Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WYoxBZKUPbe64MTtIn0i85gY5qw.roa
File:                     WYoxBZKUPbe64MTtIn0i85gY5qw.roa (raw, json)
Hash identifier:          16NXVfJ0iaHFhN5oUSR5CSqvuxDjuaa9lOFZcTAY+PA=
Subject key identifier:   59:8A:31:05:92:94:3D:B7:BA:E0:C4:ED:22:7D:22:F3:98:18:E6:AC
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0189CF0D8C85A5FA8959E5719BDD8A81542E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WYoxBZKUPbe64MTtIn0i85gY5qw.roa
Signing time:             Mon 07 Aug 2023 08:11:58 +0000
ROA not before:           Mon 07 Aug 2023 08:11:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197644
IP address blocks:        84.32.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 08:15:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:0d:8c:85:a5:fa:89:59:e5:71:9b:dd:8a:81:54:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Aug  7 08:11:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=598a310592943db7bae0c4ed227d22f39818e6ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:96:fb:f2:cb:40:64:fb:f1:c5:97:48:a1:9b:
                    14:9e:83:ab:c3:3b:9f:76:1c:03:f7:52:2e:7a:6f:
                    64:5f:6c:33:74:d4:0f:7c:50:f0:77:d1:1b:e8:00:
                    88:2d:ea:d3:6d:94:53:a7:19:f2:cb:e9:cc:b7:8f:
                    4a:04:cb:78:38:27:f3:29:a2:90:04:58:f5:cd:70:
                    49:ac:72:05:fd:b4:8a:c6:08:b6:f3:0b:16:b5:96:
                    30:d8:35:db:5e:78:44:ae:5e:3a:af:86:44:d2:ae:
                    4a:16:72:50:be:a5:61:3f:4a:83:96:f8:66:36:f4:
                    85:89:2a:11:2c:0b:16:c6:eb:f8:91:ce:16:cf:0f:
                    25:3b:b2:e7:8a:8a:48:aa:db:c0:94:b2:e8:65:48:
                    93:64:d6:41:43:75:33:13:2a:95:78:eb:93:80:d8:
                    8c:1a:e5:85:96:5d:ff:1c:7b:a7:32:6e:31:dd:28:
                    58:eb:19:c9:b4:19:88:9e:52:b6:71:d8:2c:f1:61:
                    e2:52:fa:81:3d:b2:53:5c:50:d5:4e:fa:97:64:ee:
                    16:7d:f3:e6:81:e3:e6:5e:3f:79:f7:5f:b9:81:c1:
                    b5:88:47:d7:4a:5a:6e:1d:c7:9a:d8:ea:48:69:ec:
                    a9:3e:ca:50:51:42:e7:b1:91:67:32:cf:48:25:d2:
                    e9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:8A:31:05:92:94:3D:B7:BA:E0:C4:ED:22:7D:22:F3:98:18:E6:AC
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WYoxBZKUPbe64MTtIn0i85gY5qw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:98:b6:48:12:67:0b:50:c8:32:4e:61:e8:6e:c0:15:1b:b2:
         d3:cb:e8:a2:88:a5:8a:82:14:53:5d:7a:45:48:00:97:1d:2a:
         26:88:c5:f3:0e:a2:54:24:fe:6c:f1:b2:20:fd:29:eb:59:90:
         3c:79:3f:3c:df:91:56:30:fe:75:ba:94:20:1b:a3:12:fd:bf:
         f7:ff:b6:fa:95:c7:b8:f8:35:9f:f2:d2:0f:d8:bd:33:37:62:
         e7:56:42:ff:26:97:1d:5a:99:17:09:79:f8:6e:25:63:93:4b:
         2a:a6:70:a9:d1:36:ef:97:e1:bd:ea:c6:46:ab:1a:5a:42:e0:
         ec:b7:d2:c2:1a:92:cb:65:36:b4:da:70:21:6c:25:13:45:3c:
         68:35:63:9f:52:6f:91:db:a9:2d:81:85:47:b1:5e:a0:31:6a:
         18:e5:fd:b8:64:85:a4:6d:c3:ba:26:54:5f:ae:41:b2:40:c2:
         c5:f7:de:31:8c:de:50:a9:cd:5e:bc:16:e7:ac:a9:b9:ab:f5:
         cf:f8:0c:e6:09:9a:fb:f4:88:cd:cb:db:d5:27:1a:32:8d:20:
         02:2c:b4:a7:8f:6e:de:73:b9:19:dd:d5:50:fa:e8:bf:1a:9f:
         c5:cc:5b:43:99:6c:c5:1d:69:4c:14:be:28:0a:4b:e7:03:4f:
         4c:7b:7f:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnPDYyFpfqJWeVxm92KgVQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODA3MDgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThhMzEwNTkyOTQzZGI3YmFlMGM0ZWQyMjdkMjJmMzk4MThlNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJb78stAZPvxxZdIoZsUnoOrwzuf
dhwD91Iuem9kX2wzdNQPfFDwd9Eb6ACILerTbZRTpxnyy+nMt49KBMt4OCfzKaKQ
BFj1zXBJrHIF/bSKxgi28wsWtZYw2DXbXnhErl46r4ZE0q5KFnJQvqVhP0qDlvhm
NvSFiSoRLAsWxuv4kc4Wzw8lO7LniopIqtvAlLLoZUiTZNZBQ3UzEyqVeOuTgNiM
GuWFll3/HHunMm4x3ShY6xnJtBmInlK2cdgs8WHiUvqBPbJTXFDVTvqXZO4WffPm
gePmXj9591+5gcG1iEfXSlpuHcea2OpIaeypPspQUULnsZFnMs9IJdLplQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmKMQWSlD23uuDE7SJ9IvOYGOasMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV1lveEJaS1VQYmU2NE1UdEluMGk4NWdZNXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCCbMA0G
CSqGSIb3DQEBCwUAA4IBAQAAmLZIEmcLUMgyTmHobsAVG7LTy+iiiKWKghRTXXpF
SACXHSomiMXzDqJUJP5s8bIg/SnrWZA8eT8835FWMP51upQgG6MS/b/3/7b6lce4
+DWf8tIP2L0zN2LnVkL/JpcdWpkXCXn4biVjk0sqpnCp0Tbvl+G96sZGqxpaQuDs
t9LCGpLLZTa02nAhbCUTRTxoNWOfUm+R26ktgYVHsV6gMWoY5f24ZIWkbcO6JlRf
rkGyQMLF994xjN5Qqc1evBbnrKm5q/XP+AzmCZr79IjNy9vVJxoyjSACLLSnj27e
c7kZ3dVQ+ui/Gp/FzFtDmWzFHWlMFL4oCkvnA09Me3+2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org