Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa
File:                     Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa (raw, json)
Hash identifier:          sI1v0nPWlRiDrV+2GpKSMbS9BwnyY7q4/b3dot0/pPc=
Subject key identifier:   5A:5E:6E:41:4D:1B:3D:52:7E:AE:06:CE:20:5B:B1:88:D1:BA:E2:DA
Certificate issuer:       /CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Certificate serial:       01856EAFC5A0C8EFB11A7C18B28B10EF01E3
Authority key identifier: F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa
Signing time:             Sun 01 Jan 2023 18:54:51 +0000
ROA not before:           Sun 01 Jan 2023 18:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49206
IP address blocks:        185.24.175.0/24 maxlen: 24
                          2a00:6fa0::/32 maxlen: 32
                          2a00:6fa0:3100::/40 maxlen: 40
                          2a00:6fa0:4200::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:af:c5:a0:c8:ef:b1:1a:7c:18:b2:8b:10:ef:01:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
        Validity
            Not Before: Jan  1 18:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a5e6e414d1b3d527eae06ce205bb188d1bae2da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:c7:65:b9:6b:e4:4c:fe:ff:1a:c3:55:09:06:
                    93:7c:80:66:f7:20:d4:fe:ef:fb:62:fd:73:9c:b9:
                    3e:1a:02:73:01:57:ec:1d:cb:24:f4:8d:77:6c:5a:
                    4d:4f:2b:fe:01:71:65:45:02:df:ac:08:03:39:10:
                    33:61:00:5c:4b:2a:de:49:58:21:7e:f5:d1:2e:fa:
                    6f:84:fa:91:ea:1b:05:1e:79:77:48:aa:2f:b5:c7:
                    6b:50:3d:57:ce:0b:92:1f:a2:cf:ab:11:26:4d:1e:
                    2a:0f:9f:40:18:f3:d6:9c:d8:48:e0:84:c0:62:28:
                    08:26:ec:63:6b:8b:a8:0a:ae:6a:c1:d7:3e:e7:d4:
                    03:70:f6:6e:39:a7:1c:e3:bf:df:41:fd:30:70:dc:
                    a8:4e:24:43:88:e9:f6:71:aa:c9:79:3c:9b:32:d3:
                    78:c9:33:17:4c:b3:4f:2b:be:40:05:bb:de:3d:97:
                    97:93:02:ca:cd:e2:6e:50:09:27:14:df:93:a9:56:
                    dd:f4:03:c6:05:6e:36:9f:c7:cd:d2:87:66:40:14:
                    4e:03:4a:45:e1:b8:0a:1b:e1:13:cc:2d:94:6c:28:
                    95:0d:e2:3d:e0:0a:dd:87:aa:ac:19:e1:8e:fb:05:
                    f5:17:50:2a:0a:2b:6c:4d:ba:6f:36:2a:31:89:7f:
                    4e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:5E:6E:41:4D:1B:3D:52:7E:AE:06:CE:20:5B:B1:88:D1:BA:E2:DA
            X509v3 Authority Key Identifier:
                keyid:F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.175.0/24
                IPv6:
                  2a00:6fa0::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:13:6b:66:f1:03:d8:3d:1d:61:cd:a5:47:9e:92:ad:3b:ea:
         46:f6:af:27:d1:5c:13:64:72:5c:a6:08:bc:f3:28:10:88:5c:
         b5:df:86:0c:4d:5d:7f:31:d4:24:67:7d:c3:b3:0e:a3:0b:54:
         78:8b:03:ac:c1:eb:9d:d9:7d:72:6b:2c:ab:04:e9:7e:f2:3f:
         2d:23:7c:c3:29:76:ed:90:0c:42:42:1c:12:fb:36:25:15:32:
         2a:f8:77:d1:59:7b:0e:a3:9c:9c:c6:51:94:20:92:37:9a:0a:
         00:d9:30:a3:02:76:04:0b:c5:d7:6d:05:96:8c:98:e1:c4:49:
         63:16:ef:d0:2a:c8:30:1a:b9:8d:10:61:25:5e:df:cb:cb:ce:
         88:9d:4e:5a:69:01:08:4b:b4:54:2f:ac:7e:ac:77:85:21:46:
         a0:49:4e:36:25:ea:18:85:62:73:15:54:87:f7:02:03:46:2c:
         66:da:79:22:f8:22:88:90:79:8f:58:53:dc:39:45:da:cf:77:
         eb:52:bb:6c:3e:bc:fe:a7:78:5f:b9:61:c1:48:8b:35:94:48:
         f7:ec:6a:fa:36:63:6a:ae:0f:13:4e:a0:f7:41:11:bf:fa:d7:
         6b:88:ce:44:22:7a:17:da:b4:60:00:d2:72:cf:6d:12:51:7c:
         ec:c6:f7:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur8WgyO+xGnwYsosQ7wHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MmIwODRmOWI5Yzk4Y2ZkOTA0MTBiODMwNWNjNmNiNDZk
Y2NlZDgwHhcNMjMwMTAxMTg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTVlNmU0MTRkMWIzZDUyN2VhZTA2Y2UyMDViYjE4OGQxYmFlMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMdluWvkTP7/GsNVCQaTfIBm9yDU
/u/7Yv1znLk+GgJzAVfsHcsk9I13bFpNTyv+AXFlRQLfrAgDORAzYQBcSyreSVgh
fvXRLvpvhPqR6hsFHnl3SKovtcdrUD1XzguSH6LPqxEmTR4qD59AGPPWnNhI4ITA
YigIJuxja4uoCq5qwdc+59QDcPZuOacc47/fQf0wcNyoTiRDiOn2carJeTybMtN4
yTMXTLNPK75ABbvePZeXkwLKzeJuUAknFN+TqVbd9APGBW42n8fN0odmQBROA0pF
4bgKG+ETzC2UbCiVDeI94Ardh6qsGeGO+wX1F1AqCitsTbpvNioxiX9OvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpebkFNGz1Sfq4GziBbsYjRuuLaMB8GA1UdIwQY
MBaAFPQrCE+bnJjP2QQQuDBcxstG3M7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAt
NmE5Y2Q5NDIwMmZmLzEvV2w1dVFVMGJQVkotcmdiT0lGdXhpTkc2NHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAtNmE5Y2Q5NDIwMmZm
LzEvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRivMA0E
AgACMAcDBQAqAG+gMA0GCSqGSIb3DQEBCwUAA4IBAQARE2tm8QPYPR1hzaVHnpKt
O+pG9q8n0VwTZHJcpgi88ygQiFy134YMTV1/MdQkZ33Dsw6jC1R4iwOsweud2X1y
ayyrBOl+8j8tI3zDKXbtkAxCQhwS+zYlFTIq+HfRWXsOo5ycxlGUIJI3mgoA2TCj
AnYEC8XXbQWWjJjhxEljFu/QKsgwGrmNEGElXt/Ly86InU5aaQEIS7RUL6x+rHeF
IUagSU42JeoYhWJzFVSH9wIDRixm2nki+CKIkHmPWFPcOUXaz3frUrtsPrz+p3hf
uWHBSIs1lEj37Gr6NmNqrg8TTqD3QRG/+tdriM5EInoX2rRgANJyz20SUXzsxvcH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:18 2024 by rpki-client on console-fra.rpki-client.org