Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/1W-BalvjRNKAluTd4zeBV1Yyn9Q.roa
File:                     1W-BalvjRNKAluTd4zeBV1Yyn9Q.roa (raw, json)
Hash identifier:          LC1T17rwyb3gA96CDFy40a0a/OxY380rQGMcSEgB088=
Subject key identifier:   D5:6F:81:6A:5B:E3:44:D2:80:96:E4:DD:E3:37:81:57:56:32:9F:D4
Certificate issuer:       /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial:       018B37FA83428E191B20E1E3E50418B8072D
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/1W-BalvjRNKAluTd4zeBV1Yyn9Q.roa
Signing time:             Mon 16 Oct 2023 10:14:06 +0000
ROA not before:           Mon 16 Oct 2023 10:14:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31368
IP address blocks:        185.173.156.0/24 maxlen: 24
                          185.173.159.0/24 maxlen: 24
                          89.107.132.0/23 maxlen: 23
                          89.107.128.0/23 maxlen: 23
                          89.107.128.0/21 maxlen: 21
                          185.173.158.0/24 maxlen: 24
                          89.107.130.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 14:20:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:37:fa:83:42:8e:19:1b:20:e1:e3:e5:04:18:b8:07:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
        Validity
            Not Before: Oct 16 10:14:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d56f816a5be344d28096e4dde337815756329fd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e4:d5:b3:be:af:1b:d1:d3:cd:e1:21:38:84:
                    d0:17:28:bd:76:4f:e9:c7:20:67:1c:b2:58:d8:f0:
                    e7:97:89:e4:8b:a0:45:ae:18:c4:1d:11:3c:8a:61:
                    82:21:59:13:a6:2f:a7:61:2d:cb:2e:67:3a:12:a8:
                    67:da:cb:51:d1:ff:4f:c5:14:45:ba:53:92:d3:ce:
                    d3:62:68:0c:27:8a:c2:fa:99:14:07:37:cb:08:1c:
                    41:3f:83:86:3c:aa:cc:f5:8f:41:be:1b:ec:6b:c9:
                    5b:d2:d4:d6:75:e7:bf:53:35:41:38:22:39:3f:2e:
                    0b:6c:b2:23:c6:dc:f7:f0:a4:56:67:a6:37:f5:92:
                    e8:6c:8c:50:57:82:f7:7e:9d:a3:dd:17:68:af:f6:
                    fd:00:30:f5:51:fd:98:11:93:1d:71:ec:1f:33:d7:
                    2c:5f:61:da:34:70:73:74:92:0c:67:20:b0:f9:bd:
                    32:40:ae:47:ca:20:24:e6:ca:1b:63:d3:20:e0:d2:
                    56:9e:7e:59:87:a8:56:4e:1b:60:0d:75:3e:d5:92:
                    ee:05:78:24:5d:56:c0:9e:8b:f7:34:02:88:06:68:
                    38:1d:c1:2b:98:fb:33:7e:e9:c6:ac:b8:bc:c4:2c:
                    ec:77:ff:99:ca:e3:8a:5e:24:df:82:63:bf:00:2b:
                    0f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:6F:81:6A:5B:E3:44:D2:80:96:E4:DD:E3:37:81:57:56:32:9F:D4
            X509v3 Authority Key Identifier:
                keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/1W-BalvjRNKAluTd4zeBV1Yyn9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.107.128.0/21
                  185.173.156.0/24
                  185.173.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:1f:f0:b3:83:3b:c5:e6:e9:73:02:d0:45:94:54:b7:ad:93:
         b3:c7:88:f7:21:ec:28:0c:9f:1f:51:43:a8:8f:f7:eb:25:8a:
         4b:0f:65:b4:08:53:51:9f:d8:b9:0e:d2:b6:82:2e:dc:e2:9e:
         f2:64:e0:e7:90:a0:c4:4f:12:8a:79:1a:3a:32:13:23:05:8c:
         fd:da:47:32:c5:c2:60:04:e6:5b:2a:27:e6:f2:10:24:c9:8c:
         e2:eb:74:f5:71:fa:db:74:e0:e5:bf:c4:03:d2:c6:90:1b:d9:
         4e:6d:59:07:3b:3c:ac:fc:30:6f:be:3a:27:be:93:87:90:4f:
         3c:88:92:c3:ff:25:c7:ea:aa:07:33:aa:59:d2:de:5a:ae:e1:
         7a:0b:2b:77:67:bd:eb:f7:32:9b:82:e5:94:3c:f3:0f:43:b3:
         12:3c:fb:1e:27:96:61:b9:fe:96:5a:54:e2:a5:59:41:05:9a:
         97:b5:7d:3f:b9:19:05:df:24:23:b5:7c:c7:96:37:51:ef:8a:
         58:b4:d4:69:42:30:56:2f:20:67:cb:ec:c6:9c:1d:53:ab:e7:
         18:c0:85:8b:77:53:ca:ce:99:f4:1b:a5:e4:ee:88:c0:3a:f2:
         39:36:6c:58:30:4d:17:9e:65:d3:20:15:4a:d0:18:09:ce:4a:
         3a:7d:0e:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs3+oNCjhkbIOHj5QQYuActMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMxMDE2MTAxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTZmODE2YTViZTM0NGQyODA5NmU0ZGRlMzM3ODE1NzU2MzI5ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+TVs76vG9HTzeEhOITQFyi9dk/p
xyBnHLJY2PDnl4nki6BFrhjEHRE8imGCIVkTpi+nYS3LLmc6Eqhn2stR0f9PxRRF
ulOS087TYmgMJ4rC+pkUBzfLCBxBP4OGPKrM9Y9Bvhvsa8lb0tTWdee/UzVBOCI5
Py4LbLIjxtz38KRWZ6Y39ZLobIxQV4L3fp2j3Rdor/b9ADD1Uf2YEZMdcewfM9cs
X2HaNHBzdJIMZyCw+b0yQK5HyiAk5sobY9Mg4NJWnn5Zh6hWThtgDXU+1ZLuBXgk
XVbAnov3NAKIBmg4HcErmPszfunGrLi8xCzsd/+ZyuOKXiTfgmO/ACsPTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNVvgWpb40TSgJbk3eM3gVdWMp/UMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvMVctQmFsdmpSTktBbHVUZDR6ZUJWMVl5bjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQAeH/CzgzvF5ulzAtBFlFS3rZOz
x4j3IewoDJ8fUUOoj/frJYpLD2W0CFNRn9i5DtK2gi7c4p7yZODnkKDETxKKeRo6
MhMjBYz92kcyxcJgBOZbKifm8hAkyYzi63T1cfrbdODlv8QD0saQG9lObVkHOzys
/DBvvjonvpOHkE88iJLD/yXH6qoHM6pZ0t5aruF6Cyt3Z73r9zKbguWUPPMPQ7MS
PPseJ5Zhuf6WWlTipVlBBZqXtX0/uRkF3yQjtXzHljdR74pYtNRpQjBWLyBny+zG
nB1Tq+cYwIWLd1PKzpn0G6Xk7ojAOvI5NmxYME0XnmXTIBVK0BgJzko6fQ6h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:45 2024 by rpki-client on console-fra.rpki-client.org