Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/WXQZ2JqodE3teirUKyF_JHZdYm8.roa
File:                     WXQZ2JqodE3teirUKyF_JHZdYm8.roa (raw, json)
Hash identifier:          /aEdmJpkmFGBCAMKcnDKv6JDsozU0nmxuq2kM+AOPvA=
Subject key identifier:   59:74:19:D8:9A:A8:74:4D:ED:7A:2A:D4:2B:21:7F:24:76:5D:62:6F
Certificate issuer:       /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial:       018B85B1FC9F27FC51D647B86528AA2D9FA5
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/WXQZ2JqodE3teirUKyF_JHZdYm8.roa
Signing time:             Tue 31 Oct 2023 12:25:16 +0000
ROA not before:           Tue 31 Oct 2023 12:25:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201508
IP address blocks:        185.4.24.0/22 maxlen: 24
                          185.42.0.0/22 maxlen: 24
                          185.245.212.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:85:b1:fc:9f:27:fc:51:d6:47:b8:65:28:aa:2d:9f:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
        Validity
            Not Before: Oct 31 12:25:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=597419d89aa8744ded7a2ad42b217f24765d626f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:6f:56:d9:63:ed:6a:bd:36:45:4d:19:e7:b3:
                    9a:bf:0a:c0:a1:53:4d:d4:73:6d:ff:b3:b9:a0:21:
                    e8:2d:38:31:20:75:64:3d:07:8d:3b:c8:b2:09:82:
                    ee:84:29:ad:f4:3f:bd:83:80:0b:bc:f0:19:ac:22:
                    95:6d:e5:f8:3b:60:25:ff:98:b9:41:ff:15:f8:e1:
                    ee:66:ab:43:88:ea:ee:b9:8f:c9:67:64:f8:92:39:
                    94:7d:c1:13:f7:9b:6e:95:f1:16:7f:d7:8a:3f:51:
                    16:4b:9b:a2:e7:4d:11:59:92:1e:9d:64:83:2d:78:
                    a8:67:5b:e0:f2:85:3c:08:7c:2c:93:e2:9a:31:c3:
                    9f:8e:2f:10:bb:80:6b:e7:f8:09:b6:0f:71:ca:ad:
                    d1:3b:cb:af:5a:68:ee:15:e1:9e:60:a7:ab:0d:b8:
                    59:24:96:e1:66:30:ce:16:66:d4:8a:f6:3d:e0:38:
                    c3:0e:fe:b0:be:46:15:dc:3c:6b:aa:d9:f6:27:48:
                    90:f2:72:ee:9d:60:a2:b9:c6:9e:9e:d4:dd:ee:3a:
                    f8:77:fa:be:01:8e:3d:50:f5:65:f3:1d:7c:3a:29:
                    d7:bc:b2:3c:b0:54:98:0e:66:d4:c3:39:e4:fb:f6:
                    ee:a3:81:ee:ce:73:cf:2e:37:99:0b:ee:e3:88:9f:
                    41:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:74:19:D8:9A:A8:74:4D:ED:7A:2A:D4:2B:21:7F:24:76:5D:62:6F
            X509v3 Authority Key Identifier:
                keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/WXQZ2JqodE3teirUKyF_JHZdYm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.4.24.0/22
                  185.42.0.0/22
                  185.245.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:73:3b:9f:b7:bb:0a:72:1c:38:66:b8:fd:61:6f:7e:e5:5a:
         92:9e:6f:9f:72:3a:a8:07:e1:36:71:95:06:43:59:e8:24:d8:
         2d:3d:7a:b3:db:a2:b0:e9:56:61:b0:bb:ae:fa:00:21:2d:2b:
         0e:51:36:54:1a:92:0e:8f:7f:da:03:1b:d9:c2:26:69:c4:a7:
         55:f9:70:8a:1e:24:d9:55:36:6f:04:ae:f4:c3:c3:dd:20:23:
         c8:6d:79:2d:ec:31:14:b3:d6:e9:af:66:78:4f:e0:95:1f:e8:
         9f:88:34:51:0c:ec:fd:bc:b3:c2:10:25:20:d7:af:27:b8:43:
         ec:ab:10:cd:a2:08:2d:cd:f2:48:f2:12:ed:29:2d:85:6c:09:
         31:ed:33:85:5f:63:b2:02:e1:73:40:cf:69:c0:55:54:05:68:
         ee:e2:3f:05:7b:7e:ae:2b:94:24:86:f3:ca:4c:3c:c5:08:d1:
         3a:f3:c3:17:69:b6:6d:0c:5d:24:73:21:eb:ef:ae:db:57:af:
         cd:48:fa:ca:6b:28:f2:fd:36:fd:54:a7:22:46:54:ce:2d:7a:
         d0:b5:52:37:f1:bc:70:02:97:ab:fc:dc:dd:32:41:d1:8c:47:
         a6:b5:66:c1:96:38:d5:7f:09:ff:21:4c:bb:98:5c:0e:01:c4:
         78:7d:2e:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuFsfyfJ/xR1ke4ZSiqLZ+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMxMDMxMTIyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTc0MTlkODlhYTg3NDRkZWQ3YTJhZDQyYjIxN2YyNDc2NWQ2MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu29W2WPtar02RU0Z57OavwrAoVNN
1HNt/7O5oCHoLTgxIHVkPQeNO8iyCYLuhCmt9D+9g4ALvPAZrCKVbeX4O2Al/5i5
Qf8V+OHuZqtDiOruuY/JZ2T4kjmUfcET95tulfEWf9eKP1EWS5ui500RWZIenWSD
LXioZ1vg8oU8CHwsk+KaMcOfji8Qu4Br5/gJtg9xyq3RO8uvWmjuFeGeYKerDbhZ
JJbhZjDOFmbUivY94DjDDv6wvkYV3Dxrqtn2J0iQ8nLunWCiucaentTd7jr4d/q+
AY49UPVl8x18OinXvLI8sFSYDmbUwznk+/buo4HuznPPLjeZC+7jiJ9BAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFl0GdiaqHRN7Xoq1CshfyR2XWJvMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvV1hRWjJKcW9kRTN0ZWlyVUt5Rl9KSFpkWW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQQYAwQC
uSoAAwQCufXUMA0GCSqGSIb3DQEBCwUAA4IBAQALczuft7sKchw4Zrj9YW9+5VqS
nm+fcjqoB+E2cZUGQ1noJNgtPXqz26Kw6VZhsLuu+gAhLSsOUTZUGpIOj3/aAxvZ
wiZpxKdV+XCKHiTZVTZvBK70w8PdICPIbXkt7DEUs9bpr2Z4T+CVH+ifiDRRDOz9
vLPCECUg168nuEPsqxDNoggtzfJI8hLtKS2FbAkx7TOFX2OyAuFzQM9pwFVUBWju
4j8Fe36uK5QkhvPKTDzFCNE688MXabZtDF0kcyHr767bV6/NSPrKayjy/Tb9VKci
RlTOLXrQtVI38bxwAper/NzdMkHRjEemtWbBljjVfwn/IUy7mFwOAcR4fS50
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:02 2024 by rpki-client on console-fra.rpki-client.org