Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/wD-AqaQxeid2Cla8tj1LspqLmSU.roa
File:                     wD-AqaQxeid2Cla8tj1LspqLmSU.roa (raw, json)
Hash identifier:          r2kf0sQusxIT3TNI53LTU76Aq+KifNgaEhXD7JpB/MI=
Subject key identifier:   C0:3F:80:A9:A4:31:7A:27:76:0A:56:BC:B6:3D:4B:B2:9A:8B:99:25
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       018572CC9573CBCF05F7AA4420F934EEEA14
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/wD-AqaQxeid2Cla8tj1LspqLmSU.roa
Signing time:             Mon 02 Jan 2023 14:04:48 +0000
ROA not before:           Mon 02 Jan 2023 14:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47856
IP address blocks:        91.206.144.0/23 maxlen: 24
                          193.28.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:95:73:cb:cf:05:f7:aa:44:20:f9:34:ee:ea:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  2 14:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c03f80a9a4317a27760a56bcb63d4bb29a8b9925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:08:44:58:ec:28:fe:39:2c:41:16:a8:50:a1:
                    b9:54:6b:8b:7b:f2:75:66:ee:3a:ec:1e:da:a5:29:
                    a2:95:cd:8b:ce:9a:5d:14:e9:1e:75:00:77:46:3c:
                    ff:25:83:7f:7e:02:30:45:87:68:11:29:98:2d:32:
                    db:4b:c7:6f:43:8f:fd:b8:1b:70:04:76:a6:d4:37:
                    05:6d:11:4d:da:e2:45:fb:7f:2f:24:8c:af:26:7a:
                    f1:02:32:a4:3a:28:95:d2:5e:0e:53:c9:f9:74:b3:
                    0f:3f:80:ba:4c:90:d7:98:9b:10:d1:48:f2:2a:59:
                    9c:14:c9:d3:50:ad:53:12:e0:02:78:1f:d5:55:1e:
                    16:d2:b9:2c:d7:10:51:48:b8:a9:07:6d:48:c9:cf:
                    8d:19:fb:94:7b:10:6f:94:4d:8f:9e:07:45:13:40:
                    ca:51:10:75:7e:eb:d8:6c:76:0f:fc:93:3d:74:2e:
                    b0:d7:17:3e:f0:28:73:b6:a0:e0:13:23:c7:f0:61:
                    5d:ee:ac:47:02:95:e5:fe:9b:08:d4:e1:04:e0:89:
                    a1:07:93:1d:24:c3:41:50:c6:e7:08:c8:b4:b7:75:
                    04:1c:90:ee:87:36:fc:9c:4a:38:ba:d5:d0:d1:76:
                    e9:ee:06:b4:2b:61:f3:65:d2:23:0d:df:52:21:b2:
                    c9:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:3F:80:A9:A4:31:7A:27:76:0A:56:BC:B6:3D:4B:B2:9A:8B:99:25
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/wD-AqaQxeid2Cla8tj1LspqLmSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.144.0/23
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:30:d2:39:e3:5c:8d:9d:44:35:e3:b4:dc:62:01:1f:c2:ef:
         3b:a6:7a:7f:ca:b0:6a:1d:cd:73:87:fb:a7:26:7a:e1:fb:66:
         05:60:12:00:db:9b:80:db:ab:0e:1a:b3:61:c5:d8:a2:ee:45:
         ef:c4:cf:11:12:d6:58:51:4b:f9:6e:aa:bb:00:78:b7:b7:17:
         1d:31:4a:32:27:54:7c:e0:a3:60:10:a9:7d:98:75:91:ac:a2:
         09:67:83:98:69:de:b4:e1:43:8d:b6:f6:d1:f9:0a:5b:43:f4:
         0a:25:c8:8d:2b:7b:ca:77:d3:45:d9:f3:a5:bf:db:32:1e:7c:
         57:28:58:26:f8:e7:76:49:2e:c6:27:80:25:80:27:25:96:69:
         ad:b0:2e:21:16:2c:3d:f5:6f:c9:3f:7c:1c:36:85:4b:d7:e8:
         6b:32:cf:09:6f:11:24:e6:79:28:db:3c:51:e2:89:16:32:b4:
         49:4c:b0:af:f6:54:0e:47:6c:eb:b6:e7:01:26:e7:d3:3a:fa:
         29:bb:92:83:42:b6:dc:b9:6b:be:82:91:b3:07:b7:8e:64:f2:
         a4:d9:ba:7d:a8:48:f7:40:d3:f5:32:ab:24:f9:ef:a2:fd:b4:
         62:d6:7b:9c:fa:ff:74:62:c6:47:46:93:2d:7a:8f:70:5b:6f:
         d7:da:eb:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzJVzy88F96pEIPk07uoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjMwMTAyMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNmODBhOWE0MzE3YTI3NzYwYTU2YmNiNjNkNGJiMjlhOGI5OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAughEWOwo/jksQRaoUKG5VGuLe/J1
Zu467B7apSmilc2LzppdFOkedQB3Rjz/JYN/fgIwRYdoESmYLTLbS8dvQ4/9uBtw
BHam1DcFbRFN2uJF+38vJIyvJnrxAjKkOiiV0l4OU8n5dLMPP4C6TJDXmJsQ0Ujy
KlmcFMnTUK1TEuACeB/VVR4W0rks1xBRSLipB21Iyc+NGfuUexBvlE2PngdFE0DK
URB1fuvYbHYP/JM9dC6w1xc+8ChztqDgEyPH8GFd7qxHApXl/psI1OEE4ImhB5Md
JMNBUMbnCMi0t3UEHJDuhzb8nEo4utXQ0Xbp7ga0K2HzZdIjDd9SIbLJrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMA/gKmkMXondgpWvLY9S7Kai5klMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvd0QtQXFhUXhlaWQyQ2xhOHRqMUxzcHFMbVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW86QAwQA
wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQAaMNI541yNnUQ147TcYgEfwu87pnp/yrBq
Hc1zh/unJnrh+2YFYBIA25uA26sOGrNhxdii7kXvxM8REtZYUUv5bqq7AHi3txcd
MUoyJ1R84KNgEKl9mHWRrKIJZ4OYad604UONtvbR+QpbQ/QKJciNK3vKd9NF2fOl
v9syHnxXKFgm+Od2SS7GJ4AlgCcllmmtsC4hFiw99W/JP3wcNoVL1+hrMs8JbxEk
5nko2zxR4okWMrRJTLCv9lQOR2zrtucBJufTOvopu5KDQrbcuWu+gpGzB7eOZPKk
2bp9qEj3QNP1Mqsk+e+i/bRi1nuc+v90YsZHRpMteo9wW2/X2utT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org