Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/whpkKObZX1sEjqpnqc2s9prvEcg.roa
File:                     whpkKObZX1sEjqpnqc2s9prvEcg.roa (raw, json)
Hash identifier:          nD0sFJC0VmZF7I7x8dTQNtHGR6dX1W4rZ0xaqLsnBFQ=
Subject key identifier:   C2:1A:64:28:E6:D9:5F:5B:04:8E:AA:67:A9:CD:AC:F6:9A:EF:11:C8
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       018572CC9367346979DF79AA4BCD3287685E
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/whpkKObZX1sEjqpnqc2s9prvEcg.roa
Signing time:             Mon 02 Jan 2023 14:04:47 +0000
ROA not before:           Mon 02 Jan 2023 14:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14537
IP address blocks:        91.206.144.0/23 maxlen: 24
                          193.28.159.0/24 maxlen: 24
                          91.223.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:93:67:34:69:79:df:79:aa:4b:cd:32:87:68:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  2 14:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c21a6428e6d95f5b048eaa67a9cdacf69aef11c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:fe:ed:46:23:9d:03:15:de:89:45:17:45:4f:
                    35:f9:c2:65:86:47:4d:ea:59:c8:44:87:48:26:a5:
                    06:de:e9:06:3c:9b:1a:21:5b:18:4c:c8:9c:1c:48:
                    a9:bc:85:f8:3d:f7:e2:bf:0a:05:2e:a8:e4:57:76:
                    4f:b6:e8:8e:3e:9c:d5:22:00:31:8a:81:d5:bf:33:
                    c1:d1:79:74:56:eb:6e:87:c0:ca:7e:f7:f6:3b:e1:
                    85:a5:b5:b6:d4:84:00:67:f6:79:61:e7:d1:b9:89:
                    5e:71:de:af:16:9a:c0:61:df:cf:ae:a4:1b:0d:66:
                    63:25:5a:31:50:d4:58:31:2e:c3:f9:db:12:4f:8f:
                    69:1c:68:9c:4b:8b:43:6e:ce:b1:fa:3f:13:5d:b6:
                    6f:8b:53:61:da:7a:0b:29:e0:6f:ed:f1:33:68:cf:
                    48:b4:7c:39:82:34:51:2b:24:4b:3e:ad:59:e6:23:
                    f2:a4:8c:b1:4f:af:54:1a:fc:d9:c5:7c:99:ee:59:
                    ac:ad:52:65:84:e4:2e:8b:d1:c4:32:cc:5e:3d:66:
                    3f:99:6e:24:9e:50:4e:62:53:d1:ae:bd:2f:04:9e:
                    a3:d1:2f:d8:c6:12:b9:4a:14:79:8c:bc:c5:eb:7f:
                    78:9e:12:b0:4c:c6:96:fe:f4:7d:18:45:0f:8c:c8:
                    05:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:1A:64:28:E6:D9:5F:5B:04:8E:AA:67:A9:CD:AC:F6:9A:EF:11:C8
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/whpkKObZX1sEjqpnqc2s9prvEcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.144.0/23
                  91.223.161.0/24
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:12:d1:a2:c1:0b:d8:d4:ec:51:7d:54:db:d5:b9:4f:2c:52:
         73:ed:c7:20:90:73:69:40:f5:33:c4:b7:7a:66:62:4a:70:21:
         7d:78:16:fe:a9:48:08:fa:8b:86:06:61:ec:c4:92:b2:a7:6c:
         1a:dc:0e:2a:b1:ea:d3:bc:05:e7:a2:6f:f7:11:b8:06:ec:75:
         dc:f8:25:25:0a:c9:92:89:55:de:5b:47:f9:4b:d4:8d:1d:e8:
         71:7c:5f:75:38:8f:ca:f0:f5:c0:94:12:f9:cd:80:87:38:c2:
         2f:fd:9e:e8:f8:14:73:d0:3b:56:37:ec:dc:f1:bc:43:c1:ca:
         e3:b6:9c:92:0b:13:22:ef:fb:0f:40:8f:ff:7b:d8:d4:e7:cf:
         8e:a3:f2:d3:65:f3:04:71:76:d0:af:6d:09:11:a3:d3:3a:fd:
         3b:94:61:27:c6:8f:d6:3d:e0:8a:26:75:3f:dc:e5:ea:86:40:
         c5:cd:3d:73:dc:9c:7a:a5:c1:72:83:ae:02:93:e6:36:47:8c:
         ff:52:93:66:ad:6d:07:c4:9f:fd:a4:da:54:18:55:3b:9d:b5:
         2f:d7:53:5b:3a:59:eb:87:80:6b:e4:23:88:bb:ef:ed:cf:76:
         83:d4:03:ce:e5:a6:a5:a9:92:24:f0:97:5a:78:4d:56:a1:f1:
         48:5f:0f:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyzJNnNGl533mqS80yh2heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjMwMTAyMTQwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFhNjQyOGU2ZDk1ZjViMDQ4ZWFhNjdhOWNkYWNmNjlhZWYxMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf7tRiOdAxXeiUUXRU81+cJlhkdN
6lnIRIdIJqUG3ukGPJsaIVsYTMicHEipvIX4PffivwoFLqjkV3ZPtuiOPpzVIgAx
ioHVvzPB0Xl0Vutuh8DKfvf2O+GFpbW21IQAZ/Z5YefRuYlecd6vFprAYd/PrqQb
DWZjJVoxUNRYMS7D+dsST49pHGicS4tDbs6x+j8TXbZvi1Nh2noLKeBv7fEzaM9I
tHw5gjRRKyRLPq1Z5iPypIyxT69UGvzZxXyZ7lmsrVJlhOQui9HEMsxePWY/mW4k
nlBOYlPRrr0vBJ6j0S/YxhK5ShR5jLzF6394nhKwTMaW/vR9GEUPjMgFCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMIaZCjm2V9bBI6qZ6nNrPaa7xHIMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvd2hwa0tPYlpYMXNFanFwbnFjMnM5cHJ2RWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW86QAwQA
W9+hAwQAwRyfMA0GCSqGSIb3DQEBCwUAA4IBAQByEtGiwQvY1OxRfVTb1blPLFJz
7ccgkHNpQPUzxLd6ZmJKcCF9eBb+qUgI+ouGBmHsxJKyp2wa3A4qserTvAXnom/3
EbgG7HXc+CUlCsmSiVXeW0f5S9SNHehxfF91OI/K8PXAlBL5zYCHOMIv/Z7o+BRz
0DtWN+zc8bxDwcrjtpySCxMi7/sPQI//e9jU58+Oo/LTZfMEcXbQr20JEaPTOv07
lGEnxo/WPeCKJnU/3OXqhkDFzT1z3Jx6pcFyg64Ck+Y2R4z/UpNmrW0HxJ/9pNpU
GFU7nbUv11NbOlnrh4Br5COIu+/tz3aD1APO5aalqZIk8JdaeE1WofFIXw8J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:51 2024 by rpki-client on console-fra.rpki-client.org