Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa
File:                     VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa (raw, json)
Hash identifier:          GSe9f2ztsRA7Q88QbByOofUezG3ymkrprrPrLM+VvFs=
Subject key identifier:   55:6B:90:08:1E:27:AB:91:F8:77:B4:50:58:25:3B:3B:E7:C6:6F:9C
Certificate issuer:       /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial:       018E9A0F1B912AA15F188D60381B4639CD3F
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa
Signing time:             Mon 01 Apr 2024 14:27:45 +0000
ROA not before:           Mon 01 Apr 2024 14:27:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209737
IP address blocks:        93.190.12.0/24 maxlen: 24
                          109.236.51.0/24 maxlen: 24
                          160.20.109.0/24 maxlen: 24
                          185.86.6.0/24 maxlen: 24
                          185.243.181.0/24 maxlen: 24
                          193.160.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 14:40:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9a:0f:1b:91:2a:a1:5f:18:8d:60:38:1b:46:39:cd:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
        Validity
            Not Before: Apr  1 14:27:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=556b90081e27ab91f877b45058253b3be7c66f9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:e7:2d:61:9e:8d:90:09:a7:2b:71:d4:6e:da:
                    3c:93:8a:0a:6e:7b:08:76:f5:06:4f:53:10:52:8e:
                    e2:0b:fb:aa:22:35:9c:24:9b:01:3f:11:8e:1e:c6:
                    71:b1:76:77:c5:ba:a8:fa:d8:8f:ba:15:0d:7f:ca:
                    0e:fd:eb:9c:91:15:df:50:dc:51:39:04:a5:e8:45:
                    34:98:4f:aa:6c:4d:c4:36:a4:d7:59:76:df:e4:ac:
                    a0:d6:97:5b:36:07:ef:33:f9:7a:fd:63:1c:e8:05:
                    57:9d:6c:4c:1a:1c:71:3a:ad:92:9e:3b:8c:83:36:
                    a3:76:83:06:82:f7:35:76:89:4d:9e:80:a4:43:5e:
                    01:83:34:58:29:37:ba:28:fe:33:03:49:ac:d2:24:
                    2f:d2:21:79:55:cd:59:c5:a1:99:79:3c:80:2a:d5:
                    d7:16:d0:a6:31:9f:3a:02:dd:48:97:a1:28:8b:35:
                    9d:6e:f9:6e:79:57:0d:31:11:0b:7b:37:82:47:69:
                    23:9b:61:74:c9:9e:b2:f1:3e:60:27:26:6c:53:8f:
                    0d:7f:e2:e1:ee:b8:28:5d:fa:01:25:82:54:ef:b8:
                    6e:57:37:cd:46:3c:75:21:e2:14:01:e6:a4:ed:4e:
                    8b:e3:58:ec:c0:57:48:cc:f5:36:ce:b9:5a:43:af:
                    b4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:6B:90:08:1E:27:AB:91:F8:77:B4:50:58:25:3B:3B:E7:C6:6F:9C
            X509v3 Authority Key Identifier:
                keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.190.12.0/24
                  109.236.51.0/24
                  160.20.109.0/24
                  185.86.6.0/24
                  185.243.181.0/24
                  193.160.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:10:45:ad:70:56:ca:9d:24:9d:1f:c9:5d:51:af:d9:b0:06:
         90:7d:ce:4d:c9:4e:cf:a3:01:16:14:2e:81:ce:01:1c:bd:5a:
         cd:49:d7:c3:b0:3d:e2:fc:82:d5:5b:cf:ed:f1:df:16:06:43:
         d5:9c:0b:7a:3c:0d:d8:60:21:4c:a5:08:a6:5d:fe:fa:69:b0:
         dd:e3:45:e5:65:00:91:1d:78:c7:6e:f4:d6:31:a5:c5:60:71:
         24:40:10:9e:95:07:f1:77:94:f0:e7:9a:7a:9f:2e:4c:9e:32:
         0a:d3:e2:69:86:17:1c:93:96:de:49:57:7b:7e:fb:40:d4:42:
         0e:93:db:0a:07:59:d4:77:78:84:fc:d2:10:98:3c:c1:04:bc:
         d2:ef:da:de:a4:4f:59:f3:2b:bb:08:9e:bf:f4:3e:cf:02:f6:
         d5:47:c3:4d:25:03:8c:8c:b8:aa:f2:6a:f9:34:58:cd:fa:69:
         6d:30:2a:55:94:2f:c1:c9:b9:c5:25:16:66:68:db:85:59:bb:
         f4:da:ff:d1:c2:a2:30:b0:42:0f:2a:2f:82:c8:0f:97:2f:e8:
         af:60:19:7b:99:4a:24:4d:da:6b:6e:42:d0:32:f8:74:c3:31:
         59:91:36:91:7e:a8:90:1c:b9:49:91:97:4e:3d:62:52:14:c9:
         b2:37:55:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6aDxuRKqFfGI1gOBtGOc0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwNDAxMTQyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTZiOTAwODFlMjdhYjkxZjg3N2I0NTA1ODI1M2IzYmU3YzY2ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhectYZ6NkAmnK3HUbto8k4oKbnsI
dvUGT1MQUo7iC/uqIjWcJJsBPxGOHsZxsXZ3xbqo+tiPuhUNf8oO/euckRXfUNxR
OQSl6EU0mE+qbE3ENqTXWXbf5Kyg1pdbNgfvM/l6/WMc6AVXnWxMGhxxOq2SnjuM
gzajdoMGgvc1dolNnoCkQ14BgzRYKTe6KP4zA0ms0iQv0iF5Vc1ZxaGZeTyAKtXX
FtCmMZ86At1Il6EoizWdbvlueVcNMRELezeCR2kjm2F0yZ6y8T5gJyZsU48Nf+Lh
7rgoXfoBJYJU77huVzfNRjx1IeIUAeak7U6L41jswFdIzPU2zrlaQ6+0BwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFVrkAgeJ6uR+He0UFglOzvnxm+cMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvVld1UUNCNG5xNUg0ZDdSUVdDVTdPLWZHYjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXb4MAwQA
bewzAwQAoBRtAwQAuVYGAwQAufO1AwQAwaCPMA0GCSqGSIb3DQEBCwUAA4IBAQBn
EEWtcFbKnSSdH8ldUa/ZsAaQfc5NyU7PowEWFC6BzgEcvVrNSdfDsD3i/ILVW8/t
8d8WBkPVnAt6PA3YYCFMpQimXf76abDd40XlZQCRHXjHbvTWMaXFYHEkQBCelQfx
d5Tw55p6ny5MnjIK0+Jphhcck5beSVd7fvtA1EIOk9sKB1nUd3iE/NIQmDzBBLzS
79repE9Z8yu7CJ6/9D7PAvbVR8NNJQOMjLiq8mr5NFjN+mltMCpVlC/BybnFJRZm
aNuFWbv02v/RwqIwsEIPKi+CyA+XL+ivYBl7mUokTdprbkLQMvh0wzFZkTaRfqiQ
HLlJkZdOPWJSFMmyN1UR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org