Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wIqNpsLF3qC4sVdVHpgwicRuwVY.roa
File:                     wIqNpsLF3qC4sVdVHpgwicRuwVY.roa (raw, json)
Hash identifier:          MDQRTnFY+uRg4/na1xCe3iz4rVhuEovVIGYTO5EPKpc=
Subject key identifier:   C0:8A:8D:A6:C2:C5:DE:A0:B8:B1:57:55:1E:98:30:89:C4:6E:C1:56
Certificate issuer:       /CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Certificate serial:       018751B209A58004753BA07B6046A4FA166F
Authority key identifier: B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wIqNpsLF3qC4sVdVHpgwicRuwVY.roa
Signing time:             Wed 05 Apr 2023 13:53:54 +0000
ROA not before:           Wed 05 Apr 2023 13:53:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        132.74.189.0/24 maxlen: 24
                          132.74.0.0/16 maxlen: 16
                          132.75.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Sun 07 May 2023 14:28:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:51:b2:09:a5:80:04:75:3b:a0:7b:60:46:a4:fa:16:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
        Validity
            Not Before: Apr  5 13:53:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c08a8da6c2c5dea0b8b157551e983089c46ec156
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7e:eb:33:5f:08:8e:d5:64:98:ee:f5:46:6e:
                    5c:33:f7:a0:d6:fc:b4:71:cb:2b:4b:12:85:fe:dc:
                    dc:1f:54:d6:25:1e:13:96:73:6f:fc:35:5d:ed:bb:
                    4f:ce:f9:04:44:d6:a8:fd:9c:96:b2:e4:d8:cc:11:
                    86:7f:25:13:78:e1:9c:ec:48:e8:d6:d1:3f:90:22:
                    6a:45:a2:c7:9f:3c:65:c6:e9:e6:48:b8:80:b6:df:
                    63:e7:e8:e1:57:4c:f9:b4:49:35:ee:f0:fb:2e:b8:
                    58:58:7f:d5:61:5e:f7:e2:28:e6:8e:6b:da:f6:97:
                    51:9f:ce:21:c4:22:bb:46:c7:6a:31:be:81:6b:65:
                    7e:7c:f2:80:56:93:9c:13:e1:2c:d5:2d:99:18:a5:
                    df:7e:a0:0e:48:33:4c:9c:32:0b:39:1a:29:d3:60:
                    5f:d2:db:14:c1:d8:c9:43:6c:2c:b3:5c:ec:6c:2a:
                    cf:d0:00:0d:e8:77:3c:4d:30:73:ee:b5:4f:0c:72:
                    55:e9:57:2f:24:39:a6:1a:d2:e9:8a:52:d1:54:9a:
                    14:6d:ce:b2:f5:be:6e:0e:09:d0:4e:c1:2c:a9:b5:
                    a5:e7:04:89:f5:6e:d6:4d:3d:16:25:45:07:42:6d:
                    74:96:f2:82:7b:b7:7a:08:7b:62:ae:d4:2e:de:18:
                    a7:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:8A:8D:A6:C2:C5:DE:A0:B8:B1:57:55:1E:98:30:89:C4:6E:C1:56
            X509v3 Authority Key Identifier:
                keyid:B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wIqNpsLF3qC4sVdVHpgwicRuwVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/uNJRxL_VJtoGLUzir1a25G6SURc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.74.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         03:85:f1:0f:e9:96:25:12:da:33:9c:95:e8:55:e2:1f:4b:9f:
         d6:b2:60:74:35:0c:8e:4b:9b:f8:2d:41:a6:e5:5a:dd:98:1a:
         21:be:0f:11:9b:b7:f8:54:5a:e1:ab:82:4a:fc:aa:11:84:fb:
         2a:e5:52:60:cb:bc:fc:9b:08:5e:5b:4e:00:39:bb:2f:2e:f9:
         2f:ad:ca:67:78:23:95:72:7a:63:04:17:20:1b:1a:b9:c9:ee:
         fd:34:aa:8c:1c:24:16:91:43:f8:1a:a0:8e:69:33:ce:5d:98:
         76:72:0f:e6:55:8c:2e:9b:cd:f5:9a:16:89:eb:10:b1:4d:e1:
         7d:5b:8e:4b:f7:4f:b9:8b:b5:b3:28:8e:c4:09:39:c3:8c:c7:
         8a:ae:ac:a8:23:4e:a3:f6:25:35:58:c5:c6:7a:f3:ed:12:d6:
         2d:29:35:a7:5e:c8:50:ea:0f:9a:fc:bd:b9:c8:64:66:53:fb:
         a0:27:cd:57:04:47:9f:85:25:d4:84:fd:3a:fc:00:1b:29:df:
         56:3a:a2:57:4a:24:37:e0:9c:3b:2c:cf:6d:6b:0d:f5:5b:d7:
         bd:96:29:87:44:a6:ca:10:1f:ef:df:0c:ff:73:7f:5f:34:ea:
         8a:fd:e8:d3:e7:b3:23:9b:9e:6d:e5:df:f7:93:2e:bf:62:3b:
         25:0b:7d:0b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRsgmlgAR1O6B7YEak+hZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDI1MWM0YmZkNTI2ZGEwNjJkNGNlMmFmNTZiNmU0NmU5
MjUxMTcwHhcNMjMwNDA1MTM1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDhhOGRhNmMyYzVkZWEwYjhiMTU3NTUxZTk4MzA4OWM0NmVjMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr37rM18IjtVkmO71Rm5cM/eg1vy0
ccsrSxKF/tzcH1TWJR4TlnNv/DVd7btPzvkERNao/ZyWsuTYzBGGfyUTeOGc7Ejo
1tE/kCJqRaLHnzxlxunmSLiAtt9j5+jhV0z5tEk17vD7LrhYWH/VYV734ijmjmva
9pdRn84hxCK7RsdqMb6Ba2V+fPKAVpOcE+Es1S2ZGKXffqAOSDNMnDILORop02Bf
0tsUwdjJQ2wss1zsbCrP0AAN6Hc8TTBz7rVPDHJV6VcvJDmmGtLpilLRVJoUbc6y
9b5uDgnQTsEsqbWl5wSJ9W7WTT0WJUUHQm10lvKCe7d6CHtirtQu3hin6wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMCKjabCxd6guLFXVR6YMInEbsFWMB8GA1UdIwQY
MBaAFLjSUcS/1SbaBi1M4q9WtuRuklEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAt
NDJiM2Q2OGI1Njc2LzEvd0lxTnBzTEYzcUM0c1ZkVkhwZ3dpY1J1d1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAtNDJiM2Q2OGI1Njc2
LzEvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEowDQYJ
KoZIhvcNAQELBQADggEBAAOF8Q/pliUS2jOclehV4h9Ln9ayYHQ1DI5Lm/gtQabl
Wt2YGiG+DxGbt/hUWuGrgkr8qhGE+yrlUmDLvPybCF5bTgA5uy8u+S+tymd4I5Vy
emMEFyAbGrnJ7v00qowcJBaRQ/gaoI5pM85dmHZyD+ZVjC6bzfWaFonrELFN4X1b
jkv3T7mLtbMojsQJOcOMx4qurKgjTqP2JTVYxcZ68+0S1i0pNadeyFDqD5r8vbnI
ZGZT+6AnzVcER5+FJdSE/Tr8ABsp31Y6oldKJDfgnDssz21rDfVb172WKYdEpsoQ
H+/fDP9zf1806or96NPnsyObnm3l3/eTLr9iOyULfQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:46 2024 by rpki-client on console-ams.rpki-client.org