00:31:
         9d:5b:59:85:a1:ff:23:20:b2:da:8c:73:4e:f7:36:2e:85:f3:
         6c:13:b3:e8:d8:6b:a5:f9:57:16:2d:02:62:b1:64:c6:6c:f6:
         e9:38:fe:eb:2b:45:42:39:77:b8:ca:6f:a1:d0:8a:2f:4d:e6:
         fc:dc:69:aa:9a:7b:66:cd:9d:74:e4:74:19:0a:17:51:aa:4a:
         d7:f5:6c:28:81:2a:66:9b:1d:c0:56:66:7b:b2:b3:12:34:d8:
         15:c6:55:e6:78:81:ba:59:cb:89:d8:df:c2:ac:f8:38:ff:90:
         0d:b7:7f:af:ca:79:96:45:4b:bb:35:15:cd:eb:62:41:6e:df:
         5d:89:0b:c1:15:25:ac:15:d9:43:da:12:bc:75:b5:b7:49:4c:
         cc:e9:48:31:fa:c5:4c:eb:d9:13:f5:47:1f:eb:96:ce:13:db:
         fd:03:ac:8e:a7:bc:e9:e5:1f:79:e4:35:12:70:96:54:dd:91:
         42:bb:4e:69
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcamyLyrmxLVV1jSH5diqONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM1OWJiODA0ODExNjBkNjA3NGU4OWU5NGZmNGVkNmI5MzFiOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH5V9amC8G5kJwmMiTtIBfrpr7r3
xnLwI4rywm70rN8bZb3TlylL8ILRRoSlBUMggLUAOa2v5ycfgS+BKlrqp82i0y2/
SHF9FIv65vMVbjAoAh1cW6M0KrvPtzS4QlTZ04gQu3Wp3aYRlEFNi54n3UQaQN/Z
/i5icuKpWP3Kl4eKL/MCF4c5EOgks8fKPceFw25bwmYnPgrj5+1VFTqfW0A8Bp9R
SVpUu1jtvQ6jaI9QckGJ5Vxdo/48ozGa/uA42Et3rdg0qCqpj5ayZvIN083A69GF
wb/pZn2AJpxBL0e7BSe710OpQMRfOZhPegzWJLG56yGjdWmeLtgodkYqhQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCLFm7gEgRYNYHTonpT/Tta5MbjXMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvSXNXYnVBU0JGZzFnZE9pZWxQOU8xcmt4dU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZ8XAwQA
WNouAwQAWRMiAwQAwR9/AwQAwTgUAwQAwmMZAwQAwm6WMA0GCSqGSIb3DQEBCwUA
A4IBAQAIKp5RfD539uWUhxg3Xf0M9NoXfJBVReoSWmB1txK7PB2umigWMIEFabDQ
8yvD/YNGES5vk8x58U+B9UV5E3+4OW2KJOC5ADGdW1mFof8jILLajHNO9zYuhfNs
E7Po2Gul+VcWLQJisWTGbPbpOP7rK0VCOXe4ym+h0IovTeb83GmqmntmzZ105HQZ
ChdRqkrX9WwogSpmmx3AVmZ7srMSNNgVxlXmeIG6WcuJ2N/CrPg4/5ANt3+vynmW
RUu7NRXN62JBbt9diQvBFSWsFdlD2hK8dbW3SUzM6Ugx+sVM69kT9Ucf65bOE9v9
A6yOp7zp5R955DUScJZU3ZFCu05p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org